This repository is private.
All pages are served over SSL and all pushing and pulling is done over SSH.
No one may fork, clone, or view it unless they are added as a member.
Every repository with this icon (
) is private.
Every repository with this icon (
) is private.
This repository is public.
Anyone may fork, clone, or view it.
Every repository with this icon () is public.
Every repository with this icon (
) is public.
commit d9875d0ace92e047888f1b546793f7e894c76e2a
tree e9c3f6c80457bb05e25a9af61aa43317ebf4b3fc
parent d8ec47f2a1e014acf5a4b4566d9b3b4686a341ed
tree e9c3f6c80457bb05e25a9af61aa43317ebf4b3fc
parent d8ec47f2a1e014acf5a4b4566d9b3b4686a341ed
menush /
README
menush.rb Use in place of a full-featured shell to allow a user access to only a pre-determined set of commands. Designed for limited access to web servers, shared systems, or admin/debugging consoles. Menus are defined in a YAML file containing an array of hashes; each item in the array will be displayed as an option in the menu, and the hash should define the 'prompt' and 'path' keys. The 'defaults' key is optional, and provides a list of command-line arguments to be passed to the command; the 'allow_args' key establishes whether to prompt the user for additional arguments before launching the command. Example menu definition: --- - path: /usr/bin/uptime prompt: "Check system uptime" - path: /bin/cat prompt: "Display MOTD" defaults: /etc/motd - path: /bin/uname prompt: "Display uname flags" allow_args: true - path: /usr/bin/vim prompt: "Edit a file" allow_args: true Once configured, just add menush.rb to the list of valid login shells in /etc/shells, and then change the user's /etc/passwd entry to use it in place of bash (or whatever shell they had been using). See rcoder's blog post for more details: http://rcoder.net/content/granting-just-enough-power-but-no-more Depends on the HighLine gem and the Ruby stdlib.
