summaryrefslogtreecommitdiff
path: root/scripts/restricted-shell
diff options
context:
space:
mode:
authorChristian Poessinger <christian@poessinger.com>2021-01-14 19:17:35 +0100
committerChristian Poessinger <christian@poessinger.com>2021-01-14 19:17:35 +0100
commit0dccb303c09069ab3997a508f18d1e94f9332f90 (patch)
tree7530a19b9782e9444dc1f846d47645a9ad764716 /scripts/restricted-shell
parent8c81230819a1bde768a5948328232c5def0af0fd (diff)
downloadvyatta-cfg-system-0dccb303c09069ab3997a508f18d1e94f9332f90.tar.gz
vyatta-cfg-system-0dccb303c09069ab3997a508f18d1e94f9332f90.zip
T671: re-add removed restricted-shell script
Commit ac2586bc ("T671: remove apparently unused scripts") dropped the restricted-shell helper script which is not referenced by any other VyOS/Vyatta shell script, but rather directly from C code [1]. Restore the file. [1] https://github.com/vyos/libpam-radius-auth/blob/76ad405d374f70812/src/radius_shell.c#L125-L129
Diffstat (limited to 'scripts/restricted-shell')
-rwxr-xr-xscripts/restricted-shell11
1 files changed, 11 insertions, 0 deletions
diff --git a/scripts/restricted-shell b/scripts/restricted-shell
new file mode 100755
index 00000000..ffcbb53b
--- /dev/null
+++ b/scripts/restricted-shell
@@ -0,0 +1,11 @@
+#!/bin/bash
+
+if [ $# != 0 ]; then
+ echo "Remote command execution is not allowed for operator level users"
+ args=($@)
+ args_str=$(IFS=" " ; echo "${args[*]}")
+ logger "Operator level user $USER attempted remote command execution: $args_str"
+ exit 1
+fi
+
+exec vbash