QUESTION:
My customer plans to set up a very restricted "root" environment for
AIX operators to use to recover from problems. This shell will allow
the operator's use of a customized smit interface. Our question is:
How can the shell-escape function (F9) be eliminated or disabled?
Thanks.
---------- ---------- ---------- --------- ---------- ----------
A: The shell-escape function (F9) cannot be eliminated from the SMIT
menu screen, However, you can setup a user with root authority,
disable the shell-escape function by changing that users SHELL
variable. The following test procedure will show you how to
setup the user so that the user cannot escape to a shell and the
exit function (F10) will drop the user back to a login prompt.
login as root
smit user
- Add a user to the system
User Name ątestą
Press Enter to add the user
Press (F10) to exit smit
passwd test
set new passwd to test
cd /u/test
You will edit the /u/test/.profile and add the following two lines at
the end of the /u/test/.profile stanza
export SHELL=""
exec smit
By setting the SHELL environment variable to null, Smit will not know
what program to exec as a sub-shell. Smit will wait for a carriage
return before returning to the calling screen.
If you want this user to have 'root' authority in smit, you will
need to manually edit the /etc/passwd file.
change the entry for test to look like the following:
test:|:0:1::/u/test:/bin/ksh
Before logging out to test your new user, you may want to open another
shell. You can now login a test. You may wish to experiment with
setting the SHELL variable to other values, possible the restricted
shell.
---------- ---------- ---------- --------- ---------- ----------
This item was created from library item Q548633 1991 OHJK6
S e a r c h - k e y w o r d s:
AUG91 DISABLED ELIMINATED ESCAPE FUNCTION FUNCTIONAL F9 IX
MANAGEMENT OHJK6 OP OZNEW RISCMGMT RISCSYSTEM SHELL SMIT SOFTWARE
SYS SYSTEM
WWQA: ITEM: RTA000019704 ITEM: RTA000019704
Dated: 07/1998 Category: RISCOCMD
This HTML file was generated 99/06/24~12:43:07
Comments or suggestions?
Contact us