ZBMenu

[ /home ] [ /etc/motd ] [ /bin ] [ /etc ] [ /var ] [ /sbin ]
[ /usr/bin/find ] [ Members ]

Here's a quick link to the main tarball download. More downloads can be found at the bottom of the page.

I recommend you read the material on this page before attempting to use the ZBMenu, although most of this information is duplicated in the README file inside the download.

Introduction

ZBMenu is a menu based login shell, written using the C programming language. ZBMenu can also be run as a "normal" standalone program, but was designed for use as a restricted shell environment for backup operators, etc.

This is still very much under development, and most of the buffers within the program are still unchecked. Make of that what you will!

Configuration and General Usage

One C source file, menusys.c, provides all of the required functionality. Each user who uses the program (as a login shell, or otherwise) must have a <username>.conf file under the /etc/zbmenu directory. For example, /etc/zbmenu/kevin.conf. This file provides the configuration for this particular users login shell, and specifies which programs they can launch, and also what text is displayed on their menu. This file is parsed by the shell when it is launched.

Each line of the configuration file has the following syntax:

For example, a sample line could be:

You can also launch the process in a seperate shell invocation, e.g:

but on a modern Linux system this shouldn't be necessary.

This file has a limit of 20 lines maximum. Any more, and the shell will reject the configuration file and exit. This is a hard-coded limit - chosen to keep the shell fast and lean. You can, of course, increase the value of MAX_OPTS in the source and recompile, but if a user needs more than 20 commands, maybe they should be using a true restricted command-interpreting shell, rather than a menu based system. Incidentally, you could also set up /bin/sh -r as a launchable command from the menu itself, and launch the restricted shell from the menu - ZBMenu is a highly versatile system!

Once configuration is complete and the shell is launched, the user is presented with their customised menu. Each option is prefixed with a number, which the user types, followed by enter, in order to launch the desired process. The screen is then cleared, and the command executes. Once execution is complete and any output displayed, a prompt to "Press enter to continue" appears. Then after enter is pressed, the menu is shown again and the cycle continues.

The user can type 99<enter> at the menu prompt to quit, at which point they are logged off if they are using the menu as their login shell.

A sample session is shown below:

Assuming that /etc/zbmenu/kevin.conf contains:

                  MENU SYSTEM FOR Kevin Waldron
         

       1 - List contents of current directory
       2 - Run daily backup script
       3 - Check free disk space
      99 - QUIT


   Please enter your choice:
   2
   

           Output of command: /usr/local/bin/daily_backup.sh

       Running daily backup.....

       Done dumping to tape (130400 blocks dumped).

       Press enter when done:
       <enter>
       

                  MENU SYSTEM FOR Kevin Waldron
         

       1 - List contents of current directory
       2 - Run daily backup script
       3 - Check free disk space
      99 - QUIT


   Please enter your choice:
   99
   <logout>
   

It is worth noting at this point that if a command is expected to produce more than a terminal heights worth of output, the output should be piped through a pager such as more, e.g. with a .conf file entry such as:

Check that your pager does not allow you to drop into an editor, such as vi via a keystroke, as this would defeat the restricted nature of the shell. On my version of more, the v keystroke only works when reading from files, not pipes.

If the user enters ^C at the menu prompt, it logs them out of the system. Interactive scripts can be run from the shell, by placing the appropriate line in the .conf file, e.g:

If any calls to read, etc, are made in the script, execution will behave as expected and allow the user to input text as usual. If they enter ^C to crash the script, the process will terminate and the "Press enter to continue" prompt will appear.

Obviously, placing an entry such as:

in the .conf file would be asking for trouble, as a shell can be launched from within vi, as it can from many other commands. Use your head when making commands available in a restricted environment, as not to give the user elevated priveledges like this accidentally!

Installation

In the following instructions, a prompt of $ indicates a command that should be carried out as a standard user, whereas # indicates a command that must be issued as root.

No special libraries, no makefile (for a single C source file, this would be uneccesary), no fuss, just a simple

will produce the required binary.

Next, make your .conf directory:

Install the menusys binary in your local binary directory:

Assuming a username of "test_one", create the users .conf file:

The zbmenu directory and the .conf file must be world READABLE, so that the users shell process can access it during login.

The user "test_one" can now access the shell interactively by typing (assuming /usr/local/bin is in their PATH):

Installation as a login shell

Assuming that the above instructions have already been followed, installing ZBMenu as a users login shell is simple. Just add /usr/local/bin/menusys to /etc/shells. Then, edit /etc/passwd using vi or preferably vipw and set the appropriate user(s) login shell to /usr/local/bin/menusys.

You're done!

Downloads

Full source code and README file zbmenu-0.4.tar.gz
As always, the software is released under the terms of the GNU General Public Licence.

Bugs, comments, feedback, suggestions

I would like to hear all of the above, so please contact me.

I hope you find this software useful. Enjoy.