ksh script as a login shell return "no controlling terminal"

lramirev · July 15, 2008, 8:36pm

I have created a ksh shell script and used it as a login shell for a user.

</etc/passwd>
lramirev:x:111:200:Luis:/export/home/menush:/usr/local/menush/menush

My shell script is like this:
</usr/local/menush/menush>
#!/bin/ksh
#
if [[ -f $HOME/.profile ]]
then
. $HOME/.profile
fi

HOMEPATH=/usr/local/menush
cd $HOMEPATH
export PATH=$PATH:$HOMEPATH

EXITPROMPT="QUIT"

if [[ $(grep $LOGNAME ${HOMEPATH}/denylist | wc -l) -gt 0 ]]
then
. $HOMEPATH/denymenu
else
. $HOMEPATH/mainmenu
fi
do_main_menu

</usr/local/bin/mainmenu>
#!/bin/ksh
do_main_menu ()
{
OPTION="GO"
while [[ "${OPTION}" != "${EXITPROMPT}" ]]
do
print "1 Do first Thing"
print "2 Do second Thing"
print "3 Do third Thing"
print "\nQuit"
cmd_prompt="Press 1, 2, 3 or q>"
print "${cmd_prompt} \c"
read OPTION
case $OPTION in
1) print "Do first Thing"
read
;;
2) print "Do second Thing"
read
;;
3) print "Do third Thing"
read
;;
q|Q) OPTION=${EXITPROMPT}
;;
*) print "Select option from menu"
OPTION="GO"
read
;;
esac
do
}

</usr/local/bin/denymenu>
#!/bin/ksh
do_main_menu ()
{
OPTION="GO"
while [[ "${OPTION}" != "${EXITPROMPT}" ]]
do
print "\nQuit"
cmd_prompt="Press q>"
print "${cmd_prompt} \c"
read OPTION
case $OPTION in
q|Q) OPTION=${EXITPROMPT}
;;
*) print "Select option from menu"
OPTION="GO"
read
;;
esac
do
}

Every thing work fine I can create my users, they can login and do they're three things only in the menu. I have "trap" signals 2, 5 and 9 and they can't go out of the script. The bad thing here is that on "Do third Thing" they need to type a file name and the system will process the file name. In order to have the file available to the system shell script they need to be able to upload the file to the server. I can't login with user lramirev using FTP or SCP to upload a file to me processed.

This is the output from SCP
>scp motd lramirev@mtyweb02g2:/export/home/menush
Password:
ps: no controlling terminal
stty: : Invalid argument

Thsi is the output for FTP:
> ftp mtyweb02g2
Connected to mtyweb02g2.
220 mtyweb02g0 FTP server ready.
Name (mtyweb02g2:lramirev): lramirev
331 Password required for lramirev.
Password:
530 Login incorrect.
Login failed.
ftp>

Password is correct typed, I can telnet to the server or ssh to it and will get the menu to run processes.

Does any one knows how can I provide a upload facility for this type of users? I can try two thing but would like not to do it.

Have the user with /bin/bash as login shell and user .profile to load menush but that may give me a problem becuase I dont want users to scape out of the menu.
Try to do a TFTP upload. I wouldn't like to because it is very unsafe. I can olway TCP_Wrap FTP but TFTP as far as I know is imposible to secure.

Please send some light to my yellow road.

My best regards.
Luis Ramirez
Unix Systems implementation

Annihilannic · July 15, 2008, 9:07pm

You probably need to add your script to /etc/shells as ftpd and sshd check this for valid shells before granting access.

Perderabo · July 15, 2008, 9:07pm

You probaby need to add /usr/local/menush/menush to /etc/shells to get ftp working. This should be documented in "man ftpd".

Perderabo · July 15, 2008, 9:09pm

simulpost!

Annihilannic · July 15, 2008, 9:21pm

Great minds think alike... and concurrently too.

lramirev · July 15, 2008, 9:53pm

Maybe I had to add the info before, but I'm using Solaris 10 and I don't have /etc/shells. I have look into the man pages fo FTPD and SSHD and they don't relate to /etc/shells. Do you have any other idea?

Thanks in advance
Luis Ramirez

Annihilannic · July 15, 2008, 10:06pm

You can create it, you may want to include the default list of shells as well, from man shells (not directly, I copied it from another post elsewhere):

from man shells

====
The following default shells are used by utilities:
/bin/bash, /bin/csh, /bin/jsh, /bin/ksh, /bin/pfcsh,
/bin/pfksh, /bin/pfsh, /bin/sh, /bin/tcsh, /bin/zsh,
/sbin/jsh, /sbin/sh, /usr/bin/bash, /usr/bin/csh,
/usr/bin/jsh, /usr/bin/ksh, /usr/bin/pfcsh, /usr/bin/pfksh,
/usr/bin/pfsh, and /usr/bin/sh, /usr/bin/tcsh, /usr/bin/zsh.
Note that /etc/shells overrides the default list.

Perderabo · July 15, 2008, 10:08pm

ftpd(1M) � File Transfer Protocol Server (man pages section 1M: System Administration Commands)
says:
Third, the users must have a standard shell returned by getusershell(3C).

So now you need to look at a second man page: getusershell(3C) � get legal user shells (man pages section 3: Basic Library Functions)

lramirev · July 16, 2008, 1:31am

I must read more detail next time. I was missing the /etc/file. I created it as suggested and now FTP is working. I'm sorry if I did not read all documentation closely. I was missing third rule for FTP authentication:

"Third, the users must have a standard shell returned by getusershell(3C)."

man 3C getusershell, explains that if /etc/shells is not present it uses a standard shell list, that off course it does not includes my customized shell. It was only matter of creating the file with the standard shell list and my own in it.

Thanks to every body for they're comments.
Luis Ramirez