only three commands to allow ???
mackay at kodak.com
mackay at kodak.com
Tue Dec 19 09:17:18 EST 2000
From: Scott D. MacKay
It sounds like you want a restricted menu shell more than a root-enabling
application.
If you don't mind the potential that they could break to a shell (as a
regular user, not as root), I would suggest making a shell script which
would act as a menu system for them, making it their default shell.
Provide a nice interface to select each option. Each option, of course,
would actually be SUDOed like the example at the end. Note example does
not trap signals or anything. For a tad bit more security, convert it to a
C program.
Always use visudo; it is smart. Upon invocation, sudo reads the config
file so your updates are immediately allowable.
-Scott
#!/bin/sh
#
echo "Welcome to the menu system. Press RETURN to begin."
while read pause;do
echo "Options"
echo "======="
echo "1) Reboot server"
echo "99) Quit"
echo "Enter selection below"
read command
if [ "$command" = "1" ] ; then
/usr/local/bin/sudo /usr/sbin/reboot
elif [ "$command" = "99" ] ; then
echo "Bye Bye!"
exit
fi
done
"Kamal, Nasir" <Nasir.Kamal at Paytrust.com> on 12/18/2000 06:02:11 PM
To: "'sudo-users at courtesan.com'" <sudo-users at courtesan.com>
cc: (bcc: Scott D. MacKay/943904/EKC)
Subject: only three commands to allow ???
I am just a novice for sudo, started working today.
I want a user named "nasir", to be able to run only three commands and
nothing else after telneting the machine ultra4.
The commands are:
/usr/sbin/reboot
/opt/net/suitespot/https-****/stop
/opt/net/suitespot/https-****/sart
Where https-*** are different directories each having start and stop script
in it.
Also let me know can I edit /etc/sudoers file manually or do I have to use
visudo command ?? After editing the file what command should I run so that
sodu program reads the new config??
Thanks in Advance.
Nasir Kamal
Paytrust
(609)-720-1818 x. 1608
Pay your bills in nanoseconds
http://www.paytrust.com
____________________________________________________________
sudo-users mailing list <sudo-users at courtesan.com>
For list information, options, or to unsubscribe, visit:
http://www.courtesan.com/mailman/listinfo/sudo-users
More information about the sudo-users
mailing list