GNU Rush
	Restricted User Shell	Sergey Poznyakoff

• Main
• Downloads
• Documentation

2 Operation

GNU Rush is usually installed as a user shell. When a user connects to the server (e.g. by using using SSH protocol), the shell binary, rush, is executed. GNU Rush must be called with exactly two arguments: the -c command line option and a command line to be executed on the host machine¹. If wrong arguments are supplied, the shell aborts.

The third argument to rush supplies a command line to be executed. That command line, shell environment for its execution and the password database entry for the user who executes rush are said to form a request.

After startup, rush reads a set of rules from its configuration file. Each rule consists of matching conditions and actions. Conditions decide whether the request matches the rule. They can include regular expression matching against entire command line or particular words thereof, comparisons of user name or group,, etc. If all conditions match the request, actions are executed. Actions can instruct rush to:

• Modify the command line;
• Impose resource limits;
• Set umask;
• Change current working directory;
• Modify the execution environment;
• Run command in a special root directory (‘chroot’).

Finally, after all actions have been completed successfully, rush runs the requested command. Notice, that by that time the resulting command line is not necessarily the same as the original one supplied to rush with the -c option.

A special kind of rules, called fall-through ones, is provided. Fall-through rules differ from other rules in that they do not execute the command. After all actions in a fall-through rule have been executed, GNU Rush continues to search for another matching rule in its configuration and applies it, if found. Fall-through rules are useful to set default values for subsequent rules.