Let's say I have a Linux OS without desktop environment. After the PC finish boot up, it will directly show the shell terminal to the user.
I plan to write a shell script program and make it automatically start everytime after the PC finish boot up, so that, instead of seeing a normal shell prompt, the user will see my shell script program after the PC finish boot up.
In the shell script program, i will give the user a list of options to configure something in my PC. And I want the shell script program to run continuously in this PC.
I would like to lock the user in the shell script program so that they cannot escape to the normal shell prompt and access the file system. Only administrator with root password can escape to the normal shell prompt and make changes to the PC.
Can anyone give me some advices how can I do this?
Thanks.
Make your autologin user's login shell be rbash, and make the script the only thing they can run. Even if they escape the script, they won't be able to do anything except log out or start the script again.
Add a call to your script in
/etc/rc.local
, which is run after the system services in/etc/init.d/
have all started and right before the login prompt is displayed. The script will be running as root but without a logged in user so you can control exactly what happens at that point. As long as your script doesn't exit the user will be unable to login and access a shell.getty
is the program that handles a terminal. If you tell it to run something other than the shell likeyou have much greater control over what the user can do.
you can also add a trap to catch CTRL-C in your bash script. that way you can lock people from exiting it (also worth catching CTRL-Z)
http://hacktux.com/bash/control/c