Shell shellinabox, run a console program and close connection on exit

[nikko1960]

Hi to all, I have a FREEBSD 13.0 running as a webserver, I discover shellinabox, and I want to run an application after login and disconnect after or closing the application.

the shell is standard shell

I write a little script with this line :
/usr/local/bin/myprg

put it into .profile

and all works well after i logging in

the myprog run and successfully close it

and it return to shell, but I want that after closing myprog the connected user have to disconnect from the server

the same thing with tty connection,

the only way to close connection is typing control D on the keyboard

How can solve the problem ( before asking in this forum I searched a lot with google and also in this forum )

regards

Domenico

 

[SirDice]

exec(1) your script.

 

[eternal_noob]

Interesting read:

Why does Ctrl-D (EOF) exit the shell?

Are you literally "ending a file" by inputting this escape sequence, i.e. is the interactive shell session is seen as a real file stream by the shell, like any other file stream? If so, which file?...

unix.stackexchange.com

 

[SirDice]

On tcsh(1) ^D (CTRL-D) is bound to delete-char-or-list-or-eof.

 

[ralphbsz]

As SirDice said, you could change your .profile to exec that program. But there is grave danger there: If you do that to your normal user account, or (even worse!) the root account, those accounts can't log in to a shell any more, since the moment they log in, that little program runs and logs out.

An alternative is to go into /etc/passwd, and change the login program (a.k.a. shell) of the user to be your little program. Like that, once login has validated that the user has logged in (typically asking for username and password), they will run your program, and de-facto log out when your program exist. The typical use is to create a new user in /etc/passwd who performs that function.

As an example, my home server sits in the basement. I find it convenient to be able to use it as a clock. So I have a user named "date" with no password; all that user does is to run a little program (script) which displays the current date on the screen. Similarly, I have another user called "halt", and all that does is shut the computer down (don't worry, that user is protected by interesting logic in the program it runs). In the old days of line printers, there typically was a user called "page" or "eject", and when you typed that username (again, no password), it would eject a page on the printer.

 

[nikko1960]

Thanks SirDice, i made the change and works.

the line in .profile was changed from :

/opt/directory/program

to :

exec /opt/directory/program

 

[covacat]

using a non std shell for such scenarios has the advantage that people cant scp sftp ftp use fancy .forwards etc without adding any restrictions
otherwise evil user will
ssh restrictedaccount@host "mv .profile .profilexxx"