Comment 3 for bug 1627621

Note that most of these 'restricted shells' tend to be .. porous. If you want to use one, it'd be a good idea to wrap it in an AppArmor profile that would provide belt-and-suspenders approach. e.g., this untested profile would probably solve the issue for you:

/usr/bin/lshell {
  #include <abstractions/base>

  /usr/bin/lshell rmix,
  /usr/lib/python2.7/dist-packages/ r,
  /usr/lib/python2.7/dist-packages/lshell-0.9.17.egg-info r,
  /usr/lib/python2.7/dist-packages/lshell/ r,
  /usr/lib/python2.7/dist-packages/lshell/** r,
  /usr/bin/python2.7 rmix,

  /etc/lshell.conf r,
  /bin/ls rmix,
}

Just add rules for whatever you'd like it to support.

Save it in /etc/apparmor.d/usr.bin.lshell and reload it with sudo systemctl reload apparmor.service. Check dmesg output for DENIED lines and amend as needed.

Thanks