Linux - ServerThis forum is for the discussion of Linux Software used in a server related context.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
i have a user (john) in server user(john) should not execute any commands (except ssh,exit) can we do this with out scripting ! what is the best way to do this
Surely confining what commands can be run with sudo only works if the user prefixes all his commands with 'sudo' or am I mistaken - wouldn't be the first time
Distribution: Void, Linux From Scratch, Slackware64
Posts: 3,150
Rep:
I guess you could set the users PATH to a folder that only has symlinks to ssh ( isn't exit a bash builtin? ), not too sure how you would stop the user from altering the PATH variable though.
Surely confining what commands can be run with sudo only works if the user prefixes all his commands with 'sudo' or am I mistaken - wouldn't be the first time
thanks for reply ! yes you are mistaken again i tried on sudo already , super user do , we can execute command as another user if i was wrong please let me know
I guess you could set the users PATH to a folder that only has symlinks to ssh ( isn't exit a bash builtin? ), not too sure how you would stop the user from altering the PATH variable though.
Hard links there might work too. Alteration the path can be prevented with rbash or rksh as the login shell for that user. Just also make sure that the home directory and the files in it are not in anyway writable ( or owned by ) the user in question.
Distribution: Mainly Devuan, antiX, & Void, with Tiny Core, Fatdog, & BSD thrown in.
Posts: 5,490
Rep:
Quote:
Originally Posted by Keith Hedger
Surely confining what commands can be run with sudo only works if the user prefixes all his commands with 'sudo' or am I mistaken - wouldn't be the first time
I was under the impression that the O.P. wants the user John to have root power for ssh & exit. If he is given that power using sudo, they are the only programs that he can run as root.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
restrict commands to users
