HPE Community
Operating System - Linux
1829712 Members
2187 Online
109992 Solutions
New Discussion

Restrict user

 
SOLVED
Go to solution
hangyu
Regular Advisor

‎09-21-2006 03:04 AM

‎09-21-2006 03:04 AM

Restrict user

I want to control a user can only access a specific directory eg. /tmp and /home , and can't access the other directory even the general directory eg. /usr , /var , what can I do ? I tried ibsh , but this method allow user access HOME directory ONLY , if I want the user can access a list of specific directory , what can i do ? thx
0 Kudos
Reply
3 REPLIES 3
g33k
Valued Contributor

‎09-21-2006 03:17 AM

‎09-21-2006 03:17 AM

Solution

Re: Restrict user

well it dependes how specific you would like to be...

in general groups are OK, but it's not much scalable....

Other possibility is SELinux which gives you more options to set roles of the user.

Access-List are also good solution.

But all of this is quitte "huge" to cover it in my respons so try to google a bit and select what is best way for you.
Reply
Jaydeb Chakraborty
Occasional Advisor

‎09-21-2006 05:09 AM

‎09-21-2006 05:09 AM

Re: Restrict user

only read access with absolute path:-

# adduser
# ln -s /bin/bash /bin/rbash
# chsh -s /bin/rbash luser
# cd /home/
#ln -s /tmp tmp
#ln -s /home home
#passwd

Or change the user path and specify a separate bin directory. Put those command only you want to let him/her execute. Change the attribute of ~.bash_profile /~.bashrc as a root.

Thanks!
Reply
melvyn burnard
Honored Contributor

‎09-21-2006 05:41 AM

‎09-21-2006 05:41 AM

Re: Restrict user

you have already posted this question in the HP-UX forum, please refer to that thread:
http://forums1.itrc.hp.com/service/forums/questionanswer.do?threadId=1061978
My house is the bank's, my money the wife's, But my opinions belong to me, not HP!
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.