Welcome Guest, Not a member yet? Create Account  




Question how to restrict shell access?

#1

Is there any way to restrict ADMIN level users from executing shell commands ?
I'm chief information officer, and we are going to implement and deploy VYOS as our primary router at branches,
in my research, I've found out, admin users can execute shell commands !
We have to allow our branches administrators to configure VYOS routers, but not access to OS nor access to the system files.
our security policy preventing us from delegating access from linux administrators to network administrators


please guide me
Reply

#2

You may try to change the /etc/sudoers.d/vyatta file
Reply

#3

nah, ain't working at all

execute vtysh

going to quagga, now you are able to configure routing and etc ... full access to configuration,
But no shell access, non of shell commands like ls, cat, sudo, and ... working

looking for something like that
Reply





Users browsing this thread:
1 Guest(s)