Creating a High-risk Command Template
Last updated: 2025-04-18 10:58:49
Overview
To achieve control over operation commands, you may preconfigure high-risk command templates and associate them with access permissions in Bastion Host, as the instructions in this document.
Creating a Custom Template
1. Log in to the BH console.
2. In the left sidebar, choose Permission Mgmt > High-risk Command.
3. On the high-risk command page, click Create Template to open the create new high-risk command template dialog box.
4. In the Create high-risk command template dialog, set the corresponding template name and the commands to be prohibited.
5. Click OK to create the high-risk command template.
Note
The BH system comes with built-in high-risk commands, which are available as options in the permission configuration.
System Built-in High-risk Command Template
Template Name | Impact |
Network configuration | Disabling network APIs may cause network disconnection. |
| Clearing all firewall rules may cause security issues. |
Modify system configuration | Trigger kernel crash. |
Format disk | Formatting the specified disk partition to the ext4 file system may cause data loss. |
| Zero-filling the specified disk partition may cause data loss. |
Modify file permissions | Recursively setting the permissions of the root directory and all its contents to readable, writable, and executable may cause security issues. |
| Recursively setting the owner and group of the root directory and all its contents to root may cause permission issues. |
Delete files and directories | Deleting files or directories may cause system crashes and data loss. |
Was this page helpful?
You can also Contact Sales or Submit a Ticket for help.
Yes
No
Feedback