Creating User in Linux for running specific command

 Published On March 23, 2019

Normally user in linux has permission to execute commands which are available in /bin/ and /usr/local/bin/, \ So to restrict the user to run only particular set of commands, follow the below steps.

  • Step-1 - Create a copy of shell in restricted mode
# cp /bin/bash /bin/rbash
  • Step-2 - Create a user in above created restricted shell
# useradd -s /bin/rbash <username>
  • Step-3 - If you have already created user, than change the shell by typing below command.
# usermod -s /bin/rbash <username>
  • Step-4 - Create a directory under /home/<username>/, e.g. limitcommand
# mkdir /home/<username>/limitcommand
  • Step-5 - Now to restrict command from user you need to edit /home/<username>/.bash_profile
# cat /home/localuser/.bash_profile  
# .bash_profile  

# Get the aliases and functions  
if [ -f ~/.bashrc ]; then  
. ~/.bashrc  
# User specific environment and startup programs
export PATH
  • Step-6 - Now loggin with the , you will be surprised that user cant run a simple command too.
# ls  
-rbash: ls: command not found  
# clear  
-rbash: clear: command not found  
# date  
-rbash: date: command not found  
  • Step-7 - Now create the softlinks of commands which are required for user <username> to execute in the directory /home/<username>/limitcommand
# ln -s /bin/date /home/<username>/limitcommand/ 
# ls -ltr /home/<username>/limitcommand/ 
total 2 
lrwxrwxrwx 1 root root 4 Feb 19 12:53 date -> /bin/date  
  • Step-8 - Now login with <username> and run the softlinked command
# date
Sat Mar 23 15:53:42 IST 2019

Tags: User


comments powered by Disqus