LinuxQuestions.org
Visit Jeremy's Blog.
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Other *NIX Forums > *BSD
Reload this Page Restrict what commands users can use?
User Name
Password
*BSD This forum is for the discussion of all BSD variants.
FreeBSD, OpenBSD, NetBSD, etc.

Notices


Reply
  Search this Thread
Old 11-30-2006, 03:02 AM   #1
jasone
Member
 
Registered: Oct 2004
Location: Sweden
Distribution: FreeBSD, OpenBSD, Debian Etch
Posts: 160

Rep: Reputation: 30
Restrict what commands users can use?

Hi!

Edit: I use FreeBSD 6.1 and OpenBSD 4.0 on my servers.

Is there a way to control what commands users can use? I would like some users to only have the ability to use cd, ls, nano or vi, mkdir, rm and cat (maybe some more). I want a trusted group to be able to use screen, irc, centericq, wget and links as well. Can I do this without a jail?

Thanks in advance!
Last edited by jasone; 11-30-2006 at 06:29 AM.
 
Old 11-30-2006, 06:50 AM   #2
frob23
Senior Member
 
Registered: Jan 2004
Location: Roughly 29.467N / 81.206W
Distribution: OpenBSD, Debian, FreeBSD
Posts: 1,450

Rep: Reputation: 48
Yes you can, but you'll be working on changing file permissions throughout the file system.

Code:
find / -type f -exec chmod o-x {} \; -print
This assumes you use tcsh, you need to use \{\} if you use bash. Then add a couple of groups, one for the class of user you want. And chgrp each program you want them to be able to use. You must make sure that the people in the higher access group are also in the lower access group.

This is the old-school way of doing it. And is not very complicated from a minimalist approach.

Keep in mind that when you upgrade the base system or reinstall a port, all these settings are going to get screwed up. So you may want to create a script to automatically fix the settings after upgrades.
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
ProFTPd restrict all users to /fs ? dbc001 Slackware 12 07-28-2006 04:49 PM
restrict/allow ssh users mike30188 Linux - Security 2 06-20-2005 08:37 PM
restrict unix users to ~ novaprime Linux - Software 20 01-25-2005 11:41 PM
restrict space for some users in directories CleonII Linux - Security 5 02-25-2004 10:08 AM
How to restrict email from users... Supp0rtLinux Linux - Software 1 01-08-2003 03:37 AM

LinuxQuestions.org > Forums > Other *NIX Forums > *BSD

All times are GMT -5. The time now is 11:36 AM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration