Linux – Restrict shell commands

Restrict shell commands… here is a solution to the problem.

Restrict shell commands

I created a username with a

bash shell – a normal shell with all commands available – but I intend to use this shell for backup services, it should only allow rsync commands. So I’m trying to restrict this shell to only executing rsync commands. How do I do this using .bash_profile and .bashrc?

Additional information: This shell is used only to back up files and folders. I used ssh key to connect another shell to rsync.

Solution

You can’t

– you can’t just use those files. Why not give them another shell with fewer options?
rssh is designed for this purpose.

Advantages of RSSH over authorized_keys limit (not all of them apply to or interest you):

  • Can be used to control multiple users
  • Restrictions are applied externally rather than from the user’s personal configuration – fewer opportunities for error allow them greater access
  • Make it easier for chrooting users
  • RSSH is not a generic shell, so even if misconfigured, the scope available to the user is much smaller than when bash + authorized_keys is misconfigured.

Related Problems and Solutions

  1. fork(), sleep(), and pipe(int *fd) in Mac OS X
  2. How do I pass pid from one PHP process to another?
  3. Questions about Linux commands
  4. Erlang: How do I make a connected external OS process die automatically when the Erlang process crashes?
  5. unix shell setup commands
  6. Use non-return scripts on the remote host to manage processes
  7. Customize windows when you open Emacs
  8. Does ‘epoll_wait’ mean which event was triggered when both EPOLLIN and EPOLLOUT were added?