GNU Rush – a restricted user shell (split by section):   Section:   Chapter:FastBack: Intro   Up: Top   FastForward: Quick Start   Contents: Table of ContentsIndex: Concept Index

2 Operation

GNU Rush is usually installed as a user shell. When a user connects to the server (e.g. by using using SSH protocol), the shell binary, rush, is executed. GNU Rush must be called with exactly two arguments: the -c command line option and a command line to be executed on the host machine1. If wrong arguments are supplied, the shell aborts.

The third argument to rush supplies a command line to be executed. This command line along with the password database entry for the user who executes rush are said to form a request.

After startup, rush reads a set of rules from its configuration file. Each rule consists of conditions and actions. Conditions are used to match the rule with the request. They can include regular expression matching with entire command line or particular fields thereof, user name or group comparisons, etc. If all conditions match the request, actions are executed. Actions allow to:

Finally, after all actions have been executed successfully, rush executes the requested command. Notice, that the resulting command line is not necessarily the same as was supplied to rush via the -c option.

A special kind of rules, called fall-through ones, is provided. Fall-through rules differ from other rules in that they do not execute the command. After all actions in a fall-through rule have been executed, GNU Rush continues to search for another matching rule in its configuration and applies it, if found. Fall-through rules are useful to set default values for subsequent rules.

Footnotes

(1)

Starting from version 1.6, it is possible to use GNU Rush for interactive shell sessions. See Interactive, for more information about it.

GNU Rush – a restricted user shell (split by section):   Section:   Chapter:FastBack: Intro   Up: Top   FastForward: Quick Start   Contents: Table of ContentsIndex: Concept Index