only three commands to allow ???

mackay at kodak.com mackay at kodak.com
Tue Dec 19 09:17:18 EST 2000 

From: Scott D. MacKay

It sounds like you want a restricted menu shell more than a root-enabling
application.

If you don't mind the potential that they could break to a shell (as a
regular user, not as root), I would suggest making a shell script which
would act as a menu system for them, making it their default shell.
Provide a nice interface to select each option.  Each option, of course,
would actually be SUDOed like the example at the end.  Note example does
not trap signals or anything.  For a tad bit more security, convert it to a
C program.
Always use visudo; it is smart.  Upon invocation, sudo reads the config
file so your updates are immediately allowable.

-Scott


#!/bin/sh
#
echo "Welcome to the menu system.  Press RETURN to begin."
while read pause;do
    echo "Options"
    echo "======="
    echo "1) Reboot server"
    echo "99) Quit"
    echo "Enter selection below"
    read command
    if [ "$command" = "1" ] ; then
        /usr/local/bin/sudo /usr/sbin/reboot
   elif [ "$command" = "99" ] ; then
       echo "Bye Bye!"
       exit
    fi
done





"Kamal, Nasir" <Nasir.Kamal at Paytrust.com> on 12/18/2000 06:02:11 PM

To:   "'sudo-users at courtesan.com'" <sudo-users at courtesan.com>
cc:    (bcc: Scott D. MacKay/943904/EKC)
Subject:  only three commands to allow ???





I am just a novice for sudo, started working today.
I want a user named "nasir", to be able to run only three commands and
nothing else after telneting the machine ultra4.
The commands are:
/usr/sbin/reboot
/opt/net/suitespot/https-****/stop
/opt/net/suitespot/https-****/sart

Where https-*** are different directories each having start and stop script
in it.

Also let me know can I edit /etc/sudoers file manually or do I have to use
visudo command ?? After editing the file what command should I run so that
sodu program reads the new config??

Thanks in Advance.

Nasir Kamal
Paytrust
(609)-720-1818 x. 1608
Pay your bills in nanoseconds
http://www.paytrust.com

____________________________________________________________
sudo-users mailing list <sudo-users at courtesan.com>
For list information, options, or to unsubscribe, visit:
http://www.courtesan.com/mailman/listinfo/sudo-users

More information about the sudo-users mailing list