GNU Rush – a restricted user shell (split by node):   Section:   Chapter:FastBack: Quick Start   Up: Top   FastForward: Default Configuration   Contents: Table of ContentsIndex: Concept Index

4 Configuration File

The configuration file is called rush.rc and is located in /usr/local/etc by default.3.

The configuration file is read and parsed right after start up. Any errors occurred in parsing are reported using syslog facility ‘authpriv’ and priority ‘notice’. When run in ‘test’ mode, all diagnostics is displayed on standard error output. See Test Mode, for a detailed description of ways to debug and test your configurations.

Before parsing, rush checks the ownership and permissions of the configuration file for possible security breaches. The configuration file is considered unsafe if any of the following conditions are met:

  1. It is not owned by root.
  2. It is group writable.
  3. It is world writable.
  4. It resides in a group writable directory.
  5. It resides in a world writable directory.
  6. It is a symbolic link to a file residing in a group or world writable directory.

If the file is considered unsafe, rush rejects it and aborts execution.

Any of these tests can be disabled using the --security-check option (see --security-check).

Footnotes

(3)

The exact location of the configuration file is defined when configuring the package. See the file INSTALL in the GNU Rush source directory for more information

GNU Rush – a restricted user shell (split by node):   Section:   Chapter:FastBack: Quick Start   Up: Top   FastForward: Default Configuration   Contents: Table of ContentsIndex: Concept Index