Read only user creation in HP UX box

Hello Kauser,

You can't create a user account with read only access and it is true for all flavours of Unix.
Note that a newly created user has write access to his home directory while the user can only read or list contents in other directories. The user will not have write or execute permission on other directories unless he has been added to a group having write/execute permission on those directories.

If you have a more specific requirement please log a case with HPE Support Center.

Regards,

> Is there any way around to create read only user [...]

   What, exactly, does "read only user" mean to you?  Are you talking
about an FTP client, or what?  What, exactly, should this user be able
to do and not do?

Since there are thousands of files on an HP-UX system, many writable by any user (as they should be), there is no way to turn off 100% write capability.

One choice is to create a restricted user account where the user is unable to leave their login directory. It is a bit complicated and will make it difficult to access anything beyond the local directory.

A second choice is to create shell script for the login that has only selected commands.

Or if the user is untrustworthy or untrained, give them a login on a Blackberry with no cell service...