Restrict command for an user ?


 
Thread Tools Search this Thread
# 1  
Restrict command for an user ?

Hi everyone !

I got "viewer" and "root" user on a *nix computer. When i log in using "viewer" I only can use "df" command. When I try another command like "ls" it say :

-bash: ls: command not found

I checked permission of "/bin/ls" file, it has excute permission for everyone. Inside home directory of "viewer" there's only a directory "bin" and within it only the "df" file.

Can anyone tell me how to restrict command for an user like that ?

Last edited by camus; 12-30-2009 at 04:18 AM..
# 2  
You might want to check if this is a chroot environment (it looks like one) or if that user has a restricted shell, which can be checked in /etc/passwd (look for the shell entry).
To make sure, try to cd into another directory or try to call ls by it's full path /bin/ls and check what error you might get.

If this viewer user should be enhanced by additional commands, you might want to copy those binaries he should be able to use into that ./bin directory inside his home directory. Some tools require libraries to work correctly, which you can check with the tool ldd. You might need to copy it there too to an adequate path so it can be found by the binary.
# 3  
This could be due to a change in the value of $PATH.

Code:
$ which ls
/bin/ls
$ PATH=/sbin
$ ls /bin/ls
-bash: ls: command not found
$ /bin/ls /bin/ls
/bin/ls

If it's a PATH issue, you should still be able to run the command if you invoke it by specifying the path to the command with either an absolute or relative pathname (must contain a forward slash).

Last edited by alister; 12-30-2009 at 03:39 PM..
# 4  
Quote:
Originally Posted by zaxxon
You might want to check if this is a chroot environment (it looks like one) or if that user has a restricted shell
Can you please explain about chroot and what is restricted shell ? In /etc/passwd the shell of viewer is /bin/bash

@alister : I checked the $PATH and yes it is /home/viewer/bin. And using the full path of other command has no problem. But I still have one question why I can use cd and echo command ( not full path ) while they're not in /home/viewer/bin . Because they're Built-in command ?

Thanks for help !!
Camus
# 5  
Quote:
Originally Posted by camus
Can you please explain about chroot and what is restricted shell ? In /etc/passwd the shell of viewer is /bin/bash

@alister : I checked the $PATH and yes it is /home/viewer/bin. And using the full path of other command has no problem. But I still have one question why I can use cd and echo command ( not full path ) while they're not in /home/viewer/bin . Because they're Built-in command ?

Thanks for help !!
Camus
yes, you get it. cd and echo commands are implemented as part of shell itself, that is so called shell built-in. And thus these builtin command are always available in a running shell and have nothing to do with PATH envroment variable
 

Previous Thread | Next Thread
Thread Tools Search this Thread
Search this Thread:
Advanced Search

Test Your Knowledge in Computers #816
Difficulty: Medium
In CSS, E#myid matches an E element with a 'myid' class name.
True or False?

10 More Discussions You Might Find Interesting

1. HP-UX

Restrict ssh for particular user

Dear Concern, We want to restrict ssh for particular user "oracle". Our HP UX version is as below. Please advise. # uname -a HP-UX tabsdb02 B.11.31 U ia64 2963363594 unlimited-user license (2 Replies)
Discussion started by: makauser
2 Replies

2. UNIX for Dummies Questions & Answers

Restrict a user from Executing particular command

hi how to restrict a user ro run rm command. In this scenario we have a user/group has below in sudoers user ALL=(ALL) ALLis there a way to restrict the user from just executing rm command (9 Replies)
Discussion started by: robo
9 Replies

3. AIX

How to restrict user to a particular directory?

hi, I want to restrict some user access to only 1 directory (including all sub-directories/files in it). can you please explain me, how can we do this? example; Filesystem GB blocks Used Free %Used Mounted on /dev/hd4 2.61 1.02 1.59 40% / /dev/hd2 ... (7 Replies)
Discussion started by: aaron8667
7 Replies

4. Red Hat

Restrict user access

Hi there I have an application user on my system that wants accesses to these file systems as such: rwx: /SAPO /SAPS12 /R3_888 /R3_888B /R3_888F /R3_888R r: /usr/sap these are the existing FS permissions:ownerships: # ls -ld /SAPO (9 Replies)
Discussion started by: hedkandi
9 Replies

5. UNIX for Dummies Questions & Answers

Restrict user access.

Hi All, How can we restrict a particular user access to a particular shell in solaris 10. Thanks in Advance. (5 Replies)
Discussion started by: rama krishna
5 Replies

6. Red Hat

Restrict user to a particular directory

Hi I have a Fedora10 server and i need a particular user to view files only in a particular folder. All other files in other folders having "read" permission for all shouldn't be accessible to this user. Please let me know if ther's a way. Thanks, HG (5 Replies)
Discussion started by: Hari_Ganesh
5 Replies

7. AIX

New user and restrict path

Hello I have a question in Aix 5.3 can I create a user, that only can see a specify path. I mean the user log in the default path its /home/newuser he type cd the path that need to check /example/directory_check but if he wants to go to / or any other path. we can not do this. I only... (1 Reply)
Discussion started by: lo-lp-kl
1 Replies

8. Solaris

How to restrict the perticular command to user

Hi all, I want to restrict the perticular command to user. ex: CD, CP, mv etc ., "A" user cannot user CD, CP, mv commands from his home directory. so please let me know the procedure how to restrict the commands access to user "A". I really thankfull to all.... (3 Replies)
Discussion started by: murthy76
3 Replies

9. UNIX for Dummies Questions & Answers

how do U restrict a user to a single directory?

specifically - I don't need to restrict a user to a single directory - but I want them to be "ROOTED" to their home directory. so if my home directory is /home/onlyme when I login - if I do a pwd - I want to see: / but in real life I will be in /home/onlyme - it just appears as root to... (10 Replies)
Discussion started by: itobenon
10 Replies

10. Solaris

restrict a user to certain command

Hi all, I am using Sun OS 5.10. I am new to Unix. Is there some way to restrict a specific user to certain command say "/usr/bin/more" ?? for example: I want that user1 can execute more command & user2 can't. Can we somehow edit .profile file in the home directory of user to achieve... (1 Reply)
Discussion started by: vikas027
1 Replies

Featured Tech Videos