04-18-2007
Hi, mz043.
As far as I know, you have two options:
- One is to create a chroot jail for your users (As you've been told). This involves several tasks: create a dummy "root filesystem", copy libs, binaries, etc... The use of sudo, and some shell scripting among others. There are lots of info on the Net, depending on your OS.
- The other is the use of a restricted shell. I don't know what OS you are using but perhaps a "man -k restricted" would give you some clues
Regards.
10 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
Hello!
I want users in a certain group to be restricted to their home directory. So that they have full access to all files and folders in their home directory but the cant go to any directory above.
Does anyone know how to do this?
Anders (1 Reply)
Discussion started by: alfabetman
1 Replies
2. UNIX for Dummies Questions & Answers
Hi
I want to know which profile will be called when a user without home directory is created.
When I created a user without home directory(by setting in /etc/default/useradd), the user is able to login directly into the main "/" folder but with only read permissions.
Thanks
naina (3 Replies)
Discussion started by: naina
3 Replies
3. UNIX for Dummies Questions & Answers
I'm using HPUX 11i. The other day a user logon to the workstation and was not able to find the /home/directory (tom is the directory) I login myself and it is the same thing.
The home directory is on the server, so I was thinking of using sam to map it again. does anyone know how to do it... (5 Replies)
Discussion started by: blizzgamer
5 Replies
4. Solaris
How to find al the user's home directories? (2 Replies)
Discussion started by: a2156z
2 Replies
5. Solaris
Hi Guys,
I have a problem with configuring a server. this is a solaris 10 with sparc platform.
I have setup so that the server is Authenticating through NIS but I dont want the server to Mount the Home directories. The users need to logged in through the CDE/display.
I have over 200 users... (2 Replies)
Discussion started by: Luky
2 Replies
6. UNIX for Advanced & Expert Users
RHEL5.0
As we know, when root create a new user, a new home directory will be created : /home/user
I want to know what determine the access permission of /home/user .
Thanks! (1 Reply)
Discussion started by: cqlouis
1 Replies
7. Shell Programming and Scripting
Following on from this post:
https://www.unix.com/shell-programming-scripting/150201-simple-script-mount-folder-all-users-home.html
and getting told off for bumping the thread:(
Please could someone help me with a short script to check is a certain directory is present in /home for all users... (8 Replies)
Discussion started by: barrydocks
8 Replies
8. Red Hat
Hi friends,
I must to give ssh connection to own customer.
So I want to lock ssh user on own home directory. It is not necessery to reach other folders. I know that ftp user can lock on own folder but I don't know how to lock ssh user.
I am waitting your kindly helps :D
---------- Post... (10 Replies)
Discussion started by: getrue
10 Replies
9. AIX
Hello,
I must close ssh users to the home directory.
It means the users musn't see anything inside their home directory.
For example after login to the os and type this command "cd .."
or "cd /" it musn't work.
How can I implement it?
(Probably chroot or rootsh but how?) (1 Reply)
Discussion started by: jeszi
1 Replies
10. UNIX for Advanced & Expert Users
Hi,
I have created a shared directory on /home, where all users on a certain group have read, write and execute permissions.
I did this using
chmod -R g+rwx /home/shared/
The problem is, when a particular user creates a directory within /home/shared, other users are not able to write to... (8 Replies)
Discussion started by: lost.identity
8 Replies
CHPASS(1) BSD General Commands Manual CHPASS(1)
NAME
chpass, chfn, chsh -- add or change user database information
SYNOPSIS
chpass [-l location] [-u authname] [-s newshell] [user]
DESCRIPTION
The chpass utility allows editing of the user database information associated with user or, by default, the current user.
The chpass utility cannot change the user's password on Open Directory systems. Use the passwd(1) utility instead.
The chfn, and chsh utilities behave identically to chpass. (There is only one program.)
The information is formatted and supplied to an editor for changes.
Only the information that the user is allowed to change is displayed.
The options are as follows:
-l location
If not specified, chpass will perform a search for the user record on all available Open Directory nodes. When specified, chpass
will edit the user record on the directory node at the given location.
-u authname
The user name to use when authenticating to the directory node containing the user.
-s newshell
Attempt to change the user's shell to newshell.
Possible display items are as follows:
Login: user's login name
Uid: user's login
Gid: user's login group
Generated uid: user's UUID
Full Name: user's real name
Office Location: user's office location
Office Phone: user's office phone
Home Phone: user's home phone
Home Directory: user's home directory
Shell: user's login shell
The login field is the user name used to access the computer account.
The uid field is the number associated with the login field. Both of these fields should be unique across the system (and often across a
group of systems) as they control file access.
While it is possible to have multiple entries with identical login names and/or identical user id's, it is usually a mistake to do so. Rou-
tines that manipulate these files will often return only one of the multiple entries, and that one by random selection.
The group field is the group that the user will be placed in at login. Since BSD supports multiple groups (see groups(1)) this field cur-
rently has little special meaning. This field may be filled in with either a number or a group name (see group(5)).
The generated uid field is the globally unique identifier (UUID) for the user. The full name field contains the full name of the user.
The user's home directory is the full UNIX path name where the user will be placed at login.
The shell field is the command interpreter the user prefers. If the shell field is empty, the Bourne shell, /bin/sh, is assumed. When
altering a login shell, and not the super-user, the user may not change from a non-standard shell or to a non-standard shell. Non-standard
is defined as a shell not found in /etc/shells.
The picture field is the path to a picture to be displayed for the user.
OPEN DIRECTORY
User database entries are under the control of DirectoryService(8) and may be physically located in many different places, including the
local Directory Service node, and remote LDAP servers. This version of chpass uses Open Directory to change user database information. It
does not interact with the historic flat file database /etc/master.passwd
ENVIRONMENT
The vi(1) editor will be used unless the environment variable EDITOR is set to an alternate editor. When the editor terminates, the informa-
tion is re-read and used to update the user database itself. Only the user, or the super-user, may edit the information associated with the
user.
FILES
/etc/chpass.XXXXXX temporary copy of the data to edit
/etc/shells the list of approved shells
SEE ALSO
login(1), passwd(1), getusershell(3), passwd(5)
Robert Morris and Ken Thompson, UNIX Password security.
HISTORY
The chpass utility appeared in 4.3BSD-Reno.
BSD
December 30, 1993 BSD