Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: How to restrict root user from running some commands
Top Forums Shell Programming and Scripting How to restrict root user from running some commands Post 302613645 by in2nix4life on Tuesday 27th of March 2012 02:14:36 PM
Old 03-27-2012
If you want to get creative, you could just write wrapper scripts for the commands that you don't want root to run or have limited access too. I've actually done this at a previous workplace that insisted on allowing others (besides me) to have root access on some shared systems. I wrote a wrapper for the rm command and put all types of checks and balances as well as logging into it (there was an issue of data being deleted as the root user and no one fessing up).

This way you can avoid messing with the root account itself as bitlord said.

Just a thought.

Good luck.
 

10 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

Capture of all commands issued by the user “root”

I have to write a script (not C based) that allows to capture of all commands issued by the user “root”. First, I tried to monitor the .bash_history but the commands are written in chunk after the .bash_history is closed. How can I capture the commands in Real-Time without waiting root to... (4 Replies)
Discussion started by: elieifrah@gmail
4 Replies

2. HP-UX

user commands without root access

Hi I have been asked to find out how to 1) create users 2) reset passwords 3) kill processes that may require root privileges without having root password, sudo rights or rights to passwd command Any ideas? Thanks in advance (1 Reply)
Discussion started by: emealogistics
1 Replies

3. Shell Programming and Scripting

How to restrict the number of commands user can execute

Hi all, Is there a way to prevent users from being able to execute commands less a select few? For instance, I wish to allow the user to be only able to execute 1 command, which is exec a.sh. He should not be able to do simple stuff such as ls, cd, rm, cat, etc. Can this be achieved? ... (1 Reply)
Discussion started by: rockysfr
1 Replies

4. Shell Programming and Scripting

As root , running script as different user with su - problem

Dear All I am running into a situation where I am running a script as another user lets say oracle using su command as below, and the script fails because the .profile of oracle is not executed so the environment variables are not set. cat /etc/passwd | grep oracle... (4 Replies)
Discussion started by: dbsupp
4 Replies

5. UNIX for Dummies Questions & Answers

How to allow access to some commands having root privleges to be run bu non root user

hi i am new to unix and i have abig task. i have to \run particular commands having root privileges from a non root user. i know sudo is one of the way but i need sum other approach kindly help Thanks (5 Replies)
Discussion started by: suryashikha
5 Replies

6. UNIX for Advanced & Expert Users

audit user commands of different users under root account

Hi, I would like to know if there is anyway that I can pinpoint the user before/after he connects to the root? Also, I'm trying to find out what are the commands he inputs under root access. (6 Replies)
Discussion started by: pointgetter0
6 Replies

7. Shell Programming and Scripting

Script to run commands as root user

Hello I have a script which is working fine so far to generate HTML file. Now i am wondering how do i include a syntax where it can change itself to root user and execute a specific commands as root user. Please help, Thanks in advance. -Siddhesh (2 Replies)
Discussion started by: Siddheshk
2 Replies

8. AIX

List of AIX commands that can be run by ROOT user ONLY

Hello, I am testing sudo and I want to test it. Can anyone please let me know few commands (of course other than shutdown, reboot etc. as I can't reboot the box) on AIX that can be run by ROOT only. Thanks ---------- Post updated at 07:43 PM ---------- Previous update was at 07:38 PM... (5 Replies)
Discussion started by: prvnrk
5 Replies

9. Shell Programming and Scripting

Running commands in remote node as root user

Platform :Oracle Linux 6.4 We are trying to automate the SAN level cloning from production RAC DB cluster to test. From a shell script, I would like to run the below command Step1,2 and 3 from Node1 in a sequential order as root user . How can I do this ? passwordless for root user is not... (2 Replies)
Discussion started by: kraljic
2 Replies

10. UNIX for Beginners Questions & Answers

Running a command as another non-root user

Hi, I am trying to run a command within my KSH script as another user due to permission issues, now both users are non root. I have tried the following command and was unsuccessful: echo "<password>" | sudo -S -u <username> -k command Can I use sudo to run a command as a non-root user? (5 Replies)
Discussion started by: MIA651
5 Replies

LEARN ABOUT PHP

setuid

SETUID(1)						      General Commands Manual							 SETUID(1)

NAME

       setuid - run a command with a different uid.

SYNOPSIS

       setuid username|uid   command [ args ]

DESCRIPTION

       Setuid  changes	user id, then executes the specified command.  Unlike some versions of su(1), this program doesn't ever ask for a password
       when executed with effective uid=root.  This program doesn't change the environment; it only changes the uid and then uses execvp() to find
       the command in the path, and execute it.  (If the command is a script, execvp() passes the command name to /bin/sh for processing.)

       For example,
	      setuid  some_user  $SHELL
       can be used to start a shell running as another user.

       Setuid  is  useful  inside  scripts that are being run by a setuid-root user -- such as a script invoked with super, so that the script can
       execute some commands using the uid of the original user, instead of root.  This allows unsafe commands (such as editors and pagers) to	be
       used  in  a  non-root  mode inside a super script.  For example, an operator with permission to modify a certain protected_file could use a
       super command that simply does:
	      cp protected_file temp_file
	      setuid $ORIG_USER ${EDITOR:-/bin/vi} temp_file
	      cp temp_file protected_file
       (Note: don't use this example directly.	If the temp_file can somehow be replaced by another user, as might be the case if it's kept  in  a
       temporary  directory,  there  will  be a race condition in the time between editing the temporary file and copying it back to the protected
       file.)

AUTHOR

       Will Deich

								       local								 SETUID(1)
All times are GMT -4. The time now is 06:28 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy