You want to grant root privileges to another user, but permit only certain commands to be run.
Share your root privileges via SSH [Recipe 5.18] and add forced commands to ~root/.ssh/authorized_keys.
Using SSH forced commands, you can limit which programs a user may run as root. For example, this key entry:
~root/.ssh/authorized_keys: command="/sbin/dump -0 /local/data" ssh-dss key...
permits only the command /sbin/dump -0 /local/data to be run, on successful authentication.
Each key is limited to one forced command, but if you make the command a shell script, you can restrict users to a specific set of programs after authentication. Suppose you write a script /usr/local/bin/ssh-switch:
#!/bin/sh case "$1" in backups) # Perform level zero backups /sbin/dump -0 /local/data ;; messages) # View log messages /bin/cat /var/log/messages ;; settime) # Set the system time via ntp /usr/sbin/ntpdate timeserver.example.com ;; *) # Refuse anything else echo 'Permission denied' 1>&2 exit 1 ;; esac
and make it a forced command:
~root/.ssh/authorized_keys: command="/usr/local/bin/ssh-switch $SSH_ORIGINAL_COMMAND" ssh-dss key...
Then users can run selected commands as:
$ ssh -l root localhost backups Runs dump $ ssh -l root localhost settime Runs ntpdate $ ssh -l root localhost cat /etc/passwd Not authorized: Permission denied
Take care that your forced commands use full paths and have no shell escapes, and do not let the user modify authorized_keys. Here's a bad idea:
~root/.ssh/authorized_keys: DON'T DO THIS!!!! command="/usr/bin/less some_file" ssh-dss key...
since less has a shell escape.
ssh(1), sshd(8), sshd_config(5).