| Previous | Up | Next |
|---|---|---|
| Managing cluster | Using the web panel | Managing commands |
Command guard allows you to setup regular expression based filtering for commands entered on servers via Ezeelogin shell. Command guard needs to be enabled in Settings in order for this to work.
Setup commands and command groups and then you can allow or disallow a particular command group to a user via user add or user edit
WARNING: Command guard only filters the user input. It does not monitor bash (or any other shell) history. Hence if a user selects a disallowed command from shell history, it can be executed. Also there can be more ways to circumvent the filters you set using certain features of the shell such as tab completion. Generally, this feature can be used to avoid accidental human errors. You may disable history and completion features of shell to make it more effective. Enable virtual shell for user for strict filtering, but it is not an interactive shell (means interactive activities such as file editors, top etc. will not work as in a regular shell). The “Allow” method for command guard which only allow commands matching the given regular expressions is more effective as it disallows anything that does not match (which includes choosing from bash history for example).
| Previous | Up | Next |
|---|---|---|
| Managing cluster | Using the web panel | Managing commands |