Given users access to other shell commands

Hello,

How do I give a quickbox user access to more commands? They get “forbidden command” when trying to use “ln” (hardlinking), and I would like to let them run a bash script as well.

Regards

A better jail for additional created users is something that I may port over from the QuickBox Pro version to this community version once I am done with it.

In the meantime, you can open /etc/lshell.conf and add in some additional allowed commands. The file will look like this below:

[global]
logpath         : /var/log/lshell/
loglevel        : 2

[default]
allowed         : ['cd','cp','-d','-dmS','git','irssi','ll','ls','-m','mkdir','mv','nano','pwd','-R','rm','rtorrent','rsync','-S','scp','screen','tar','unrar','unzip','nano','wget']
forbidden       : [';', '&', '|','`','>','<', '$(', '${','sudo','vi','vim','./']
warning_counter : 2
aliases         : {'ls':'ls --color=auto','ll':'ls -l'}
intro           : "== Seedbox Shell ==\nWelcome To Your QuickBox Seedbox Shell\nType '?' to get the list of allowed commands"
home_path       : '/home/%u'
env_path        : ':/usr/local/bin:/usr/sbin'
allowed_cmd_path: ['/home/']
scp             : 1
sftp            : 0
overssh         : ['ls','rsync','scp']

After making your modifications send a restart to lshell with systemctl restart shellinabox

As per running bash scripts, I’d be careful with that as adding bash to be allowed can create issues with users jail breaking from their directories and right onto the server.

2 Likes

Thank you for the quick reply. I will do this.