0

I want to restrict "rm" command to user who have a sudo access.

example: bob ALL=(ALL) NOPASSWD:ALL

I have given SSH Access to"bob".

i want to restrict "bob" to run "rm" command. Even though if switched to root. Any help!

Jeff Schaller
  • 67,283
  • 35
  • 116
  • 255

1 Answers1

0

I think you can't achieve such a goal.
You have several way to remove file from a linux system.

shred /path/to/file
busybox rm /path/to/file
find /path/to/file -delete
mv filename /tmp #file deleted at the reboot

The point here is that there's many way to remove file your best shot is to manage proper rwx authorization and eventually avoid file being remove with selinux.

Example from question How to remove file without rm

Kiwy
  • 9,534
  • The last one works only if /tmp is stored in RAM. – Arkadiusz Drabczyk Mar 28 '18 at 12:23
  • 1
    if /tmp is erased at reboot which is the case on most linux today even if not tmpfs – Kiwy Mar 28 '18 at 12:24
  • Or rather at next startup. Also, how do you know that it would happen on most linux and only some? – Arkadiusz Drabczyk Mar 28 '18 at 12:28
  • i want the bob to switch into root but he cannot execute "rm" command – hemasai maddipati Mar 28 '18 at 12:28
  • @hemasaimaddipati it's not possible. Forget about that. Except maybe with selinux but it wouldn't be perfect as there is so many other way to do this. Regarding /tmp it's just an example to illustrate the different possible way. I don't care if it actually is the case on one linux or another, it will be the case on most recent linux. – Kiwy Mar 28 '18 at 12:31