fuadmin 0.6.1 Cory Marsh

fuadmin
	Configure an indevidual user (not supported currently)
fuadmin -c
	Generate a database of MD5 hashes and a user template.

DESCRIPTION

fuadmin is a configuration program to aid administrators is configuring fush(1)
on their systems.  fuadmin creates an MD5 hash database of each file in your
PATH.  This database is stored in /usr/local/etc/fush/fush.db.  fuadmin also
creates a template security file which contains all commands in the fush.db and
the default configuration options.

fuadmin makes a 'best guess' about commands before adding them to the template
ACL.  If a command matches one of the following regular expressions, it is not
added.

".*sh.?[\\.0\-9]*$"
".*perl.*"
".*tcl.*"
".*python.*"
".*emacs.*"

In addition to these regular expressions, the following is a list of other
commands that are not added.

xargs
expect
awk
find

CONFIGURING
Run fuadmin as root like so:

fuadmin -c

The -c option tells fuadmin to generate a new database and template file.
fuadmin will go through your PATH and create MD5 sums for each command.

When you start fuadmin, it will prompt you for where you would like to store
your database and template.  If you installed fush in the default directory,
simple press enter to accept the default: '/usr/local/etc/fush'. 

After telling fuadmin where the config files are stored, it will begin to
search though your path and create Md5 sums for each command in your path.
Before searching a path element, fuadmin will ask you if you would like the
path to be included in the list of commands.  You can respond with yes or no,
the answer is not case sensetive.

A typical setup will include adding the /bin, /usr/bin and /usr/local/bin
directories.  I do not typically include the /sbin, /usr/sbin, /usr/local/sbin
or /usr/X11R6/bin paths because most restricted users do not require these
comamnds.

After running fuadmin you will have two new files /usr/local/etc/fush/fush.db,
(the MD5 database) and /usr/local/etc/fush/fush.security (the user
configuration template).  You can now copy the fush.security file to
username.security in the /usr/local/etc/fush directory to setup a new user on
the system.  After copying the file you should edit it to your specific needs.
You should also review the whitelist of commands and make sure that none of
them will alow the user to exec an external command, or run a command that
could compromise the security of your system.

f