Forum Discussion
Kevin_Stewart
Nov 19, 2013Employee
The ironic thing about this is that you could technically either create a non-admin user with rights to access the Linux shell, but no rights to access specific command line utilities, or mess with SELinux to restrict specific commands, except that the BIG-IP management plane wouldn't allow anyone less than an administrator to have Linux shell access. The better option, as Steve has stated, is to assign user roles and TMSH access. F5 has gone to great lengths to "wrap" useful shell commands into TMSH so that they can be used safely.