2

Can I create a whitelist of commands that a standard user can execute in the terminal in Ubuntu 12.04 desktop?

I don't want to block the terminal for the standard user.

Radu Rădeanu
  • 169,590
rishab v
  • 111
  • 4
  • 10
  • 3
    PLEASE START MARKING ANSWERS AS "ACCEPTED" IF INDEED THEY DO ANSWER YOUR QUERY. –  Jul 04 '13 at 11:18
  • 2
    Can you give us examples of the commands you want to whitelist or blacklist? Most commands which can have a significant effect on the system can only be run by root or an administrator. – Warren Hill Jul 04 '13 at 12:34
  • 1
    rishab, you got answers for many questions you made but you didn't marked any one as "accepted". If an answer helps you, upvote it. If an answer "works for you" mark it as accepted by clicking the checkmark next to it. Please take the Ask Ubuntu tour. – Eric Carvalho Jul 04 '13 at 12:46
  • 1
    This is the essentially the same as your other question, see the answer I posted. – Panther Jul 04 '13 at 14:43

1 Answers1

2

Create a new group, let say restricted_group:

groupadd restricted_group

Add the user (that you don't wish to to have access some commands) to restricted_group:

usermod -aG restricted_group restricted_user

Use the chgrp command to change the group of /path_to_directory_with_restricted_commands/restricted_command to restricted_group:

chgrp restricted_group /path_to_directory_with_restricted_commands/restricted_command

Finally, use the chmod command to change file permission:

chmod 750 /path_to_directory_with_restricted_commands/restricted_command

You can also apply permissions to directory:

chmod 0640 /path_to_directory_with_restricted_commands

Source: http://www.cyberciti.biz/faq/protect-command-by-configuring-linux-unix-group-permissions/

Radu Rădeanu
  • 169,590