HPE Community
Operating System - Linux
1828390 Members
2774 Online
109977 Solutions
New Discussion

Userid and group to have read access only.

 
SOLVED
Go to solution
Ragni Singh
Super Advisor

‎02-28-2007 07:48 AM

‎02-28-2007 07:48 AM

Userid and group to have read access only.

Hello,

I have created a user nmlread, group nmlread, but I need both user and group to only have read access. What needs to be done?

drwx------ 3 nmlread nmlread 4096 Feb 28 11:06 nmlread

Thanks and points will be assigned.
0 Kudos
Reply
5 REPLIES 5
Ivan Krastev
Honored Contributor

‎02-28-2007 08:06 AM

‎02-28-2007 08:06 AM

Re: Userid and group to have read access only.

Use chmod command:

chmod ug+r filename
or
chmod 440 filename

see http://en.wikipedia.org/wiki/Chmod

for more examples.

regards,
ivan
0 Kudos
Reply
Ivan Ferreira
Honored Contributor

‎02-28-2007 08:08 AM

‎02-28-2007 08:08 AM

Re: Userid and group to have read access only.

Hi. Read only access to what? To files, directories, all system?

You can use rbash to limit what the user can do.
Por que hacerlo dificil si es posible hacerlo facil? - Why do it the hard way, when you can do it the easy way?
0 Kudos
Reply
Ragni Singh
Super Advisor

‎02-28-2007 08:17 AM

‎02-28-2007 08:17 AM

Re: Userid and group to have read access only.

Hi Ivan, I would think the user nmlread should only have read access to everything on the system.
0 Kudos
Reply
Ivan Ferreira
Honored Contributor

‎02-28-2007 08:25 AM

‎02-28-2007 08:25 AM

Solution

Re: Userid and group to have read access only.

Then, you need restricted bash.

How to configure:

Create a link for bash:

# ln -s /bin/bash /bin/rbash

Set the user's shell rbash

# usermod -s /bin/bash username

Create a the $HOME/bin directory for the user:

# mkdir /home/username/bin

Link the commands that you want to allow to the user in the bin directory:

# cd /home/username/bin
# ln -s /bin/ls
# ln -s /bin/date
# ln -s /bin/cat

Edit the user .bash_profile and set the PATH variable to contain only the $HOME/bin directory:

# vi /home/username/.bash_profile

PATH=$HOME/bin
export PATH

The user can only run the commands in his bin directory.
Por que hacerlo dificil si es posible hacerlo facil? - Why do it the hard way, when you can do it the easy way?
Reply
Ragni Singh
Super Advisor

‎02-28-2007 08:52 AM

‎02-28-2007 08:52 AM

Re: Userid and group to have read access only.

Thanks, that helped. POints have been assigned.
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.