WMDE
/
osync
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fixed empty optionnal commands make everything executable

This commit is contained in:
Orsiris de Jong 2015-07-02 16:37:05 +02:00
parent eb10fcc5dc
commit c1123d19cc
1 changed files with 22 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
ssh_filter.sh
View File

@ -1,6 +1,6 @@
#!/bin/bash #!/bin/bash
##### Osync ssh command filter build 2015070201 ##### Osync ssh command filter build 2015070202
##### This script should be located in /usr/local/bin in the remote system to sync / backup ##### This script should be located in /usr/local/bin in the remote system to sync / backup
##### It will filter the commands that can be run remotely via ssh. ##### It will filter the commands that can be run remotely via ssh.
##### Please chmod 755 and chown root:root this file ##### Please chmod 755 and chown root:root this file
@ -46,11 +46,20 @@ case ${SSH_ORIGINAL_COMMAND%% *} in
"df") "df")
Go ;; Go ;;
"$CMD1") "$CMD1")
if [ "$CMD1" != "" ]
then
Go ;; Go ;;
fi
"$CMD2") "$CMD2")
if [ "$CMD2" != "" ]
then
Go ;; Go ;;
fi
"$CMD3") "$CMD3")
if [ "$CMD3" != "" ]
then
Go ;; Go ;;
fi
"sudo") "sudo")
if [ "$SUDO_EXEC" == "yes" ] if [ "$SUDO_EXEC" == "yes" ]
then then
@ -76,14 +85,23 @@ case ${SSH_ORIGINAL_COMMAND%% *} in
then then
Go Go
elif [[ "$SSH_ORIGINAL_COMMAND" == "sudo $CMD1"* ]] elif [[ "$SSH_ORIGINAL_COMMAND" == "sudo $CMD1"* ]]
then
if [ "$CMD1" != "" ]
then then
Go Go
fi
elif [[ "$SSH_ORIGINAL_COMMAND" == "sudo $CMD2"* ]] elif [[ "$SSH_ORIGINAL_COMMAND" == "sudo $CMD2"* ]]
then then
Go if [ "$CMD2" != "" ]
elif [[ "$SSH_ORIGINAL_COMMAND" == "sudo $CMD3"* ]]
then then
Go Go
fi
elif [[ "$SSH_ORIGINAL_COMMAND" == "sudo $CMD3"* ]]
then
if [ "$CMD3" != "" ]
then
Go
fi
else else
Log "Command [$SSH_ORIGINAL_COMMAND] not allowed." Log "Command [$SSH_ORIGINAL_COMMAND] not allowed."
exit 1 exit 1