02-25-2008
restricting access to a server
We want to secure access to a server by restricting the number of users who can login to it. Our users are NIS users. Only few of them can telnet/ssh this server.
Do you have any idea on how to implement that?
thanks.
10 More Discussions You Might Find Interesting
1. Cybersecurity
restricted access...
Hi
I need to restrict users shell access to only $HOME under /home for each user. I don't want them getting out of their own directories. From what I understand chroot is something I could use, but I want to avoid this since it involves creating symbolic links to a number... (9 Replies)
Discussion started by: alwayslearningunix
9 Replies
2. UNIX for Dummies Questions & Answers
I need to create a user that only has access to 1 directory (e.g. /vol/mita/test). The user needs to be able to rsh into that directory to run a script. The user should not be able to navigate to any other directories above /vol/mita/test. Any help would be appreciated! (4 Replies)
Discussion started by: ngagne
4 Replies
3. Solaris
Hi All,
I'm on Solaris 8, I need to provide Read-only access to a user to 2 directories only.
Using rsh (restricted shell) as the user's login shell, I can restrict the user's access to a certain directory only, but how can I set in such a way that the user can access only the 2 directories... (4 Replies)
Discussion started by: max_min
4 Replies
4. UNIX for Advanced & Expert Users
I'm the admin in a shop in which my developers have and use the root account, all UNIX newbies.
I've been unable to convince management myself that this is an unacceptable practice.
I've looked in a couple books I have and can't find any chapters, discussions, etc that make the argument that... (2 Replies)
Discussion started by: keith.m
2 Replies
5. UNIX for Dummies Questions & Answers
Hi all,
I have user called "Z". The home directory is /home/Z. I have another directory /home/Z/OP. Within /home/Z/OP, i have 2 directories
/home/Z/OP/OP1 and /home/Z/OP2.
I want to restrict access for Z to only access
/home/Z/OP and
/home/Z/OP1 and
/home/Z/OP2.
What kind of... (4 Replies)
Discussion started by: new2ss
4 Replies
6. UNIX for Advanced & Expert Users
Hi All,
I am facing a problem, regarding code security on a server.
We have configured a server which contains our code (ear present in jboss/server/xyz/deploy) in it, and need to bind the code to the server itself so that no one can take the code out of the. the problem is that the password of... (3 Replies)
Discussion started by: akshay61286
3 Replies
7. Solaris
Dear All,
I have created a user called "x" who is allowed only to FTP and it is working fine. Here my problem is, I want to give access to a particular directory say for eg:- /dump/test directory. I don't find any option in the useradd command to restrict access to this particular directory only... (1 Reply)
Discussion started by: Vijayakumarpc
1 Replies
8. Solaris
Hi all.
I've had a quick look around but cant see anything exactly matching my requirements.
I have a new T2000 running S10. Im looking to restrict the no. cores that a S10 non-global zone can use to 1 only. The box is single CPU but 8core.
I want to do this to save on some software... (4 Replies)
Discussion started by: boneyard
4 Replies
9. UNIX for Dummies Questions & Answers
Hello,
I am using MySecureShell to chroot all sftp accesses. The problem that I have is that my boss does not want root to be able to use sftp. Root should still be able to ssh. Any ideas? (2 Replies)
Discussion started by: mojoman
2 Replies
10. Linux
Hi all,
I have a web site that I'm serving on an Apache server, and it has a number of different folders, but I only want the user to be able to access certain ones -- the majority of them I don't want the user to access. I tried modifying my /etc/apache2/conf.d/security file to do this, but I... (1 Reply)
Discussion started by: Zel2008
1 Replies
userdel(1M) userdel(1M)
NAME
userdel - delete a user login from the system
SYNOPSIS
alternate_password_file] login
DESCRIPTION
The command deletes a user login from the system by modifying the appropriate login related files.
The command requires the login argument. login is the name to be deleted, specified as a string of printable characters. It may not con-
tain a colon or a newline
Refer to usergroupname(5) to understand the functionality changes with the Numeric User Group Name feature.
Options
recognizes the following options:
The home directory of
login is removed from the system. This directory must exist. Following the successful execution of this command, none of
the files and directories under the home directory will be available.
If a user is deleted and the home directory is shared by others, then this directory is not deleted even with the option.
Force the changes, even if the login is currently in use.
Specify that the changes are being made to the alternate
password file of NIS specified by the option. The and options should not be used with this option.
Specify the path of the alternate password file of NIS.
The option is used with the option.
In the event where a directory is shared by users of the same group and the owner of that directory is deleted, then the ownership of that
directory is propagated to the next user who is sharing that directory. The new owner is determined by looking at the order in which the
users sharing this directory are added to the file. If there is only one user remaining then the directory is brought back to unshared
mode by resetting the permissions to from
NIS
This command is aware of NIS user and group entries. Only local users and groups may be deleted or modified with this command. Attempts
to delete or modify NIS users or groups will result in an error. NIS users and groups must be administered from the NIS server. The com-
mand may fail with the error
(return value 6) if the user specified is an NIS user (see passwd(4)). The error
(return value 10) is returned if a local user belongs to an NIS group (see group(4)).
NFS
Errors may occur with the option if the affected directory is within an NFS mounted file system that does not allow root privileges across
the NFS mount, and the directory or files within the directory do not have sufficient permissions.
RETURN VALUE
exits with one of the following values:
Successful completion.
Invalid command syntax.
Invalid argument supplied to an option.
The login to be removed does not exist.
The login to be removed is in use.
Cannot modify the
file, but the login was removed from the file.
Unable to remove or modify the home directory.
Unable to open
file or file is non-existent.
file or
file busy. Another command may be modifying the file.
Cannot delete entry from
file.
Out of memory.
Invalid template file.
EXAMPLES
Remove the user from the system:
Remove the user from the system and delete home directory from the system:
WARNINGS
Because many users may try to write the file simultaneously, a password locking mechanism was devised. If this locking fails after subse-
quent retrying, terminates.
FILES
Shadow Password file
System Password file
System group file
Lock file used when updating password file
SEE ALSO
passwd(1), users(1), groupadd(1M), groupdel(1M), groupmod(1M), logins(1M), useradd(1M), usermod(1M), group(4), passwd(4), shadow(4), user-
groupname(5).
STANDARDS CONFORMANCE
userdel(1M)