Operator access. A flexible means for system administrators to grant trusted users access to certain root operations without having to give them full superuser privileges.
Syntax op mnemonic [arg] Key -V Show version number. -l List available commands. Note that this will only display commands you are permitted to run.
Configuration entries are read from /etc/op.conf and all files in lexical order from /etc/op.d with the extension .conf. Files must be owned by root and not have group or other permissions set.
The fields of the entries in the configuration files are separated by white space. Each entry can span several lines and continues until the next alphanumeric string is found at the beginning of a lines (which is taken to be the next mnemonic or variable definition, and thus the beginning of a new entry). Comments can be embedded beginning with a # character. Each entry in the configuration files has the following form:
command [ arg … ] ; [ option … ]
var a variable name, which must be an upper case alphanumeric identifier. Variables are expanded when reading options.
value the remainder of the line is taken to be the value of the variable.
mnemonic a unique, alphanumeric identifier for each operator function.
command the full pathname of the executable to be run by op when the associated mnemonic is chosen.
arg(s) any arguments, either literal or variable, needed by command. Literal arguments are simply specified directly, like specific command options (0Gun) or files (/dev/rmt20). Variable arguments are specified here as $1, $2 … $n;
For a full list look in the options section of the op man page( man op ).
$* indicates any number trailing arguments.
# Define some users
# Define hosts that Fred is restricted to
# Define hosts that Barry is restricted to
# Define user/host access list
# ‘op shell’ – gives user a root shell
# ‘op reboot’ – reboot system
# ‘op shutdown <time>’ – shutdown at a
# certain time. Restricts argument to
# valid values only
/sbin/shutdown -h $1;
# Switch inetd on and off, shows complex
# shell example and ‘string’ arguments. $1
# in this example is expanded by op
inetd /bin/sh -c ‘
case $1 in
on) /usr/sbin/inetd -s ;;
off) /usr/bin/pkill inetd ;;
“He who reigns within himself, and rules passions, desires, and fears, is more than a king” ~ Milton
Related linux commands:
chroot – Run a command with a different root directory
sudo – Execute a command as another user
su – Substitute user identity
Equivalent Windows command: runas – Execute a program under a different user account.