https://community.hpe.com/t5/operating-system-linux/restrict-user/m-p/3867281#M25308 I want to control a user can only access a specific directory eg. /tmp and /home , and can't access the other directory even the general directory eg. /usr , /var , what can I do ? I tried ibsh , but this method allow user access HOME directory ONLY , if I want the user can access a list of specific directory , what can i do ? thx Thu, 21 Sep 2006 10:04:30 GMT hangyu 2006-09-21T10:04:30Z https://community.hpe.com/t5/operating-system-linux/restrict-user/m-p/3867281#M25308 I want to control a user can only access a specific directory eg. /tmp and /home , and can't access the other directory even the general directory eg. /usr , /var , what can I do ? I tried ibsh , but this method allow user access HOME directory ONLY , if I want the user can access a list of specific directory , what can i do ? thx Thu, 21 Sep 2006 10:04:30 GMT https://community.hpe.com/t5/operating-system-linux/restrict-user/m-p/3867281#M25308 hangyu 2006-09-21T10:04:30Z https://community.hpe.com/t5/operating-system-linux/restrict-user/m-p/3867282#M25309 well it dependes how specific you would like to be...<BR /><BR />in general groups are OK, but it's not much scalable....<BR /><BR />Other possibility is SELinux which gives you more options to set roles of the user.<BR /><BR />Access-List are also good solution.<BR /><BR />But all of this is quitte "huge" to cover it in my respons so try to google a bit and select what is best way for you. Thu, 21 Sep 2006 10:17:17 GMT https://community.hpe.com/t5/operating-system-linux/restrict-user/m-p/3867282#M25309 g33k 2006-09-21T10:17:17Z https://community.hpe.com/t5/operating-system-linux/restrict-user/m-p/3867283#M25310 only read access with absolute path:-<BR /><BR /># adduser <USER><BR /># ln -s /bin/bash /bin/rbash<BR /># chsh -s /bin/rbash luser<BR /># cd /home/<USER><BR />#ln -s /tmp tmp<BR />#ln -s /home home<BR />#passwd <USER><BR /><BR />Or change the user path and specify a separate bin directory. Put those command only you want to let him/her execute. Change the attribute of ~.bash_profile /~.bashrc as a root.<BR /><BR />Thanks!</USER></USER></USER> Thu, 21 Sep 2006 12:09:42 GMT https://community.hpe.com/t5/operating-system-linux/restrict-user/m-p/3867283#M25310 Jaydeb Chakraborty 2006-09-21T12:09:42Z https://community.hpe.com/t5/operating-system-linux/restrict-user/m-p/3867284#M25311 you have already posted this question in the HP-UX forum, please refer to that thread:<BR /><A href="http://forums1.itrc.hp.com/service/forums/questionanswer.do?threadId=1061978" target="_blank">http://forums1.itrc.hp.com/service/forums/questionanswer.do?threadId=1061978</A> Thu, 21 Sep 2006 12:41:30 GMT https://community.hpe.com/t5/operating-system-linux/restrict-user/m-p/3867284#M25311 melvyn burnard 2006-09-21T12:41:30Z