HPE Community
Operating System - HP-UX
1752799 Members
5730 Online
108789 Solutions
New Discussion юеВ

Re: Create UNIX user with restrictions

 
MANOJ SRIVASTAVA
Honored Contributor

тАО04-26-2002 07:38 AM

тАО04-26-2002 07:38 AM

Re: Create UNIX user with restrictions

Hi Khurram

It looks like that you are taking care to do export DISPLAY while the users login itself and they are able to run xomni w/o doing an export DISPLAY , in that case in the end of .profile just add /opt/omni/bin/xomni and that should work , this is provided you are setting the display variable during the login process it self.


Manoj Srivastava
0 Kudos
Reply
Khurram Khan_1
Advisor

тАО04-26-2002 07:44 AM

тАО04-26-2002 07:44 AM

Re: Create UNIX user with restrictions

Hi Manoj,

That works fine, until when they end there omniback session and do a exit. Then they are back to the xterm window with unix on it, and this is where the problem lies i.e. they can cd into any directory and do anything they want. That's what I need to control and restrict, not too sure how.

Regards

Khurram
0 Kudos
Reply
Shannon Petry
Honored Contributor

тАО04-26-2002 07:54 AM

тАО04-26-2002 07:54 AM

Re: Create UNIX user with restrictions

Considering your needs and concerns, here is my 2 cents worth.

1. Create normal user accounts (NOT ROOT) and give them to the users. set their default umask to 0177 so they can not touch each others stuff.
This is done in their $HOME/.profile and $HOME/.login.
2. Configure the ID in omniback to give them access to their needs. I.E. backup, restore, list, monitor, etc...
3. Configure reflections to launch the command for them. I.E. instead of launching an Xterm, have them launch this.
xterm -e /opt/omni/bin/xomni
or
/opt/omni/bin/xomni


If your server/workstation is accessed so what? They really can not hurt anything unless someone opened up access on all the files. It's not important if they can see /etc/passwd, but is important if they can edit it! Good admin practices should nullify the users abilities to play with the system.

Regards,
Shannon
Microsoft. When do you want a virus today?
0 Kudos
Reply
MANOJ SRIVASTAVA
Honored Contributor

тАО04-26-2002 01:16 PM

тАО04-26-2002 01:16 PM

Re: Create UNIX user with restrictions

But if you are in rsh it should not let you go to any other directories and also put an exit after the xomni command so that after xomni it exits .


Manoj Srivastava
0 Kudos
Reply
Khurram Khan_1
Advisor

тАО04-30-2002 12:28 AM

тАО04-30-2002 12:28 AM

Re: Create UNIX user with restrictions

Hi,

After putting in the rsh in the password file, it doesn't even bring up the Omnback terminal. When I take rsh out of the /etc/passwd file, it works fine untill the user clicks on exit in the Omniback Ixcon then it goes to the Xtreminal session at Unix. This is where the problem is, the easiest way would be to configure it as such that the user goes dirrectly into Omniback through Reflections. But unfortunately I don't know how to configure such a process in Reflections. Appreciate everyone's advise so far, but I really could do with some more help (detail commands etc), thanks.

Regards

Khurram
0 Kudos
Reply
Deepak Extross
Honored Contributor

тАО04-30-2002 12:41 AM

тАО04-30-2002 12:41 AM

Re: Create UNIX user with restrictions

Khurram,
In the user's $HOME/.profile add the following line at the end:
exec /opt/omni/bin/xomni

p.s.
How about assigning points to those who have helped this far?
0 Kudos
Reply
Khurram Khan_1
Advisor

тАО04-30-2002 01:01 AM

тАО04-30-2002 01:01 AM

Re: Create UNIX user with restrictions

Hi Deepak,

That doesn't work, as it comes up with a error in Reflection xterm message as follows:

$ Can't open display:


I will assign the points as soon as the issue is resolved, there is not point in assigning points at this stage as I have no idea what will fix the problem.

Regards

Khurram
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.