How to allow only one command for specific user in sudoers.d/user file

Question

I'm trying to figure out the permissions for running ONLY specific number of commands (here /bin/ls cmd )for a user in sudoers.d/user file.

My sudoers./user file:

user1 ALL=(ALL) /bin/ls

the result after logout/login is that the user1 can run also different cmds (like pwd, cd)

Is it necessary to create specific group with those allowed commands and add the user1 to this group? Or any other solution? Thanks

score 0 · Answer 1 · answered Sep 02 '23 at 16:30

0

In UNIX/Linux you can't limit user to exec only one or few commands. A lot of commands have permissions to be executed by all users in the OS. And this is by design.

answered Sep 02 '23 at 16:30

Romeo Ninov

6,538
1
22
31

How to allow only one command for specific user in sudoers.d/user file

1 Answers1