allow all but some commands

ghantoos / lshell

lshell is a shell coded in Python, that lets you restrict a user's environment to limited sets of commands, choose to enable/disable any command over SSH (e.g. SCP, SFTP, rsync, etc.), log user's commands, implement timing restriction, and more.

GNU General Public License v3.0

434 stars 113 forks source link

allow all but some commands #213

Open NiccsJ opened 2 years ago

NiccsJ commented 2 years ago


[ori-qlab]
#allowed         : 'all' - ['su', 'aws', 'history', 'mongo', 'mongod']
allowed          : 'all' - ['su'] - ['aws'] - ['history'] - ['mongo'] - ['mongod']
#sudo_commands   : 'all'
#path           : ['/']

I want the user to be able to execute all but these commands. see my conf above, I've tried both ways. yet after setting it like this, lshell allows all commands.

Can someone please help me with what is the correct way of setting this?