RBASH is only part of a security solution. It works by limiting the commands that a user can execute, but it does not change the actual security settings of that account as commands like chroot would do. If a user is able to break out of the RBASH environment by executing an unrestricted shell, they will have regular access to the system.
If the intended subset of commands includes only ascp (Aspera’s transport utility), then Aspera’s aspshell is by far the best choice. See your Enterprise Server/Connect Server/Point to Point documentation for more information on the aspshell.
One of the fundamental properties of the restricted shell is to not allow a user to change their defined SHELL, PATH, ENV, or BASH_ENV variables. By statically configuring a user's PATH, an Administrator can control which programs a user can execute.
1. Determine bash shell location:
# which bash /bin/bash
# ls -la /bin/bash
-rwxr-xr-x 1 root root 801512 Jan 21 2009 /bin/bash
2. Create symlink rbash, which links to bash:
# ln -s /bin/bash /bin/rbash
# ls -la /bin/rbash
lrwxrwxrwx 1 root root 9 Feb 10 19:04 /bin/rbash -> /bin/bash
3. If file /etc/shells exists, add rbash to the shells file:
# echo “/bin/rbash” >> /etc/shells
4. Create a directory for the rbash user(s) programs.
# mkdir /usr/rbin
5. Create a standard bash profile file that all users will source on login, located at the following:
Copy the following into the file. Notice that the PATH includes the Aspera bin directory, and the custom /usr/rbin directory created above:
# Get the aliases and functions
if [ -f ~/.bashrc ]; then
# User specific environment and startup programs
6. For each rbash user, one must modify the bash startup files: ~/.bash_logout, ~/.bashrc, and ~/.bash_logout. (See: useradd --skel). This example references user asp1:
# cd /home/asp1 # rm .bash_profile # chown root: .bash_logout .bashrc # ln -s /etc/rbash_profile .bash_profile
7. In Redhat, .bash_logout executes the /usr/bin/clear program. To maintain this behavior, one must call clear without the path, and add clear to the /usr/rbin directory (see step 8).
# ~/.bash_logout clear
8. Allow access to programs by creating symlinks from within the /usr/rbin directory. This example allows a minimal subset:
# ln -s /usr/bin/clear /usr/rbin/clear # ln -s /bin/ls /usr/rbin/ls # ln -s /bin/mkdir /usr/rbin/mkdir # ln -s /bin/rm /usr/rbin/rm # ln -s /bin/cp /usr/rbin/cp # ln -s /bin/mv /usr/rbin/mv # ln -s /bin/touch /usr/rbin/touch
9. Set the users shell to rbash.
# grep “^asp1:” /etc/passwd asp1:x:502:502::/home/asp1:/bin/rbash
10. To perform a few simple tests, one can use the following commands:
# su - asp1
$ cd /
-rbash: cd: restricted
$ ssh 192.168.1.1
-rbash: ssh: command not found
Along with system security measures, one can add another level of security through Aspera’s transfer control mechanisms. For more information see this article (Managing User and File Permissions for Aspera Enterprise Server and Aspera Point-to-Point).