Welcome to the Linux Foundation Forum!

Ubuntu16 - useradd or adduser

Hey guys, recently been trying to work on labs 28.1 and 28.2. I am able to  complete 28.1 but 28.2 just does not work. 

For 28.2 we are supposed to get a restricted shell. Doing rbash -r in the shell works and I cannot change dirs or PATH. However copying "sudo ln /bin/bash /bin/rbash" then creating a "useradd -s /bin/rbash fool" does not work once I "sudo su - fool" then I test changing directories and changing PATH cariable and I am still able to do it. 

Using the "useradd" command was not working when trying to create a new home directory. I noticed in ubuntu 16 it is telling me to use "adduser." With "addsuer" I can easily create the home dirs I want, change shell path (but rbash still not working), and remove the user with "deluser" command.

Either way, using "useradd" or "adduser" I cannot get a restricted shell to work once I "sudo su - user."

Thanks!

Comments

  • luisviveropena
    luisviveropena Posts: 1,249
    edited November 2017

    Hi,

    I was able to reproduce the issue on Ubuntu 16. We are checking on this and we will contact you as soon as we have news.

    Thanks,

    Luis.

  • agnieszka
    agnieszka Posts: 11

    Hello Luis,
    any news on the above.
    I am having exactly the same issue and I cannot track any solution for that.
    OS: Ubuntu 18.04

  • coop
    coop Posts: 916

    It's clearly a bug in Ubuntu -- I verified that you get the same behaviour in 18.02. If you do "man rbash" on ubuntu you will find the behaviour is a direct contradiction to what is supposed to happen. And the symbolic link is already set up on ubuntu by default. I think "rbash" is rarely used so I would not worry much. But it is a bug. We could put a note in the next course version
    (if we haven't already, I forget). Thanks

  • coop
    coop Posts: 916

    Actually, in the lab I have on my machine, it says right after the lab:

    Please Note
    • On some distributions, notably some Ubuntu-based versions, there is a bug which prevents this lab from behaving
    properly. On RedHat-based distributions, the above correct behaviour is observed.

    Don't you have this in your lab? right after the solution.

  • agnieszka
    agnieszka Posts: 11

    Yeap. Now I can see the note on the next page :D
    Many thanks though for your reply.

  • agnieszka
    agnieszka Posts: 11

    Hello hello,
    I have asked about this issue on the askubuntu forum.

    One of the advice was to reload the shell.
    I can confirm that after reboot, rbash behaves as expected, the all restrictions are on in place.

    https://askubuntu.com/questions/1244253/rbash-does-not-work-when-set-as-the-default-shell-for-a-user

  • coop
    coop Posts: 916

    After consulting with smarter people than myself, I became convinced using "rbash" is obsolete and there are much better ways of controlling people today, such as the use of linux security modules such as LSM.
    THe rbash discussion is a relic and will be removed in future versions. This is why such a buggy behaviour can persist in Ubuntu (no one cares :) probably ). So don't worry about this detail

Categories

Upcoming Training