GNU Rush – a restricted user shell. (split by node): Section: Back: 4.2.5 Fall-through Forward: 4.2.7 Post-process Notification Chapter: FastBack: 4. Configuration File Up: 4.2 Rule FastForward: 5. Default Configuration Doc: Contents: Table of Contents Index: Concept Index   ?

4.2.6 Accounting and Forked Mode

GNU Rush is able to operate in two modes, which we call default and forked. When operating in the default mode, the process image of rush itself is overwritten by the command being executed. Thus, when it comes to launching the requested command, the running instance of rush ceases to exist.

There is also another operation mode, which we call forked mode. When running in this mode, rush executes the requested command in a subprocess, and remains in memory supervising its execution. Once the command terminates, rush exits.

One advantage of the forked mode is that it allows to run accounting, i.e. to note who is doing what and to keep a history of invocations. The accounting, in turn, can be used to limit simultaneous executions of commands (logins, in GNU Rush terminology), as requested by ‘L’ command to limit statement (see L limit).

The forked mode is enabled on a per-rule basis, for rules that contain either ‘L’ command in the limit statement, or ‘acct on’ command:

Rule Config: acct bool

Turn accounting mode on or off, depending on bool. The argument can be one of the following: ‘yes’, ‘on’, ‘t’, ‘true’, or ‘1’, to enable accounting, and ‘no’, ‘off’, ‘nil’, ‘false’, ‘0’, to disable it.

Notice, that there is no need in explicit acct on command, if you use limit L.

The notion ‘rule contains’, used above, means that either the rule in question contains that statement, or inherits it from one of the above fall-through rules (see section Fall-through). In fact, in most cases the accounting should affect all rules, therefore we suggest to enable it in a fall-through rule at the beginning of the configuration file, e.g.:

 
rule default
  acct on
  fall-through

If the need be, you can disable it for some of the subsequent rules by placing acct off in it. Notice, that this will disable accounting only, the forked mode will remain in action. To disable it as well and enforce default mode for a given rule, use fork off statement:

Rule Config: fork bool

Enable or disable forked mode. This statement is mainly designed as a way of disabling the forked mode for a given rule.

Once the accounting enabled, you can view the list of currently logged in users using rushwho command (see section The rushwho utility.) and view the history of last logins using rushlast command (see section The rushlast utility.).

GNU Rush – a restricted user shell. (split by node): Section: Back: 4.2.5 Fall-through Forward: 4.2.7 Post-process Notification Chapter: FastBack: 4. Configuration File Up: 4.2 Rule FastForward: 5. Default Configuration Doc: Contents: Table of Contents Index: Concept Index   ?
This document was generated by Sergey Poznyakoff on October, 27 2009 using texi2html 1.78.

Verbatim copying and distribution of this entire article is permitted in any medium, provided this notice is preserved.