Restricted User Shell
GNU Rush is able to operate in two modes, which we call default and
forked. When operating in the default mode, the process image of
rush itself is overwritten by the command being executed.
Thus, when it comes to launching the requested command,
the running instance of
rush ceases to exist.
There is also another operation mode, which we call forked
mode. When running in this mode,
rush executes the
requested command in a subprocess, and remains in memory supervising
its execution. Once the command terminates,
One advantage of the forked mode is that it allows to run
accounting, i.e. to note who is doing what and to keep a
history of invocations. The accounting, in turn, can be used to limit
simultaneous executions of commands (logins, in
GNU Rush terminology), as requested by ‘L’ command to
statement (see L limit).
The forked mode is enabled on a per-rule basis, for rules that
contain either ‘L’ command in the
limit statement, or
‘acct on’ command:
Turn accounting mode on or off, depending on bool. The argument can be one of the following: ‘yes’, ‘on’, ‘t’, ‘true’, or ‘1’, to enable accounting, and ‘no’, ‘off’, ‘nil’, ‘false’, ‘0’, to disable it.
Notice, that there is no need in explicit
acct on command, if
The notion ‘rule contains’, used above, means that either the rule in question contains that statement, or inherits it from one of the above fall-through rules (see Fall-through). In fact, in most cases the accounting should affect all rules, therefore we suggest to enable it in a fall-through rule at the beginning of the configuration file, e.g.:
rule default acct on fall-through
If the need be, you can disable it for some of the subsequent rules by
acct off in it. Notice, that this will disable
accounting only, the forked mode will remain in action. To disable it
as well and enforce default mode for a given rule, use
Enable or disable forked mode. This statement is mainly designed as a way of disabling the forked mode for a given rule.
Once the accounting enabled, you can view the list of currently
logged in users using
rushwho command (see Rushwho) and
view the history of last logins using
This document was generated on October 1, 2016 using makeinfo.Verbatim copying and distribution of this entire article is permitted in any medium, provided this notice is preserved.