The Restricted Shell is a Linux Shell that restrict some of the features of bash shell, and is very clear from the name. The restriction is well implemented for the command as well as script running in restricted shell. It provides an additional layer for security to bash shell in Linux.
cd command (Change Directory)
PATH (setting/ unsetting)
ENV aka BASH_ENV (Environment Setting/ unsetting)
Importing Function
Specifying file name containing argument ‘/’
Specifying file name containing argument ‘-‘
Redirecting output using ‘>‘, ‘>>‘, ‘>|‘, ‘<>‘, ‘>&‘, ‘&>‘
turning off restriction using ‘set +r‘ or ‘set +o‘
Note: Restrictions of rbash is enforced after any startup files are read.
n some version of GNU/Linux viz., Red Hat/CentOS, rbash may not be implemented directly and needs symbolic links to be created.
# cd /bin # ln -s bash rbash
In most of the today’s GNU/Linux standard distributions, rbash is available by default. If not, you can download source tarball and install it from source in your system.
Starting rbash
To start rbash restricted shell in Linux, execute the following command.
# bash -r OR # rbash
Note: If rbash is started successfully, it returns 0.
Testing a Few Restrictions
Here, we executing few commands on the rbash shell to check restrictions.
# cd rbash: cd: restricted
# pwd > a.txt bash: a.txt: restricted: cannot redirect output