/**
 * Safely change file ownership using execFileSync (no shell invocation).
 * Prevents command injection by not using string interpolation in a shell.
 *
 * @param filePath - Path to the file
 * @param owner - Owner in "user" or "user:group" format
 */
export declare function chownSafe(filePath: string, owner: string): void;
/**
 * Safely change file permissions using execFileSync (no shell invocation).
 * Prevents command injection by not using string interpolation in a shell.
 *
 * @param filePath - Path to the file
 * @param mode - Permission mode (e.g., "0640", "0600")
 */
export declare function chmodSafe(filePath: string, mode: string): void;
/**
 * Safely run useradd for system user creation.
 * Prevents command injection by not using string interpolation in a shell.
 *
 * @param username - Username to create
 * @param options - Additional options
 */
export declare function useraddSafe(username: string, options?: {
    system?: boolean;
    noCreateHome?: boolean;
    shell?: string;
}): void;
/**
 * Safely check if a user exists.
 * Prevents command injection by not using string interpolation in a shell.
 *
 * @param username - Username to check
 * @returns true if user exists
 */
export declare function userExists(username: string): boolean;
/**
 * Safely run systemctl commands.
 * Prevents command injection by not using string interpolation in a shell.
 *
 * @param action - Action to perform (start, stop, enable, disable, daemon-reload)
 * @param serviceName - Optional service name
 */
export declare function systemctlSafe(action: string, serviceName?: string): void;
/**
 * Safely run systemctl commands with suppressed output.
 * Prevents command injection by not using string interpolation in a shell.
 *
 * @param action - Action to perform (start, stop, enable, disable)
 * @param serviceName - Service name
 */
export declare function systemctlSafeQuiet(action: string, serviceName: string): void;
/**
 * Safely remove a directory recursively.
 * Prevents command injection by not using string interpolation in a shell.
 *
 * @param dirPath - Directory path to remove
 */
export declare function rmDirSafe(dirPath: string): void;
/**
 * Safely find the path to a command.
 * Prevents command injection by not using string interpolation in a shell.
 *
 * @param commandName - Command name to find
 * @returns Path to command or null if not found
 */
export declare function whichSafe(commandName: string): string | null;
//# sourceMappingURL=shell.d.ts.map