05-11-2007
I suppose the "-u" implies the real user name on the system, vhost, or something else, where the "-U" is the jailed one, i.e. you can have different credentials.
9 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
hi
i got a problem. I use a fbsd box to share my (DSL)internet connection.
I got 2 networkcards in my fbsd box, but my networkcard 1 (to my modem) always go out. the led don't burn anymore and I lose my connection to the internet :(
but my networkcard2 (to my local network) doesn't go out,... (2 Replies)
Discussion started by: Stormpie
2 Replies
2. UNIX for Dummies Questions & Answers
HI
i'm compiling my kernel with the support of this chipset.
In FreeBSD 4.2 and 4.3 I got no problem with the kernel, but with 4.4 I just can't get the kernel compiled with the soundcard support.
i added this to my kernel
device pcm
device snd
something wrong... (2 Replies)
Discussion started by: Stormpie
2 Replies
3. UNIX for Dummies Questions & Answers
i am running nat on my freeBSD and web/ftp server.
The rule allow ip from any to any must always be? or how? if i accept all packets to go on my ep0 which diverts all to my intranet it doesnt help, must the rule allow ip from any to any always be ?
even if many rules are between divert rule and... (3 Replies)
Discussion started by: hachik
3 Replies
4. UNIX for Dummies Questions & Answers
FBSD 4.6
How do I colorize my konsole to see directories etc. Am able to get color in the shell with ls -GF in my .bashrc. But color does not show in KDE3 Konsole (Xwindows) for some reason.FBSD 4.6 (1 Reply)
Discussion started by: lancest
1 Replies
5. Linux
I created a user
useradd -d /disk2/ftpfiles me
How would i beable to jail me so he could not move arround my file system? (4 Replies)
Discussion started by: byblyk
4 Replies
6. BSD
I just don't know how do I have to connect them... Connecting via USB, if some body knows, please post here... Thankue... (0 Replies)
Discussion started by: PomaH 6yxDAK
0 Replies
7. UNIX for Dummies Questions & Answers
I was reading an article on how it is very important to setup a chroot jail to run bind. I can follow what the article says but one thing I am unclear about is now on system boot the BIND process in the chroot jail will start since it the owner will no longer be root but some other user. Can... (1 Reply)
Discussion started by: mojoman
1 Replies
8. Solaris
Hi Gurus,
I am creating a user for ftp only on Solaris 10. However while testing I can see user can reach to root directory.
I followed following while creating the user
1 Created a shell in /usr/bin/ftponly as chmod a+x to ftponly
2 Placed the entry in /etc/shells
... (2 Replies)
Discussion started by: kumarmani
2 Replies
9. Cybersecurity
Hello people,
I'm creating a web game control panel, where people can manage their gameserver on a php made control panel.
But i have no idea how to create an jailed inviroment for the gameserver,
I've looked at possebilites for chroot, but i don't want the gameserver has any binaries of linux... (1 Reply)
Discussion started by: gm33
1 Replies
LEARN ABOUT DEBIAN
cr_cansee
CR_CANSEE(9) BSD Kernel Developer's Manual CR_CANSEE(9)
NAME
cr_cansee -- determine visibility of objects given their user credentials
SYNOPSIS
#include <sys/param.h>
#include <sys/systm.h>
#include <sys/ucred.h>
int
cr_cansee(struct ucred *u1, struct ucred *u2);
DESCRIPTION
This function determines the visibility of objects in the kernel based on the real user IDs and group IDs in the credentials u1 and u2 asso-
ciated with them.
The visibility of objects is influenced by the sysctl(8) variables security.bsd.see_other_gids and security.bsd.see_other_uids, as per the
description in cr_seeothergids(9) and cr_seeotheruids(9) respectively.
RETURN VALUES
This function returns zero if the object with credential u1 can ``see'' the object with credential u2, or ESRCH otherwise.
ERRORS
[ESRCH] The object with credential u1 cannot ``see'' the object with credential u2.
[ESRCH] The object with credential u1 has been jailed and the object with credential u2 does not belong to the same jail as u1.
[ESRCH] The MAC subsystem denied visibility.
SEE ALSO
cr_seeothergids(9), cr_seeotheruids(9), mac(9), p_cansee(9)
BSD
November 19, 2006 BSD