I have created a ksh shell script and used it as a login shell for a user.
</etc/passwd>
lramirev:x:111:200:Luis:/export/home/menush:/usr/local/menush/menush
My shell script is like this:
</usr/local/menush/menush>
#!/bin/ksh
#
if [[ -f $HOME/.profile ]]
then
. $HOME/.profile
fi
HOMEPATH=/usr/local/menush
cd $HOMEPATH
export PATH=$PATH:$HOMEPATH
EXITPROMPT="QUIT"
if [[ $(grep $LOGNAME ${HOMEPATH}/denylist | wc -l) -gt 0 ]]
then
. $HOMEPATH/denymenu
else
. $HOMEPATH/mainmenu
fi
do_main_menu
</usr/local/bin/mainmenu>
#!/bin/ksh
do_main_menu ()
{
OPTION="GO"
while [[ "${OPTION}" != "${EXITPROMPT}" ]]
do
print "1 Do first Thing"
print "2 Do second Thing"
print "3 Do third Thing"
print "\nQuit"
cmd_prompt="Press 1, 2, 3 or q>"
print "${cmd_prompt} \c"
read OPTION
case $OPTION in
1) print "Do first Thing"
read
;;
2) print "Do second Thing"
read
;;
3) print "Do third Thing"
read
;;
q|Q) OPTION=${EXITPROMPT}
;;
*) print "Select option from menu"
OPTION="GO"
read
;;
esac
do
}
</usr/local/bin/denymenu>
#!/bin/ksh
do_main_menu ()
{
OPTION="GO"
while [[ "${OPTION}" != "${EXITPROMPT}" ]]
do
print "\nQuit"
cmd_prompt="Press q>"
print "${cmd_prompt} \c"
read OPTION
case $OPTION in
q|Q) OPTION=${EXITPROMPT}
;;
*) print "Select option from menu"
OPTION="GO"
read
;;
esac
do
}
Every thing work fine I can create my users, they can login and do they're three things only in the menu. I have "trap" signals 2, 5 and 9 and they can't go out of the script. The bad thing here is that on "Do third Thing" they need to type a file name and the system will process the file name. In order to have the file available to the system shell script they need to be able to upload the file to the server. I can't login with user lramirev using FTP or SCP to upload a file to me processed.
This is the output from SCP
>scp motd lramirev@mtyweb02g2:/export/home/menush
Password:
ps: no controlling terminal
stty: : Invalid argument
Thsi is the output for FTP:
> ftp mtyweb02g2
Connected to mtyweb02g2.
220 mtyweb02g0 FTP server ready.
Name (mtyweb02g2:lramirev): lramirev
331 Password required for lramirev.
Password:
530 Login incorrect.
Login failed.
ftp>
Password is correct typed, I can telnet to the server or ssh to it and will get the menu to run processes.
Does any one knows how can I provide a upload facility for this type of users? I can try two thing but would like not to do it.
- Have the user with /bin/bash as login shell and user .profile to load menush but that may give me a problem becuase I dont want users to scape out of the menu.
- Try to do a TFTP upload. I wouldn't like to because it is very unsafe. I can olway TCP_Wrap FTP but TFTP as far as I know is imposible to secure.
Please send some light to my yellow road.
My best regards.
Luis Ramirez
Unix Systems implementation