diff options
author | Christian Poessinger <christian@poessinger.com> | 2021-01-14 19:17:35 +0100 |
---|---|---|
committer | Christian Poessinger <christian@poessinger.com> | 2021-01-14 19:17:35 +0100 |
commit | 0dccb303c09069ab3997a508f18d1e94f9332f90 (patch) | |
tree | 7530a19b9782e9444dc1f846d47645a9ad764716 /scripts/restricted-shell | |
parent | 8c81230819a1bde768a5948328232c5def0af0fd (diff) | |
download | vyatta-cfg-system-0dccb303c09069ab3997a508f18d1e94f9332f90.tar.gz vyatta-cfg-system-0dccb303c09069ab3997a508f18d1e94f9332f90.zip |
T671: re-add removed restricted-shell script
Commit ac2586bc ("T671: remove apparently unused scripts") dropped the
restricted-shell helper script which is not referenced by any other VyOS/Vyatta
shell script, but rather directly from C code [1].
Restore the file.
[1] https://github.com/vyos/libpam-radius-auth/blob/76ad405d374f70812/src/radius_shell.c#L125-L129
Diffstat (limited to 'scripts/restricted-shell')
-rwxr-xr-x | scripts/restricted-shell | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/scripts/restricted-shell b/scripts/restricted-shell new file mode 100755 index 00000000..ffcbb53b --- /dev/null +++ b/scripts/restricted-shell @@ -0,0 +1,11 @@ +#!/bin/bash + +if [ $# != 0 ]; then + echo "Remote command execution is not allowed for operator level users" + args=($@) + args_str=$(IFS=" " ; echo "${args[*]}") + logger "Operator level user $USER attempted remote command execution: $args_str" + exit 1 +fi + +exec vbash |