Forum Discussion

Altostratus

Nov 19, 2013

Role based access of specific Unix like commands?

Hello Folks, Is there a way in BIG-IP where we can configure a user with specific command privileges rather than allowing all? For eg. the user should be able to execute "cat" command in order t...

role based user access

TMSH

Kevin_Stewart

Employee

Nov 19, 2013

The ironic thing about this is that you could technically either create a non-admin user with rights to access the Linux shell, but no rights to access specific command line utilities, or mess with SELinux to restrict specific commands, except that the BIG-IP management plane wouldn't allow anyone less than an administrator to have Linux shell access. The better option, as Steve has stated, is to assign user roles and TMSH access. F5 has gone to great lengths to "wrap" useful shell commands into TMSH so that they can be used safely.

Forum Discussion

Role based access of specific Unix like commands?

Recent Discussions

Wildcard SSL Certificate Deployment on F5 LTM

Migration from i series 10200 with 1 child VCMP to r series 10900 series

Open Redirection Mitigation

GTM Packet Capture command

How to Implement 2 Way SSL in F5 LTM

Related Content

Federated AWS Console Access Made Easy: F5 BIG-IP Access Policy Manager Access Guided Configurations

Power of tmsh commands using Ansible

find specific SNMP OID

Ansible - Running bash commands with bigip_command module - How it's done

Load balancing method specific decision