https://community.hpe.com/t5/operating-system-hp-ux/telnet-access-restrict/m-p/3023877#M131122 Hi,<BR /><BR />Well, you can use the "chroot" command, but take note that all executables must be available using the new directory as root.<BR /><BR />For example, if you want the user to be able to run "ls", you will have to copy the file "/sbin/ls" to "~<USER>/sbin/ls"<BR /><BR />Other than that, you'll have to rely on standard Unix security.<BR /><BR />Ollie.</USER> Tue, 15 Jul 2003 09:38:35 GMT Ollie R 2003-07-15T09:38:35Z https://community.hpe.com/t5/operating-system-hp-ux/telnet-access-restrict/m-p/3023874#M131119 how to restrict users to navigate when connected with telnet????? Tue, 15 Jul 2003 09:19:45 GMT https://community.hpe.com/t5/operating-system-hp-ux/telnet-access-restrict/m-p/3023874#M131119 Massimo_20 2003-07-15T09:19:45Z https://community.hpe.com/t5/operating-system-hp-ux/telnet-access-restrict/m-p/3023875#M131120 Hi,<BR /><BR />You mean like with a restricted shell?<BR /><BR />Change the user's login shell to "/bin/rsh".<BR /><BR />Ollie. Tue, 15 Jul 2003 09:26:41 GMT https://community.hpe.com/t5/operating-system-hp-ux/telnet-access-restrict/m-p/3023875#M131120 Ollie R 2003-07-15T09:26:41Z https://community.hpe.com/t5/operating-system-hp-ux/telnet-access-restrict/m-p/3023876#M131121 sorry but the question is another: the user can not navigate with cd command but also can not list or rename or copy or ... any file in another directory different from his home directory. I want that the home directory for the user will become his root directory. <BR />Thank in advance! Tue, 15 Jul 2003 09:35:29 GMT https://community.hpe.com/t5/operating-system-hp-ux/telnet-access-restrict/m-p/3023876#M131121 Massimo_20 2003-07-15T09:35:29Z https://community.hpe.com/t5/operating-system-hp-ux/telnet-access-restrict/m-p/3023877#M131122 Hi,<BR /><BR />Well, you can use the "chroot" command, but take note that all executables must be available using the new directory as root.<BR /><BR />For example, if you want the user to be able to run "ls", you will have to copy the file "/sbin/ls" to "~<USER>/sbin/ls"<BR /><BR />Other than that, you'll have to rely on standard Unix security.<BR /><BR />Ollie.</USER> Tue, 15 Jul 2003 09:38:35 GMT https://community.hpe.com/t5/operating-system-hp-ux/telnet-access-restrict/m-p/3023877#M131122 Ollie R 2003-07-15T09:38:35Z https://community.hpe.com/t5/operating-system-hp-ux/telnet-access-restrict/m-p/3023878#M131123 ok,<BR />but where i must set the chroot from this user??? I tried to use the chroot command, but i don't know how to use chroot command.<BR />The standard chroot man command use:<BR />chroot directory command <BR />Have you some information about chroot???<BR />Thanks a lot!!!<BR /><BR /><BR /> Tue, 15 Jul 2003 09:45:53 GMT https://community.hpe.com/t5/operating-system-hp-ux/telnet-access-restrict/m-p/3023878#M131123 Massimo_20 2003-07-15T09:45:53Z https://community.hpe.com/t5/operating-system-hp-ux/telnet-access-restrict/m-p/3023879#M131124 Hi,<BR /><BR />According to the chroot(1m) manpage, "This command is restricted to users with appropriate privileges." Looks like you can't use this option just like that.<BR /><BR />However, if you check the manpage for "login(1)", you'll find this reference about the "/etc/passwd" file: "If the command name field is *, a chroot() to the directory named in the directory field of the entry is performed. At that point, login is re-executed at the new level, which must have its own root structure, including a /usr/bin/login command and an /etc/passwd file."<BR /><BR />Hope this helps,<BR /><BR />Ollie. Tue, 15 Jul 2003 09:56:26 GMT https://community.hpe.com/t5/operating-system-hp-ux/telnet-access-restrict/m-p/3023879#M131124 Ollie R 2003-07-15T09:56:26Z https://community.hpe.com/t5/operating-system-hp-ux/telnet-access-restrict/m-p/3023880#M131125 The solution is near!!!!!!!<BR />I copied the /etc/passwd file, the /usr/bin/login and some library in the user roort dir, in the right paths!<BR />Now there is a problem: when the user logged in the subsystem, it ask me a new login....<BR />.. <BR />What's the meaning???<BR /><BR />Thanks!<BR /> Tue, 15 Jul 2003 11:30:53 GMT https://community.hpe.com/t5/operating-system-hp-ux/telnet-access-restrict/m-p/3023880#M131125 Massimo_20 2003-07-15T11:30:53Z https://community.hpe.com/t5/operating-system-hp-ux/telnet-access-restrict/m-p/3023881#M131126 Hi Massimo,<BR /><BR />I think this is correct. If you read the "login" man page it says it gets a login again. I presume it looks for passwords in the new chroot-ed /etc/passwd file.<BR /><BR />Ollie. Tue, 15 Jul 2003 11:44:45 GMT https://community.hpe.com/t5/operating-system-hp-ux/telnet-access-restrict/m-p/3023881#M131126 Ollie R 2003-07-15T11:44:45Z https://community.hpe.com/t5/operating-system-hp-ux/telnet-access-restrict/m-p/3023882#M131127 Hi Ollie, <BR /><BR />also I think this is correct. I create the /etc/passwd file, but the system not find the user login. The login man page is poor of information about this.<BR /> <BR />Now i try another!!!<BR /><BR />Thank you very much.<BR /><BR />Ciao<BR /> Tue, 15 Jul 2003 11:50:36 GMT https://community.hpe.com/t5/operating-system-hp-ux/telnet-access-restrict/m-p/3023882#M131127 Massimo_20 2003-07-15T11:50:36Z https://community.hpe.com/t5/operating-system-hp-ux/telnet-access-restrict/m-p/3023883#M131128 Hi Massimo,<BR />don' t forget to assign point who helped you!!! :)<BR /><BR /><BR />Enrico<BR /> Tue, 15 Jul 2003 12:37:44 GMT https://community.hpe.com/t5/operating-system-hp-ux/telnet-access-restrict/m-p/3023883#M131128 Enrico P. 2003-07-15T12:37:44Z