# ~/virtual Terminal # Place this file in the/etc/profile.d/directory and add executable permissions. # example:-rwxr-xr-x 1 root root 7340 Oct 18:12/etc/profile.d/vt.sh ############################################################################ # The code at the end of the file, used to implement the virtual terminal used by the user login # do not delete or change # If you have any questions, please contact the Maintenance Manager: xiaoxi227 (QQ451914397) ############################################################################ # The file holds user name and password file format for ==> username: password (one user per line) Passwd_file=/etc/user.password function Red () { # shown in red Echo-e "\033[31;40m$*\033[0m\n" } function Green () { # shown in green Echo-e "\033[32;40m$*\033[0m\n" } # Ignore all signals to prevent users from using CTRL + C or CTRL + Z to exit virtual Terminal (VT) For signal in ' SEQ 1 64 ' Do Trap: $signal &>/dev/null Done Clear function GetChar () # Turn off echo to enter a password { Stty Cbreak-echo DD If=/dev/tty Bs=1 count=1 2>/dev/null Stty-cbreak Echo } ############################################################################### Green "Login is successful. "# User Displays" login success "after UNIX Pam authentication, followed by authentication While: Do Read-p "Please enter user name:" username Echo-n "Please enter your password:" While: Do ret=$ (GetChar) If [x "$ret" = X ""];then Echo Break Fi passwd= "$PASSWD $ret" Echo-n ' * ' Done correct_passwd=$ (gawk-f: "/$username/{print \$2}" $passwd _file) If [-z] $username "-o-z" $passwd "];then Clear Red "User name or password cannot be empty" Continue Fi input_password=$ (echo $passwd | md5sum | gawk ' {print $} ') If [x ' $input _password "! = X" $correct _passwd "];then Clear Red "User name or password is wrong, please re-enter" Else Break Fi Done Title= " ################################################################################## ############################## Virtual Terminal ################################## ################################################################################## " Cat | More <<eof $title Instructions for use: Welcome to Virtual Terminal (Vsan Terminal, hereinafter referred to as VT). In this mode, the user can only execute a small number of commands that are allowed to execute, and the other commands will be denied execution. The commands and functions supported by this mode are as follows: CD <DIR> Enter <DIR> directory, provided that the user has permission to enter the directory. The LS function is the same as the LS command in the system, but only the files in the directory with Read permissions can be displayed. This command supports parameters that can be used by the LS command in the system in VT mode. MV <SRC> <DST> Move file <SRC> to <dst> If the path is the same, it means renaming. Users must have read and write access to both <SRC> and <DST>. RM <FILE> Remove <FILE> from the system. When <FILE> is a directory, it will recursively delete all subdirectories and files under subdirectories. The PWD displays the current working path. Download <FILELIST> Download <FILELIST> to this machine When you run this command, the terminal that the user uses must support the Zmodem protocol, such as SECURECRT. To download multiple files, separate each file with a space. If the downloaded file is a directory, the system will automatically pack it and download it. Upload upload files to the system, after running this command, the terminal will pop up a dialog box, press the prompt to select the file upload. Note: When you run this command, the terminal that the user uses must support the Zmodem protocol, such as SECURECRT. passwd to modify your login password For additional features, contact your administrator, VT Maintenance Manager: xiaoxi227 (qq:451914397) $title Eof ECHO-E "Currently logged on User: \033[32;40m$username\033[0m" Logfile=/var/log/vt.log function run () # This is used to execute commands for the user and log log { Local command= "[email protected]" { Echo-n-E "\033[32;40m$username\033[0m\033[7g--" Echo-n-E "\033[31;40m ' Date ' +%y-%m-%d%h:%m:%s '--\033[0m$command" Echo } | Sed ' s/sz/download/g;s/rz/upload/g ' >> $logfile $command } # usually developers need to deploy a program that is in the same directory, so specify the root directory for it, and limit the permissions to that directory only. ROOT_DIR=/USR # In this example using the/USR directory test CD $ROOT _dir # Enter the user's "root directory" While: # dead loop Read user input Do # The hostname is written as "localhost" and you can write $hostname, so the hostname will be displayed. READ-E-P "[${username}localhost ${pwd##*/}]$" REPLY # as the above statement simulates the creation of a shell prompt (actually fake) # Separating commands and parameters command=$ (echo $REPLY | gawk ' {print $} ') option=$ (echo $REPLY | sed-r "s/^ $COMMAND//g;s/^[[:space:]]+//g") # Determine what commands to execute, and set different actions based on different commands. Here are a few of the commands implemented in this example: Case $COMMAND in CD|LS) # when the CD command is executed and the parameter is empty, the default CD is to the root directory, and the behavior is consistent with the CD command in the system. If [x "$OPTION" = X ""-A X "$COMMAND" = x "CD"];then CD $ROOT _dir Continue Fi # determine if the first character of the parameter is not "/", if not, the description wants the CD or LS to be relative to the path. # This is the current directory of the file live directory, at this time the user is authorized. First_char=${option:0:1} If [x ' $first _char "! = X"/"];then Run $REPLY Else # if it is an absolute path, then determine if the path starts with $root_dir, or if the user is not prompted. echo $OPTION | grep-q ^ $ROOT _dir If [$?-eq 0];then Run $REPLY Else echo "$COMMAND: Permission denied." >&2 Fi Fi ;; # Other supported parameters: RM, MV, PWD, passwd and so on, do not write comments, understand it. RM|MV) If [x "$COMMAND" = X "rm"];then rm= '-rf '; else rm= '; fi Run= ' OK ' For _file in $OPTION Do echo $_file | Grep-q '-' [$?-eq 0] && { Red "This command does not support parameters in VT mode"; Continue } echo $_file | grep-q ^ $ROOT _dir Ret=$? First_char=${_file:0:1} If [x "$first _char" = x "/"];then If [$ret-ne 0];then run= ' Not OK ' Fi Fi Done If [x "$run" = x "OK"];then Run $COMMAND $RM $OPTION Else echo "$COMMAND: Permission denied." >&2 Fi ;; Pwd Run $REPLY ;; Upload Run RZ ;; Download For _file in $OPTION Do if [!-D $_file];then echo "Start download file: $_file" Run SZ $_file [$?-eq 0] && green "Download Complete" | | Red "Download Failed" Else echo "${_file} is a directory that is being packaged as a ${_file}.tar" TAR-CF ${_file}.tar $_file [$?-eq 0] && Green "package complete, start download ${_file}.tar" \ || {Red "package failed to download"; continue;} Run SZ ${_file}.tar [$?-eq 0] && { Green "Download Complete" echo "Deleting packaged Files" RM-RF ${_file}.tar [$?-eq 0] && Green "Delete succeeded" \ || Red "Delete Failed" } || Red "Download Failed" Fi Done ;; passwd READ-E-s-p "Please enter your old password:" old_passwd echo ' ****** ' old_passwd=$ (echo $old _passwd | md5sum | gawk ' {print $} ') If [x ' $old _passwd "! = X" $correct _passwd "];then Red "Password input error" Continue Else READ-E-s-p "Please enter a new password:" New_passwd1 echo ' ****** ' READ-E-s-p "Please repeat the new password:" New_passwd2 echo ' ****** ' If [x ' $new _passwd1 "! = X" $new _passwd2 "];then Red "Two input passwords are inconsistent" Continue Else new_passwd=$ (echo $new _passwd1 | md5sum | gawk ' {print $} ') Sed-i "/$username/s/.*/$username: $new _passwd/g" $passwd _file Fi Fi ;; "") Continue ;; *) echo "-bash: $COMMAND: COMMAND not Found" >&2 ;; Esac Done |