|
|
Sponsored Content
Top Forums
UNIX for Dummies Questions & Answers
Restrict user access to their home dir
Post 302199310 by katsklaw on Monday 26th of May 2008 10:28:44 AM
05-26-2008
|
|
10 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
I created a new user and assigned a certain home dir to tis user. I've noticed that this home dir (/export/home/test) is already assigned to other users. I really want to create a dedicated home dir for the new user. Can anyone tell me how I can modify this user with a new homedir?
Thx for... (4 Replies)
Discussion started by: kris_devis
4 Replies
2. HP-UX
Hi,
Please any one can help me to know that how we can restrict a user group to access the kernel at all. (0 Replies)
Discussion started by: harishankar
0 Replies
3. Solaris
Hello,
i need to create a user who's access is restricted only to his home directory and below,
i restricted his pty access by adding 'no-pty' to the options of the ssh key in authorized_keys file. However, sftp access still allows this user access to all my file system
thanks (5 Replies)
Discussion started by: lidram
5 Replies
4. Red Hat
Hi all,
I am using RHEL 5.0
I need a user say test to have full access to two directories, say /tmp1 & /tmp2 only other than his home directory.
I do not want to change his login shell which is ksh or bash by default.
Moreover, he should not even have read access of other directories.
... (10 Replies)
Discussion started by: vikas027
10 Replies
5. UNIX for Dummies Questions & Answers
Hi
I need to restrict one user to see only his home directory and
one more directory how i can do this in his profile.
The OS is Red hat linux
I create a user -- tec
and group calle --tec
one the user log in he will see
/home/tec
and he need to see /opt/load
this dirctory... (6 Replies)
Discussion started by: aboorkuma
6 Replies
6. Linux
Hi Friends,
I have installed a FTP Server on my Linux machine (Fedora 11).
I want the ftp users to be restricted to their own home dir using sftp.
But the said condition is met when the user logs in using ftp over port 21 and when the user logs in using sftp i.e. protocol 22, he/she has... (4 Replies)
Discussion started by: pashy
4 Replies
7. Solaris
Hi all
i am using solaris 10, i am creating user with
useradd -d/home/user -m -s /bin/sh user
user is created with in the following path
/export/home/user (auto mount)
i need the user to be created like this
(/home as default home directory )
useradd -d /home/user -m -s /bin/sh... (2 Replies)
Discussion started by: kalyankalyan
2 Replies
8. UNIX for Dummies Questions & Answers
Hi All,
How can we restrict a particular user access to a particular shell in solaris 10.
Thanks in Advance. (5 Replies)
Discussion started by: rama krishna
5 Replies
9. Red Hat
Hi there
I have an application user on my system that wants accesses to these file systems as such:
rwx:
/SAPO
/SAPS12
/R3_888
/R3_888B
/R3_888F
/R3_888R
r:
/usr/sap
these are the existing FS permissions:ownerships:
# ls -ld /SAPO (9 Replies)
Discussion started by: hedkandi
9 Replies
10. UNIX for Dummies Questions & Answers
Whenever i switch from root to another user, by doing su - user, it takes me to home directory of user. This is very annoying as i want to be in same dir to run different commands as root sometimes and sometimes as normal user.
How to fix this? (1 Reply)
Discussion started by: syncmaster
1 Replies
LEARN ABOUT FREEBSD
sysctl
SYSCTL(8) BSD System Manager's Manual SYSCTL(8) NAME
sysctl -- get or set kernel state SYNOPSIS
sysctl [-bdehiNnoRTqx] [-B bufsize] [-f filename] name[=value] ... sysctl [-bdehNnoRTqx] [-B bufsize] -a DESCRIPTION
The sysctl utility retrieves kernel state and allows processes with appropriate privilege to set kernel state. The state to be retrieved or set is described using a ``Management Information Base'' (``MIB'') style name, described as a dotted set of components. The following options are available: -A Equivalent to -o -a (for compatibility). -a List all the currently available non-opaque values. This option is ignored if one or more variable names are specified on the com- mand line. -b Force the value of the variable(s) to be output in raw, binary format. No names are printed and no terminating newlines are output. This is mostly useful with a single variable. -B bufsize Set the buffer size to read from the sysctl to bufsize. This is necessary for a sysctl that has variable length, and the probe value of 0 is a valid length, such as kern.arandom. -d Print the description of the variable instead of its value. -e Separate the name and the value of the variable(s) with '='. This is useful for producing output which can be fed back to the sysctl utility. This option is ignored if either -N or -n is specified, or a variable is being set. -f filename Specify a file which contains a pair of name and value in each line. sysctl reads and processes the specified file first and then processes the name and value pairs in the command line argument. -h Format output for human, rather than machine, readability. -i Ignore unknown OIDs. The purpose is to make use of sysctl for collecting data from a variety of machines (not all of which are nec- essarily running exactly the same software) easier. -N Show only variable names, not their values. This is particularly useful with shells that offer programmable completion. To enable completion of variable names in zsh(1) (ports/shells/zsh), use the following code: listsysctls () { set -A reply $(sysctl -AN ${1%.*}) } compctl -K listsysctls sysctl To enable completion of variable names in tcsh(1), use: complete sysctl 'n/*/`sysctl -Na`/' -n Show only variable values, not their names. This option is useful for setting shell variables. For instance, to save the pagesize in variable psize, use: set psize=`sysctl -n hw.pagesize` -o Show opaque variables (which are normally suppressed). The format and length are printed, as well as a hex dump of the first sixteen bytes of the value. -q Suppress some warnings generated by sysctl to standard error. -T Display only variables that are settable via loader (CTLFLAG_TUN). -W Display only writable variables that are not statistical. Useful for determining the set of runtime tunable sysctls. -X Equivalent to -x -a (for compatibility). -x As -o, but prints a hex dump of the entire value instead of just the first few bytes. The information available from sysctl consists of integers, strings, and opaque types. The sysctl utility only knows about a couple of opaque types, and will resort to hexdumps for the rest. The opaque information is much more useful if retrieved by special purpose programs such as ps(1), systat(1), and netstat(1). Some of the variables which cannot be modified during normal system operation can be initialized via loader(8) tunables. This can for exam- ple be done by setting them in loader.conf(5). Please refer to loader.conf(5) for more information on which tunables are available and how to set them. The string and integer information is summarized below. For a detailed description of these variable see sysctl(3). The changeable column indicates whether a process with appropriate privilege can change the value. String and integer values can be set using sysctl. Name Type Changeable kern.ostype string no kern.osrelease string no kern.osrevision integer no kern.version string no kern.maxvnodes integer yes kern.maxproc integer no kern.maxprocperuid integer yes kern.maxfiles integer yes kern.maxfilesperproc integer yes kern.argmax integer no kern.securelevel integer raise only kern.hostname string yes kern.hostid integer yes kern.clockrate struct no kern.posix1version integer no kern.ngroups integer no kern.job_control integer no kern.saved_ids integer no kern.boottime struct no kern.domainname string yes kern.filedelay integer yes kern.dirdelay integer yes kern.metadelay integer yes kern.osreldate string no kern.bootfile string yes kern.corefile string yes kern.logsigexit integer yes security.bsd.suser_enabled integer yes security.bsd.see_other_uids integer yes security.bsd.unprivileged_proc_debug integer yes security.bsd.unprivileged_read_msgbuf integer yes vm.loadavg struct no hw.machine string no hw.model string no hw.ncpu integer no hw.byteorder integer no hw.physmem integer no hw.usermem integer no hw.pagesize integer no hw.floatingpoint integer no hw.machine_arch string no hw.realmem integer no machdep.adjkerntz integer yes machdep.disable_rtc_set integer yes machdep.guessed_bootdev string no user.cs_path string no user.bc_base_max integer no user.bc_dim_max integer no user.bc_scale_max integer no user.bc_string_max integer no user.coll_weights_max integer no user.expr_nest_max integer no user.line_max integer no user.re_dup_max integer no user.posix2_version integer no user.posix2_c_bind integer no user.posix2_c_dev integer no user.posix2_char_term integer no user.posix2_fort_dev integer no user.posix2_fort_run integer no user.posix2_localedef integer no user.posix2_sw_dev integer no user.posix2_upe integer no user.stream_max integer no user.tzname_max integer no FILES
<sys/sysctl.h> definitions for top level identifiers, second level kernel and hardware identifiers, and user level identifiers <sys/socket.h> definitions for second level network identifiers <sys/gmon.h> definitions for third level profiling identifiers <vm/vm_param.h> definitions for second level virtual memory identifiers <netinet/in.h> definitions for third level Internet identifiers and fourth level IP identifiers <netinet/icmp_var.h> definitions for fourth level ICMP identifiers <netinet/udp_var.h> definitions for fourth level UDP identifiers EXAMPLES
For example, to retrieve the maximum number of processes allowed in the system, one would use the following request: sysctl kern.maxproc To set the maximum number of processes allowed per uid to 1000, one would use the following request: sysctl kern.maxprocperuid=1000 Information about the system clock rate may be obtained with: sysctl kern.clockrate Information about the load average history may be obtained with: sysctl vm.loadavg More variables than these exist, and the best and likely only place to search for their deeper meaning is undoubtedly the source where they are defined. COMPATIBILITY
The -w option has been deprecated and is silently ignored. SEE ALSO
sysctl(3), loader.conf(5), sysctl.conf(5), loader(8) HISTORY
A sysctl utility first appeared in 4.4BSD. In FreeBSD 2.2, sysctl was significantly remodeled. BUGS
The sysctl utility presently exploits an undocumented interface to the kernel sysctl facility to traverse the sysctl tree and to retrieve format and name information. This correct interface is being thought about for the time being. BSD
February 12, 2015 BSD