HPE Community
Operating System - HP-UX
1834757 Members
3007 Online
110070 Solutions
New Discussion

how to restrict rcp to copy from/to a particular directory

 
Ramesh Lanka
Occasional Contributor

‎06-18-2003 05:27 AM

‎06-18-2003 05:27 AM

how to restrict rcp to copy from/to a particular directory

Hi Guys
Is it possible to restrict the rcp command such-a-way that it can copy the files only from /to a particular directory?

My requirement is as follows:
1. user 'test' from /home/test directory from 'hp-ux' host will copy some files daily to /home/test of 'aix' host.
Now the Aix system administrator doesnot want the 'test' user from 'hp-ux' to access anyother files otherthan /home/test directory in 'aix' host.

Can anybody give some tips ,how do i do this?

Regds
Ruban
0 Kudos
Reply
9 REPLIES 9
Steven E. Protter
Exalted Contributor

‎06-18-2003 05:30 AM

‎06-18-2003 05:30 AM

Re: how to restrict rcp to copy from/to a particular directory

The only sure way to do that is to control permissions.

If the rcp user can't access the directory, they can't put files on it.

The rcp command will let the user copy a file from anywhere they have appropriate rights on system a to anywhere they have appropriate rights on system b and vice versa.

If the user has read only rights to /tmp/mystuff then they won't be able to rcp anything to it.

This in my opinion is a scurity/sysadmin issue. The only commands you need are chmod and chown

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
Reply
Dario_1
Trusted Contributor

‎06-18-2003 05:42 AM

‎06-18-2003 05:42 AM

Re: how to restrict rcp to copy from/to a particular directory

Ruban:

I am with Steven on this one. I think the only way will be modifying the permissions and/or group.

Regards,

Dario
0 Kudos
Reply
Duncan Edmonstone
HPE Pro

‎06-18-2003 05:51 AM

‎06-18-2003 05:51 AM

Re: how to restrict rcp to copy from/to a particular directory

Another option might not be to use rcp at all, but use a chroot'd ftp environment on the AIX host instead... of course you'd either need to hard-code the password, or make the ftp anonymous

HTH

Duncan

I am an HPE Employee
Accept or Kudo
0 Kudos
Reply
Gavin Clarke
Trusted Contributor

‎06-18-2003 07:19 AM

‎06-18-2003 07:19 AM

Re: how to restrict rcp to copy from/to a particular directory

Hmmm, how about a script that user test can only execute, which copies files from a directory /home/test/dailycopy to /home/test on aix. Urgh, now I've said it I don't like it.

Or alternatively the other way around, get aix user to get the files as a cron job, using ftp?

Permissions still seems like the proper way.
0 Kudos
Reply
Caesar_3
Esteemed Contributor

‎06-18-2003 10:50 AM

‎06-18-2003 10:50 AM

Re: how to restrict rcp to copy from/to a particular directory

Hello!

If you want that some user could do something
and something else could not it's 99% permissions will solve the problem.

Caesar
0 Kudos
Reply
Chris Vail
Honored Contributor

‎06-18-2003 01:12 PM

‎06-18-2003 01:12 PM

Re: how to restrict rcp to copy from/to a particular directory

Use secure copy: that way the user can only hose his/her own files. Its also a lot easier to script, and you don't have to hard-code the passwords.


Chris
0 Kudos
Reply
Geoff Wild
Honored Contributor

‎06-18-2003 01:41 PM

‎06-18-2003 01:41 PM

Re: how to restrict rcp to copy from/to a particular directory

You could also write a "wrapper" script - that is, make the user run, say /usr/local/bin/rcp and it you have checks to where they are allowed to write too....the script itself would call the real rcp command...a bit ugly....and if the user figures it out - they could bypass your script...

Rgds...Geoff
Proverbs 3:5,6 Trust in the Lord with all your heart and lean not on your own understanding; in all your ways acknowledge him, and he will make all your paths straight.
0 Kudos
Reply
Ramesh Lanka
Occasional Contributor

‎06-20-2003 06:09 AM

‎06-20-2003 06:09 AM

Re: how to restrict rcp to copy from/to a particular directory

hi Guys
thanks for all ur replies

Chris: what u mean by secure copy?

Ruban
0 Kudos
Reply
Massimo Bianchi
Honored Contributor

‎06-20-2003 06:29 AM

‎06-20-2003 06:29 AM

Re: how to restrict rcp to copy from/to a particular directory

Hi,
secure copy is scp, part of the ssh or openssh package.

It lets you establish connection between two server, crypting it, and it has lots of option for specifying all you need.

HTH,
Massimo


0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.