[sudo-users] Restrict shells but allow execution of init scripts

Robert Petkus rpetkus at bnl.gov
Thu Jun 30 12:13:55 EDT 2011

I'm looking for a way to restrict users from launching a root shell 
using sudo but would like to allow the execution of system init shell 
scripts.  What would be the most logical means to proceed?

Currently, I have config lines like so:
Cmnd_Alias      SHELLS = /usr/bin/*sh*, /sbin/*sh*, /bin/*sh*

Thanks in advance!

More information about the sudo-users mailing list