Restrict user to my scripts

XavierJ

Hello,

I'm trying to create a user which only can run some shell scripts I have write for him.

I tried a restricted shell, but my scripts need to access all the system resources. I also had a look at chroot, but it requires to have a whole system in the new root directory.

Is there another solution to restrict my user ?

Xavier.

mfillpot

To allow the user or users to run the scripts you wish for them to run you can set them to belong to a specific group that owns those files, in the case of scripts which need root access you can set the setuid bit (http://en.wikipedia.org/wiki/Setuid) on those specific scripts.

If you wish to limit their activities when it comes to sbin based commands then you will need to go through all directories in their $PATH and modify the groups setting to allow or restrict access to the users.