lshell is a shell coded in Python, that lets you restrict a user's environment to limited sets of commands, choose to enable/disable any command over SSH (e.g. SCP, SFTP, rsync, etc.), log user's commands, implement timing restriction, and more.
@dsavineau asked me a while back to add the possibility to use the "-u" flag with sudo to execute a command with a different user (other that the default root). Patch was provided.
--- a/lshellmodule/lshell.py 2013-01-23 11:03:25.104040981 +0100
+++ b/lshellmodule/lshell.py 2013-01-23 11:11:57.866697742 +0100
@@ -363,7 +363,11 @@
# in case of a sudo command, check in sudo_commands list if allowed
if command == 'sudo':
if type(cmdargs) == list:
- if cmdargs[1] not in self.conf['sudo_commands'] and cmdargs:
+ if cmdargs[1] == '-u' and cmdargs:
+ sudocmd = cmdargs[3]
+ else:
+ sudocmd = cmdargs[1]
+ if sudocmd not in self.conf['sudo_commands'] and cmdargs:
if self.conf['strict'] == 1:
if not ssh:
self.counter_update('command')
@dsavineau asked me a while back to add the possibility to use the "-u" flag with sudo to execute a command with a different user (other that the default root). Patch was provided.