Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Restrict a user from Executing particular command
Top Forums UNIX for Dummies Questions & Answers Restrict a user from Executing particular command Post 302962111 by cjcox on Tuesday 8th of December 2015 12:19:27 PM
Old 12-08-2015
Quote:
Originally Posted by robo
hi

how to restrict a user ro run rm command.

In this scenario we have a user/group has below in sudoers

Code:
user ALL=(ALL) ALL

is there a way to restrict the user from just executing rm command
In a sudo context, usually you don't want these kind of "everything" entries. So the best solution is to just have rules for the things you do want the user to be able to do through sudo.

However, back to the general statement.... one way is to create a custom application firewall (e.g. apparmor) and set that new apparmored shell to be the user's shell.

You would need to not only restrict rm, but the ability to start up a different shell (gets very complex at this point since many utilities allow you to spawn a shell.

The better answer is to specific sudo rules for what you want to allow....
This User Gave Thanks to cjcox For This Post:
robo
 

10 More Discussions You Might Find Interesting

1. Solaris

restrict a user to certain command

Hi all, I am using Sun OS 5.10. I am new to Unix. Is there some way to restrict a specific user to certain command say "/usr/bin/more" ?? for example: I want that user1 can execute more command & user2 can't. Can we somehow edit .profile file in the home directory of user to achieve... (1 Reply)
Discussion started by: vikas027
1 Replies

2. Solaris

How to restrict the perticular command to user

Hi all, I want to restrict the perticular command to user. ex: CD, CP, mv etc ., "A" user cannot user CD, CP, mv commands from his home directory. so please let me know the procedure how to restrict the commands access to user "A". I really thankfull to all.... (3 Replies)
Discussion started by: murthy76
3 Replies

3. AIX

New user and restrict path

Hello I have a question in Aix 5.3 can I create a user, that only can see a specify path. I mean the user log in the default path its /home/newuser he type cd the path that need to check /example/directory_check but if he wants to go to / or any other path. we can not do this. I only... (1 Reply)
Discussion started by: lo-lp-kl
1 Replies

4. UNIX for Dummies Questions & Answers

Restrict command for an user ?

Hi everyone ! I got "viewer" and "root" user on a *nix computer. When i log in using "viewer" I only can use "df" command. When I try another command like "ls" it say : -bash: ls: command not found I checked permission of "/bin/ls" file, it has excute permission for everyone. Inside home... (4 Replies)
Discussion started by: camus
4 Replies

5. Red Hat

Restrict user to a particular directory

Hi I have a Fedora10 server and i need a particular user to view files only in a particular folder. All other files in other folders having "read" permission for all shouldn't be accessible to this user. Please let me know if ther's a way. Thanks, HG (5 Replies)
Discussion started by: Hari_Ganesh
5 Replies

6. UNIX for Dummies Questions & Answers

Restrict user access.

Hi All, How can we restrict a particular user access to a particular shell in solaris 10. Thanks in Advance. (5 Replies)
Discussion started by: rama krishna
5 Replies

7. Red Hat

Restrict user access

Hi there I have an application user on my system that wants accesses to these file systems as such: rwx: /SAPO /SAPS12 /R3_888 /R3_888B /R3_888F /R3_888R r: /usr/sap these are the existing FS permissions:ownerships: # ls -ld /SAPO (9 Replies)
Discussion started by: hedkandi
9 Replies

8. AIX

How to restrict user to a particular directory?

hi, I want to restrict some user access to only 1 directory (including all sub-directories/files in it). can you please explain me, how can we do this? example; Filesystem GB blocks Used Free %Used Mounted on /dev/hd4 2.61 1.02 1.59 40% / /dev/hd2 ... (7 Replies)
Discussion started by: aaron8667
7 Replies

9. Solaris

How to find IP of user machine executing a particular UNIX command?

Hello, Our applications are deployed in SunOS 5.10 servers. All the team members use a same username/pwd to login to the box. Very often we face issue were we could see that weblogic server instance are KILLED and we are not able to trace who executed kill command. All team members use PUTTY to... (2 Replies)
Discussion started by: santtarius
2 Replies

10. HP-UX

Restrict ssh for particular user

Dear Concern, We want to restrict ssh for particular user "oracle". Our HP UX version is as below. Please advise. # uname -a HP-UX tabsdb02 B.11.31 U ia64 2963363594 unlimited-user license (2 Replies)
Discussion started by: makauser
2 Replies

LEARN ABOUT REDHAT

ppmtosixel

ppmtosixel(1)						      General Commands Manual						     ppmtosixel(1)

NAME

       ppmtosixel - convert a portable pixmap into DEC sixel format

SYNOPSIS

       ppmtosixel [-raw] [-margin] [ppmfile]

DESCRIPTION

       Reads  a  portable  pixmap  as input.  Produces sixel commands (SIX) as output.	The output is formatted for color printing, e.g. for a DEC
       LJ250 color inkjet printer.

       If RGB values from the PPM file do not have maxval=100, the RGB values are rescaled.  A printer control header and a color assignment table
       begin the SIX file.  Image data is written in a compressed format by default.  A printer control footer ends the image file.

OPTIONS

       -raw   If  specified,  each  pixel  will  be explicitly described in the image file.  If -raw is not specified, output will default to com-
	      pressed format in which identical adjacent pixels are replaced by "repeat pixel" commands.  A raw file is often an order	of  magni-
	      tude larger than a compressed file and prints much slower.

       -margin
	      If  -margin  is not specified, the image will be start at the left margin (of the window, paper, or whatever).  If -margin is speci-
	      fied, a 1.5 inch left margin will offset the image.

PRINTING

       Generally, sixel files must reach the printer unfiltered.  Use the lpr -x option or cat filename > /dev/tty0?.

BUGS

       Upon rescaling, truncation of the least significant bits of RGB values may result in poor color conversion.  If the original PPM maxval was
       greater	than  100,  rescaling  also reduces the image depth.  While the actual RGB values from the ppm file are more or less retained, the
       color palette of the LJ250 may not match the colors on your screen.  This seems to be a printer limitation.

SEE ALSO

       ppm(5)

AUTHOR

       Copyright (C) 1991 by Rick Vinci.

								   26 April 1991						     ppmtosixel(1)
All times are GMT -4. The time now is 07:37 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy