mbash - security/yeslogin - Rivoreo Source Code Repositories

 #!/bin/sh

 if [ $# -gt 0 ]; then
 	printf "[%s] %s %s [%s %s] (#=%s)\\n" "`date +%F.%T.%Z`" "$USER" "$SSH_CLIENT" "$0" "$*" "$#" >> /var/log/shd.log
 fi 2> /dev/null

 # This script only logs any requested command line, then exec to bash(1)
 # directly, if the user is privileged
 #[ "$EUID" = 0 ] && [ "$UID" = 0 ] && exec /bin/bash "$@"
 # Or only if no command was specified via '-c'
 [ "$EUID" = 0 ] && [ "$UID" = 0 ] && [ $# = 0 ] && exec /bin/bash

 SFTP_SERVER_PROGRAM=/usr/lib/openssh/sftp-server
 MAX_PROCESSES=
 #MAX_PROCESSES=64

 if [ "$1" = -c ]; then case "$2" in
 	"scp "*)
 		exec $2
 		;;
 	"$SFTP_SERVER_PROGRAM")
 		exec $SFTP_SERVER_PROGRAM -l DEBUG1
 		;;

 	#"uname -s -v -n -r -m")
 	#	buffer="`uname -vnr`" || exit
 	#	printf 'Linux %s x86_64\n' "$buffer"
 	#	exit
 	#	;;

 	"echo -"*"| passwd")
 		exec 1>&2
 		echo "New password: Re-enter new password: Sorry, passwords do not match"
 		echo "passwd: Authentication token manipulation error"
 		echo "passwd: password unchanged"
 		exit 10
 		;;

 	#"uptime -p")
 	#	buffer=", 1 minute, 1 minute, 1 minute, 1 minute, 1 minute, 1 minute, 1 minute, 1 minute, 1 minute, 1 minute, 1 minute, 1 minute, 1 minute, 1 minute, 1 minute, 1 minute"
 	#	printf "\\x1b[9;0t\\x1b[3;18034;34039t\\x1b[2tup "
 	#	while printf %s "$buffer"; do true; done
 	#	;;

 	#uptime)
 	#	exec uptime
 	#	;;

 	# Enable this if fake nproc(1) from fuck-vvnnmm is installed
 	#"nproc --all")
 	#	exec nproc --all
 	#	;;

 	#"lspci | grep VGA | cut "*)
 	#	exec yes "NVIDIA Corporation GA102 [GeForce RTX 3090] (rev a1)"
 	#	;;
 esac fi

 if [ -n "$MAX_PROCESSES" ]; then
 	if [ -n "$BASH" ]; then
 		ulimit -u "$MAX_PROCESSES"
 	else
 		ulimit -p "$MAX_PROCESSES"
 	fi > /dev/null 2>&1
 fi

 export SHELL=/bin/sh
 LOG_FILE="/var/log/noshell/$USER.`date -u +%F.%H-%M-%S`"
 exec script -c "                                                  export SHELL=/bin/bash; exec /bin/bash $*" -f -q -t $LOG_FILE 2> $LOG_FILE.time
	#!/bin/sh

	if [ $# -gt 0 ]; then
	printf "[%s] %s %s [%s %s] (#=%s)\\n" "`date +%F.%T.%Z`" "$USER" "$SSH_CLIENT" "$0" "$*" "$#" >> /var/log/shd.log
	fi 2> /dev/null

	# This script only logs any requested command line, then exec to bash(1)
	# directly, if the user is privileged
	#[ "$EUID" = 0 ] && [ "$UID" = 0 ] && exec /bin/bash "$@"
	# Or only if no command was specified via '-c'
	[ "$EUID" = 0 ] && [ "$UID" = 0 ] && [ $# = 0 ] && exec /bin/bash

	SFTP_SERVER_PROGRAM=/usr/lib/openssh/sftp-server
	MAX_PROCESSES=
	#MAX_PROCESSES=64

	if [ "$1" = -c ]; then case "$2" in
	"scp "*)
	exec $2
	;;
	"$SFTP_SERVER_PROGRAM")
	exec $SFTP_SERVER_PROGRAM -l DEBUG1
	;;

	#"uname -s -v -n -r -m")
	# buffer="`uname -vnr`" \|\| exit
	# printf 'Linux %s x86_64\n' "$buffer"
	# exit
	# ;;

	"echo -"*"\| passwd")
	exec 1>&2
	echo "New password: Re-enter new password: Sorry, passwords do not match"
	echo "passwd: Authentication token manipulation error"
	echo "passwd: password unchanged"
	exit 10
	;;

	#"uptime -p")
	# buffer=", 1 minute, 1 minute, 1 minute, 1 minute, 1 minute, 1 minute, 1 minute, 1 minute, 1 minute, 1 minute, 1 minute, 1 minute, 1 minute, 1 minute, 1 minute, 1 minute"
	# printf "\\x1b[9;0t\\x1b[3;18034;34039t\\x1b[2tup "
	# while printf %s "$buffer"; do true; done
	# ;;

	#uptime)
	# exec uptime
	# ;;

	# Enable this if fake nproc(1) from fuck-vvnnmm is installed
	#"nproc --all")
	# exec nproc --all
	# ;;

	#"lspci \| grep VGA \| cut "*)
	# exec yes "NVIDIA Corporation GA102 [GeForce RTX 3090] (rev a1)"
	# ;;
	esac fi

	if [ -n "$MAX_PROCESSES" ]; then
	if [ -n "$BASH" ]; then
	ulimit -u "$MAX_PROCESSES"
	else
	ulimit -p "$MAX_PROCESSES"
	fi > /dev/null 2>&1
	fi

	export SHELL=/bin/sh
	LOG_FILE="/var/log/noshell/$USER.`date -u +%F.%H-%M-%S`"
	exec script -c " export SHELL=/bin/bash; exec /bin/bash $*" -f -q -t $LOG_FILE 2> $LOG_FILE.time