restricted :Unable to redirect output - shell

I logged in to rbash using chsh command. Though,I have logged out from rbash but still I am unable to execute various commands like cd , output redirection commands etc . When I executed this command cat > jmf . I got this result:-
rbash: jmf: restricted: cannot redirect output.
Could any one please tell me where am I going wrong??

chsh is not used to "log in" to anything. It's used to change your login shell (done by altering the relevant field in the passwd file. If you changed it to rbash, your login shell is restricted. Change it back to bash and you can your redirections and such to work.

I got this same error from another route. I use 'bash -vx' to execute a script when I want to see commands as the script is running. I accidentally specified 'bash -rx' and got the error mentioned in the title since the script was doing something restricted. As I recall it was trying to redirect stdout to a file in /tmp.

Related

Laravel Envoy and bash prompt

I'm using Envoy to provision a remote server. Provisioning is done by pulling the bash script from a private repo and then execute it.
The bash script ask some confirmation like yes/no (using bash "read -p"): it works as expected when i'm connected to the remote server... the script wait for user input.
Instead Envoy seems to ignore any prompt. Is it an expected behavior?
Any workaround?
Yes, this is expected. There's nothing for read to read from so it doesn't.
You have a few options.
Rewrite your script to use a config file when there's no terminal to prompt from.
Use something like [ -t 0 ] to test if the standard input is a terminal and load a configuration file with defaults. The simplest way to do that is just have a file that contains appropriate variable assignments and just source it . defaults.sh or whatever. You don't even need the -t test if you source the defaults first since then anything the user inputs will over-ride the default value.
Rewrite your script to have sane defaults.
Rewrite whatever runs the script to provide your script input via pipeline/file via redirection (e.g. printf 'answer 1\nanswer 2\n' | ./script.sh or ./script.sh <answerfile).

Suppress welcome message on bash remote command execution

I'm executing some commands on remote server within a shell script like this:
ssh user#host <<ENDSSH
...
ENDSSH
Upon login I'm getting a standard server welcome message echoed. Is there a way to send it to \dev\null but to keep displaying the output of executed commands?
Thanks.
Create a file ~user/.hushlogin on the remote host. This will suppress output from the login program when user logs in (such as time of last login and any message of the day).
You can edit /etc/ssh/sshd_config (for debian/ubuntu, your server might be different file) and turn the following setting to 'no'.
PrintMotd no
PrintLastLog no

OSX Bash Shell Script Does Not Run

I'm having a pretty basic shell script that's supposed to run at user login. To achieve this, I followed the guide for Automator from the first answer in this topic: Running script upon login mac
But somehow nothing happens. I also tried to create an application using the script editor with do shell script /blabla/git_credentials.sh which responded with a permission denied.
I don't see whats wrong here.
Oh, here's the script:
echo ""
echo "Setup Git Credentials"
echo "*********************"
echo "Please enter your first name: "
read fname
echo "Please enter your last name: "
read lname
echo "Please enter your mail address: "
read email
git config --global --remove-section user
git config --global user.name "$fname $lname"
git config --global user.email $email
echo "Credentials set."
Edit: I just found out that the script is being run at login, but it neither opens up a terminal nor waits for my user inputs, I have just an empty Git config after every startup. I 'achieved' this using the script editor with do shell script "$HOME/git_credentials.sh" and saving it as an application, then putting it into the login items.
The problem is that your Automator's shell script isn't connected to STDIN (i.e. your keyboard). It may run the shell script, but there's no way to pass it input since there's no terminal.
What you need to do is run the Automator action: Ask for Text to get your input.
What I found I had to do was Ask for Text, and then Set the Value of the Variable. I do this for each variable I want as input.
Once I get all of the variables I want, I then run Get the Value of the Variable for each of the variables. This puts the variables into $* for the shell script to pull up.
Now, you can execute the Automator action Run Shell Script with Pass Input as arguments. You can refer to them as $1, $2, etc.
I suggest to try this with a simple script and see if it then works. The problem is that the whole thing may execute in a sub-shell, so once the automator action ends, you lose the values of the variables you've set. I simply don't have enough experience with Automator to know exactly how it works.
I suspect you script is not currently executable.
Try fixing this by running:
chmod +x /blabla/git_credentials.sh
or
chmod 755 /blabla/git_credentials.sh
Or you are missing #!/bin/bash at the top of your script? Or is this just a part of it?

Run a Bash Script automatically upon login

I wrote a script that sends the date and username of the person who logs in to a log file to keep a record of who has logged in. I am wondering how can you set this script to execute automatically when a user logs in rather than have to manually run it in the terminal. NOTE: the USERNAME is the current user that is logged in.
my code:
#!/bin/bash
printf "$(date) $HOSTNAME booted!\n" >> /home/USERNAME/boot.log
A more elegant way to solve this problem is to read from log files that are already being written and cannot be changed by the user. No one could say it better than Bjørne Malmanger's in his answer:
I wouldn't trust the user to GIVE you the information. As root you
TAKE it ;-)
A nice way to do this is the last command, which is great because it neatly displays all logins: Graphical, console and SSH.
last
A less elegant but still secure way is to do a grep on /var/log/auth.log. On my Gnome/Ubuntu system I can use this to track graphical logins:
grep "session opened for user USERNAME"
The right pattern for your machine needs to be found for each login type: graphical, console and SSH. This is cumbersome, but you might need to do it if you need information that goes further back than last reaches.
To directly answer your question:
You can modify the script like this to get the username
#!bin/bash
printf "$(date) $HOSTNAME booted!\n" >> /home/$(whoami)/boot.log
And add this line to /etc/profile
. /path/to/script.sh
This is not secure though because the user will be able to edit his own log
Why don't you use the last command?
I wouldn't trust the user to GIVE you the information. As root you TAKE it ;-)
Put it in ~/.bash_profile. It will be run each time they log in.
More information is available at the women's rights page (i.e. man bash).

FTP inside a shell script not working

My host upgraded my version of FreeBSD and now one of my scripts is broken. The script simply uploads a data feed to google for their merchant service.
The script (that was working prior to the upgrade):
ftp ftp://myusername:mypassword#uploads.google.com/<<END_SCRIPT
ascii
put /usr/www/users/myname/feeds/mymerchantfile.txt mymerchantfile.txt
exit
END_SCRIPT
Now the script says "unknown host". The same script works on OSX.
I've tried removing the "ftp://". - No effect
I can log in from the command line if I enter the username and password manually.
I've search around for other solutions and have also tried the following:
HOST='uploads.google.com'
USER='myusername'
PASSWD='mypassword'
ftp -dni <<END_SCRIPT
open $HOST
quote USER $USER
quote PASS $PASS
ascii
put /usr/www/users/myname/feeds/mymerchantfile.txt mymerchantfile.txt
END_SCRIPT
And
HOST='uploads.google.com'
USER='myusername'
PASSWD='mypassword'
ftp -dni <<END_SCRIPT
open $HOST
user $USER $PASS
ascii
put /usr/www/users/myname/feeds/mymerchantfile.txt mymerchantfile.txt
END_SCRIPT
Nothing I can find online seems to be doing the trick. Does anyone have any other ideas? I don't want to use a .netrc file since it is executed by cron under a different user.
ftp(1) shows that there is a simple -u command line switch to upload a file; and since ascii is the default (shudder), maybe you can replace your whole script with one command line:
ftp -u ftp://username:password#uploads.google.com/mymerchantfile.txt\
/usr/www/users/myname/feeds/mymerchantfile.txt
(Long line wrapped with \\n, feel free to remove the backslash and place it all on one line.)
ftp $HOSTNAME <<EOFEOF
$USER
$PASS
ascii
put $LOCALFILE $REMOTETEMPFILE
rename $REMOTETEMPFILE $REMOTEFINALFILE
EOFEOF
Please note that the above code can be easily broken by, for example, using spaces in the variables in question. Also, this method gives you virtually no way to detect and handle failure reliably.
Look into the expect tool if you haven't already. You may find that it solves problems you didn't know you had.
Some ideas:
just a thought since this is executed in a subshell which should inherit correctly from parent, does an env show any difference when executed from within the script than from the shell?
Do you use a correct "shebang"?
Any proxy that requires authentication?
Can you ping the host?
In BSD, you can create a NETRC script that ftp can use for logging on. You can even specify the NETRC file in your ftp command too using the -N parameter. Otherwise, the default NETRC is used (which is $HOME/.netrc).
Can you check if there's a difference in the environment between your shell-login, and the cron-job? From your login, run env, and look out for ftp_proxy and http_proxy.
Next, include a line in the cron-job that will dump the environment, e.g. env >/tmp/your.env.
Maybe there's some difference...Also, did you double-check your correct usage of the -n switch?

Resources