Hi Davi, it's not possible per user, but per role or group of user (and a group can contain only one user).
Basically, Karaf uses a RBAC (Role Base Access Control) for command. The command are "identified" by scope (for instance foo:bar command means foo is the scope). In the etc folder, you can find the ACL (Access Control List) per scope. For instance, etc/org.apache.karaf.command.acl.bundle.cfg applies on bundle:* commands. In this file, you can define permission per command, and also per command argument. For instance, bundle:install is only executed by users with admin role as we have: install=admin If bundle:refresh can be performed by users with manager role (refresh=manager), bundle:refresh -f can be performed only by admin (refresh[/.*[-][f].*/] = admin). You can find details about ACL on the documentation: https://github.com/apache/karaf/blob/master/manual/src/main/asciidoc/user-guide/security.adoc#console Regards JB On 13/01/2020 13:36, Davi Baldin Tavares wrote: > Hello, > > I would like to hide/show (filter) which commands the user could invoke in a > Karaf remote session. > > If that is not possible by user, is it possible to restrict to all users a > specific set of commands allowed? > > Regards, > > Davi > -- Jean-Baptiste Onofré [email protected] http://blog.nanthrax.net Talend - http://www.talend.com
