Permalink
Browse files

[doc] Update README.md

  • Loading branch information...
ghantoos authored and Ignace Mouzannar committed Feb 21, 2016
1 parent 160210e commit 0566a8d23f30b3ae9a8b8dba76dafb02cf75eb6b
Showing with 12 additions and 48 deletions.
  1. +12 −48 README.md
View
@@ -1,32 +1,22 @@
lshell - limited shell [![Build Status](https://travis-ci.org/ghantoos/lshell.svg?branch=master)](https://travis-ci.org/ghantoos/lshell)
======================
-All this information (and more) is in the man file.
+lshell is a shell coded in Python, that lets you restrict a user's environment to limited sets of commands, choose to enable/disable any command over SSH (e.g. SCP, SFTP, rsync, etc.), log user's commands, implement timing restriction, and more.
+
+Note: all the below information (and more) can be found in the manpage - ```man -l man/lshell.1``` or ```man lshell```)
Installation:
----------------
-You have 3 options:
-
-* Use the setup.py present in the source tar.gz. It uses python distutils to install everything in the right place:
1. Install from source
-
- # extract source
- tar xvfz lshell-{version}.tar.gz
# on Linux:
python setup.py install --no-compile --install-scripts=/usr/bin/
# on *BSD:
python setup.py install --no-compile --install-data=/usr/{pkg,local}/
- 2. Install the rpm
-
- yum install lshell
- # or
- rpm -Uvh lshell-x.x-x.noarch.rpm
- 3. Install the .deb
-
+ 2. On Debian (or derivatives)
apt-get install lshell
- # or
- dpkg -i lshell-x.x-x.deb
+ 3. On RHEL (or derivatives)
+ yum install lshell
Configuration:
@@ -43,7 +33,7 @@ Order of priority when loading preferences is the following:
3. Default configuration
-The primary goal of lshell, was to be able to create shell accounts with ssh access and restrict their environment to a couple a needed commands.
+The primary goal of lshell, is to be able to create shell accounts with ssh access and restrict their environment to a couple a needed commands and path.
For example User 'foo' and user 'bar' both belong to the 'users' UNIX group:
@@ -101,47 +91,21 @@ To launch lshell, just execute lshell specifying the location of your configurat
lshell --config /path/to/configuration/file
-By default lshell will try to launch using /${CONFPATH}/lshell.conf unless specified otherwise (using --config), where ${CONFPATH} is :
-
-- "/etc/" for Linux
-- "/usr/{pkg,local}/etc/" for *BSD
-
In order to log a user, you will have to add him to the lshell group:
usermod -aG lshell username
+In order to configure a user account to use lshell by default, you must: (you might need to insure that lshell is listed in /etc/shells)
-Use case 1: /etc/passwd
-----------------------------------------
-In order to configure a user account to use lshell by default, you must:
-
-- On Linux:
-
- chsh -s /usr/bin/lshell user_name
-
-- On *BSD:
-
- chsh -s /usr/{pkg,local}/bin/lshell user_name
+ chsh -s /usr/bin/lshell user_name
After this, whichever method is used by the user to log into his account, he will end up using the limited shell you configured for him!
-Use case 2: OpenSSH & authorized_keys
------------------------------------------------------------------
-
-In order to launch lshell limited to the 'ssh' command, I used ssh's authorized_keys:
-
- # vi /home/foo/.ssh/authorized_keys
- # and add :
- command="/usr/bin/lshell --config /path/to/lshell.conf",no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty just before the public key part.
-
-This will have the effect of executing lshell upon user's SSH connection.
Contact
----------------
-If you want to contribute to this project, please do not hesitate. Open an issue and, if possible, send a patch! I would be glad to take a look at it!
-
-You can use the interface on github: ghantoos/lshell/issues
+If you want to contribute to this project, please do not hesitate. Open an issue and, if possible, send a pull request.
-Cheers,
+Please use github for all requests: https://ghantoos/lshell/issues
- Ignace Mouzannar <ghantoos@ghantoos.org>
+Cheers

0 comments on commit 0566a8d

Please sign in to comment.