January 18, 2016

33.12: Could use some explanation of WHY linking rbash to bash works

Section 33.12, "Restricted Accounts" mentions that if you want to set someone's shell to "bash -r", but you can't use command-line args to the shell in /etc/passwd, you should create a symlink, hardlink, or physical copy of "/bin/bash" to "/bin/rbash", and use that instead.

That's all it says about it.

A reasonable person might ask at this point "uh, how does that work exactly"?

As I technically have no idea how running it as "rbash" instead of "bash" makes it add "-r" to the command-line args, I'm going to make a reasonable guess, that the "bash" executable looks at the name it was executed with, and if it's "rbash", it implicitly adds that argument. If that's actually the case, it would be useful to state this, to aid the understanding of this.

I also noticed that my Ubuntu 14.04 VM already had this link in place, but not my CentOS7.2 box.

Click Here!