Hi everyone !

I got "viewer" and "root" user on a *nix computer. When i log in using "viewer" I only can use "df" command. When I try another command like "ls" it say :

-bash: ls: command not found

I checked permission of "/bin/ls" file, it has excute permission for everyone. Inside home directory of "viewer" there's only a directory "bin" and within it only the "df" file.

Can anyone tell me how to restrict command for an user like that ?

You might want to check if this is a chroot environment (it looks like one) or if that user has a restricted shell, which can be checked in /etc/passwd (look for the shell entry).
To make sure, try to cd into another directory or try to call ls by it's full path /bin/ls and check what error you might get.

If this viewer user should be enhanced by additional commands, you might want to copy those binaries he should be able to use into that ./bin directory inside his home directory. Some tools require libraries to work correctly, which you can check with the tool ldd. You might need to copy it there too to an adequate path so it can be found by the binary.

This could be due to a change in the value of $PATH.

$ which ls
/bin/ls
$ PATH=/sbin
$ ls /bin/ls
-bash: ls: command not found
$ /bin/ls /bin/ls
/bin/ls

Can you please explain about chroot and what is restricted shell ? In /etc/passwd the shell of viewer is /bin/bash

@alister : I checked the $PATH and yes it is /home/viewer/bin. And using the full path of other command has no problem. But I still have one question why I can use cd and echo command ( not full path ) while they're not in /home/viewer/bin . Because they're Built-in command ?

Thanks for help !!
Camus

yes, you get it. cd and echo commands are implemented as part of shell itself, that is so called shell built-in. And thus these builtin command are always available in a running shell and have nothing to do with PATH envroment variable