fedora-users October 2011 archive
Main Archive Page > Month Archives  > fedora-users archives
fedora-users: Re: restricted shell

Re: restricted shell

From: Hugh Caley <hcaley_at_nospam>
Date: Mon Oct 17 2011 - 20:27:53 GMT
To: <users@lists.fedoraproject.org>

Not precisely what you are requesting, but the "sudo" command could be
used to allow your admin root access to certain commands only.

See "man sudo" and "man visudo". The /etc/sudoers file has examples of
this sort of functionality, but should only be edited using the visudo


On Sun, 2011-10-16 at 14:17 +0530, Benjamin wrote:

> I want to configure restricted shell for one of my server.
> I want to allow specific commands only to my local admin , means he
> can use only commands which i allowed for him.no more commands or any
> other bash facility he can't use.
You can look into "chroot"ing, where the other person has a different
root directory, and all the sub-directories, and you copy the commands
that they're allowed to use into their directory tree.

Of course, to do this properly, you also need to make sure that they
can't use a compiler, else they can create their own commands.

-- [tim@localhost ~]$ uname -r Don't send
private replies to my address, the mailbox is ignored. I read messages
from the public lists.
-- */Hugh Caley/ Linux System Administrator Aldon Business Area Rocket
Software* 6001 Shellmound St. Ste. 600 Emeryville, CA 94608 USA
Tel:+1.510.285.8542 Email:hcaley@aldon.com Web:aldon.com

-- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines