04-15-2008
Quote:
Originally Posted by
jim mcnamara
For the user test to be able to run some utilities he may need read access to some files perhaps in /etc or /lib.
Your best bet is to chroot this user - put the user in chroot jail, creates links in his home directory to /tmp1 & /tmp2. This is what is often done with ftp accounts to lock them into completely known file trees
Can you please exlain a little bit how to put this user in chroot jail.
Thanks.
10 More Discussions You Might Find Interesting
1. HP-UX
Hi,
Please any one can help me to know that how we can restrict a user group to access the kernel at all. (0 Replies)
Discussion started by: harishankar
0 Replies
2. UNIX for Advanced & Expert Users
Hi All,
It will be very great if you can help me in this issue. Thanks in advance.
I need to enable FTP on a solaris9 server. I need to create a new user some "xxxxxx" and he can only FTP the files to and from between /tftpboot directory and network devices. Other users should not... (8 Replies)
Discussion started by: santhoshkumar_d
8 Replies
3. UNIX for Dummies Questions & Answers
Hi!
i'm using FreeBSD 6.2 and hosting my pc to frens
in particular of sensitive information being saved to the PC, i would like to know is it possible for me to restrict user access to their /home dir. only?
and also, i wanted to restrict them listing files under /etc
thanks all! (10 Replies)
Discussion started by: rdns
10 Replies
4. UNIX for Advanced & Expert Users
Hi
I have requirement to create 3 new users on my server but to restrict their access to a set of particular folders.
/export/home/kapil/shared,
/export/home/kapil/shared/Folder1
/export/home/kapil/shared/Folder2
These folders should be accessible to all the 3 users and to me too.... (1 Reply)
Discussion started by: kapilk
1 Replies
5. UNIX for Dummies Questions & Answers
Hi All,
How can we restrict a particular user access to a particular shell in solaris 10.
Thanks in Advance. (5 Replies)
Discussion started by: rama krishna
5 Replies
6. Red Hat
Hi there
I have an application user on my system that wants accesses to these file systems as such:
rwx:
/SAPO
/SAPS12
/R3_888
/R3_888B
/R3_888F
/R3_888R
r:
/usr/sap
these are the existing FS permissions:ownerships:
# ls -ld /SAPO (9 Replies)
Discussion started by: hedkandi
9 Replies
7. UNIX for Dummies Questions & Answers
Hi,
I'm using rsync on cygwin (winXP) to sync our files between several laptops and XP (acting as a file server)
For simplicity I use the same user account with different certificates over SSH.
Now my question is;
If a user understands the logic and modifies the rsync command, he can easily... (0 Replies)
Discussion started by: cemo
0 Replies
8. Shell Programming and Scripting
Hi Experts,
I am in urgent need of your suggestions.
I have below two users in my system:
xyz:x:101:101:XYZ System Account:/export/home/xyz:/bin/bash
abc:x:2009:10:ftp user only:/export/home/abc:/bin/false
Where "xyz" is the crucial one and "abc" is only introduced for FTPing the... (2 Replies)
Discussion started by: sugarcane
2 Replies
9. UNIX for Dummies Questions & Answers
I'm trying to use squid to restrict elinks' access to certain websites(only http traffic).
I have tried some configs in squid.conf but no luck. Hope someone has a bit of time to explain me how can you make these config's :)
---------- Post updated at 05:40 PM ---------- Previous update was at... (1 Reply)
Discussion started by: Birnbacher
1 Replies
10. Shell Programming and Scripting
I manage an AIX OS 7.1 system on IBM Power 770.
I want to find out which directories/folders a particular user has read/write access to. How can I cleanly create a list of all directories on the system that a user has access to.. Does this make sense?
Thanks in Advance, NEWB:rolleyes: (3 Replies)
Discussion started by: code911
3 Replies
LEARN ABOUT DEBIAN
sss_useradd
SSS_USERADD(8) SSSD Manual pages SSS_USERADD(8)
NAME
sss_useradd - create a new user
SYNOPSIS
sss_useradd [options] LOGIN
DESCRIPTION
sss_useradd creates a new user account using the values specified on the command line plus the default values from the system.
OPTIONS
-u,--uid UID
Set the UID of the user to the value of UID. If not given, it is chosen automatically.
-c,--gecos COMMENT
Any text string describing the user. Often used as the field for the user's full name.
-h,--home HOME_DIR
The home directory of the user account. The default is to append the LOGIN name to /home and use that as the home directory. The base
that is prepended before LOGIN is tunable with "user_defaults/baseDirectory" setting in sssd.conf.
-s,--shell SHELL
The user's login shell. The default is currently /bin/bash. The default can be changed with "user_defaults/defaultShell" setting in
sssd.conf.
-G,--groups GROUPS
A list of existing groups this user is also a member of.
-m,--create-home
Create the user's home directory if it does not exist. The files and directories contained in the skeleton directory (which can be
defined with the -k option or in the config file) will be copied to the home directory.
-M,--no-create-home
Do not create the user's home directory. Overrides configuration settings.
-k,--skel SKELDIR
The skeleton directory, which contains files and directories to be copied in the user's home directory, when the home directory is
created by sss_useradd.
This option is only valid if the -m (or --create-home) option is specified, or creation of home directories is set to TRUE in the
configuration.
-Z,--selinux-user SELINUX_USER
The SELinux user for the user's login. If not specified, the system default will be used.
-h,--help
Display help message and exit.
THE LOCAL DOMAIN
In order to function correctly, a domain with "id_provider=local" must be created and the SSSD must be running.
The administrator might want to use the SSSD local users instead of traditional UNIX users in cases where the group nesting (see
sss_groupadd(8)) is needed. The local users are also useful for testing and development of the SSSD without having to deploy a full remote
server. The sss_user* and sss_group* tools use a local LDB storage to store users and groups.
SEE ALSO
sss_groupadd(8), sss_groupdel(8), sss_groupshow(8), sss_groupmod(8), sss_userdel(8), sss_usermod(8).
AUTHORS
The SSSD upstream - http://fedorahosted.org/sssd
SSSD
03/04/2013 SSS_USERADD(8)