I need to give a non-expert user root level access to all files on a bunch of live CentOS servers but only in a read only mode (long story which I won't go into here).
The existing permission scheme on these servers is less than ideal (inherited issues with custom software) so I'm trying to think of a way I can service this request without screwing with the existing permissions too much/at all.
My first thought was to see if there's a read only shell available. A quick Google throws up ROSH on syslinux and not much else.
I think ksh might have a restricted mode I can use as an alternative, but need to look at this in more detail.
I'm just wondering if anyone here has had to effectively create a read only root-level user, and if so how did you achieve that?
Or does anyone have any recommendations for a read only shell, or a shell with an appropriate restricted mode for this which is quick to setup?
Thanks in advance for any help!