Navigate

rbash – Set Restricted shell in Linux

rbash stands for the restricted bash shell. In UNIX like operating when a user is created a default shell (/bin/bash) is assigned. So a user can move to anybody’s directories, so to avoid this situation we can assign the restricted shell to a user, restricted shell is just like a jail-like environment or chroot environment.

Why rbash?

If bash is started with the name rbash, or the -r option is supplied at invocation, the shell becomes restricted. A restricted shell is used to set up an environment more controlled than the standard shell. It behaves identically to bash with the exception that the following are disallowed or not performed:

  • changing directories with cd
  • setting or unsetting the values of SHELL, PATH, ENV, or BASH_ENV
  • specifying command names containing /
  • specifying a file name containing a / as an argument to the builtin command
  • specifying a filename containing a slash as an argument to the -p option to the hash builtin command
  • importing function definitions from the shell environment at startup
  • parsing the value of SHELLOPTS from the shell environment at startup
  • redirecting output using the >, >|, , >&, &>, and >> redirection operators
  • using the exec builtin command to replace the shell with another command
  • adding or deleting builtin commands with the -f and -d options to the enable builtin command
  • using the enable builtin command to enable disabled shell builtins
  • specifying the -p option to the command builtin command.
  • turning off restricted mode with set +r or set +o restricted.

How to set restricted shell

Set the environment you want it for a particular user and can put them startup file:$HOME/.bash_profile, as show below:

# .bash_profile
# Get the aliases and functions
if [ -f ~/.bashrc ]; then 
. ~/.bashrc
fi
# User specific environment and startup programs
PATH=$PATH:$HOME/bin
export PATH
bash -r

Now Login with the User & try to change the directories.

$ cd /etc/
bash: cd: restricted

$ cd /tmp/
bash: cd: restricted

For Setting Restricted Shell for All Users, create a symbolic link of /bin/bash to /bin/rbash:

# cd /bin
# ln -s bash rbash
Related Post
  1. mk Command Examples

    mk is a task runner tool commonly used for controlling the compilation process of executables…

  2. mixxx Command Examples

    Mixxx is a free and open-source DJ software designed for DJs of all skill levels.…

  3. mix Command Examples

    Mix is a versatile build tool designed specifically for Elixir projects. It offers a wide…

  4. mitmproxy Command Examples

    mitmproxy is an interactive HTTP proxy tool that operates as a man-in-the-middle (MITM) between a…

  5. mitmdump Command Examples

    mitmdump is a command-line tool that is part of the mitmproxy suite, which is designed…