I want to restrict "rm" command to user who have a sudo access.
example: bob ALL=(ALL) NOPASSWD:ALL
I have given SSH Access to"bob".
i want to restrict "bob" to run "rm" command. Even though if switched to root. Any help!
I want to restrict "rm" command to user who have a sudo access.
example: bob ALL=(ALL) NOPASSWD:ALL
I have given SSH Access to"bob".
i want to restrict "bob" to run "rm" command. Even though if switched to root. Any help!
I think you can't achieve such a goal.
You have several way to remove file from a linux system.
shred /path/to/file
busybox rm /path/to/file
find /path/to/file -delete
mv filename /tmp #file deleted at the reboot
The point here is that there's many way to remove file your best shot is to manage proper rwx authorization and eventually avoid file being remove with selinux
.
Example from question How to remove file without rm
most linux
and only some?
– Arkadiusz Drabczyk
Mar 28 '18 at 12:28
se-linux
I think that's almost the only way to do this. – Kiwy Mar 28 '18 at 12:17rm
or writing their ownrm
and running it. – muru Mar 28 '18 at 12:23