only three commands to allow ???

mackay at mackay at
Tue Dec 19 09:17:18 EST 2000

From: Scott D. MacKay

It sounds like you want a restricted menu shell more than a root-enabling

If you don't mind the potential that they could break to a shell (as a
regular user, not as root), I would suggest making a shell script which
would act as a menu system for them, making it their default shell.
Provide a nice interface to select each option.  Each option, of course,
would actually be SUDOed like the example at the end.  Note example does
not trap signals or anything.  For a tad bit more security, convert it to a
C program.
Always use visudo; it is smart.  Upon invocation, sudo reads the config
file so your updates are immediately allowable.


echo "Welcome to the menu system.  Press RETURN to begin."
while read pause;do
    echo "Options"
    echo "======="
    echo "1) Reboot server"
    echo "99) Quit"
    echo "Enter selection below"
    read command
    if [ "$command" = "1" ] ; then
        /usr/local/bin/sudo /usr/sbin/reboot
   elif [ "$command" = "99" ] ; then
       echo "Bye Bye!"

"Kamal, Nasir" <Nasir.Kamal at> on 12/18/2000 06:02:11 PM

To:   "'sudo-users at'" <sudo-users at>
cc:    (bcc: Scott D. MacKay/943904/EKC)
Subject:  only three commands to allow ???

I am just a novice for sudo, started working today.
I want a user named "nasir", to be able to run only three commands and
nothing else after telneting the machine ultra4.
The commands are:

Where https-*** are different directories each having start and stop script
in it.

Also let me know can I edit /etc/sudoers file manually or do I have to use
visudo command ?? After editing the file what command should I run so that
sodu program reads the new config??

Thanks in Advance.

Nasir Kamal
(609)-720-1818 x. 1608
Pay your bills in nanoseconds

sudo-users mailing list <sudo-users at>
For list information, options, or to unsubscribe, visit:

More information about the sudo-users mailing list