12-03-2008
What U consider is a dirty workaround. if a user may not see files in his home directory he is not able to use them so the files are useless. you could quite as well delete them. Restricting access to users home directories will cause severe problems with the account. don't do it !
10 More Discussions You Might Find Interesting
1. Cybersecurity
restricted access...
Hi
I need to restrict users shell access to only $HOME under /home for each user. I don't want them getting out of their own directories. From what I understand chroot is something I could use, but I want to avoid this since it involves creating symbolic links to a number... (9 Replies)
Discussion started by: alwayslearningunix
9 Replies
2. UNIX for Dummies Questions & Answers
I need to create a user that only has access to 1 directory (e.g. /vol/mita/test). The user needs to be able to rsh into that directory to run a script. The user should not be able to navigate to any other directories above /vol/mita/test. Any help would be appreciated! (4 Replies)
Discussion started by: ngagne
4 Replies
3. Solaris
Hi All,
I'm on Solaris 8, I need to provide Read-only access to a user to 2 directories only.
Using rsh (restricted shell) as the user's login shell, I can restrict the user's access to a certain directory only, but how can I set in such a way that the user can access only the 2 directories... (4 Replies)
Discussion started by: max_min
4 Replies
4. UNIX for Advanced & Expert Users
I'm the admin in a shop in which my developers have and use the root account, all UNIX newbies.
I've been unable to convince management myself that this is an unacceptable practice.
I've looked in a couple books I have and can't find any chapters, discussions, etc that make the argument that... (2 Replies)
Discussion started by: keith.m
2 Replies
5. Solaris
We want to secure access to a server by restricting the number of users who can login to it. Our users are NIS users. Only few of them can telnet/ssh this server.
Do you have any idea on how to implement that?
thanks. (1 Reply)
Discussion started by: melanie_pfefer
1 Replies
6. UNIX for Advanced & Expert Users
Hi All,
I am facing a problem, regarding code security on a server.
We have configured a server which contains our code (ear present in jboss/server/xyz/deploy) in it, and need to bind the code to the server itself so that no one can take the code out of the. the problem is that the password of... (3 Replies)
Discussion started by: akshay61286
3 Replies
7. Solaris
Dear All,
I have created a user called "x" who is allowed only to FTP and it is working fine. Here my problem is, I want to give access to a particular directory say for eg:- /dump/test directory. I don't find any option in the useradd command to restrict access to this particular directory only... (1 Reply)
Discussion started by: Vijayakumarpc
1 Replies
8. Solaris
Hi all.
I've had a quick look around but cant see anything exactly matching my requirements.
I have a new T2000 running S10. Im looking to restrict the no. cores that a S10 non-global zone can use to 1 only. The box is single CPU but 8core.
I want to do this to save on some software... (4 Replies)
Discussion started by: boneyard
4 Replies
9. UNIX for Dummies Questions & Answers
Hello,
I am using MySecureShell to chroot all sftp accesses. The problem that I have is that my boss does not want root to be able to use sftp. Root should still be able to ssh. Any ideas? (2 Replies)
Discussion started by: mojoman
2 Replies
10. Solaris
Dear all,
I am administering a DC environment of over 100+ Solaris servers used by various teams including Databases.
Every user created on the node belonging to databases is assigned group staff(10) .
I want that all users belonging to staff should NOT be able to execute certain system... (6 Replies)
Discussion started by: Junaid Subhani
6 Replies
LEARN ABOUT DEBIAN
sss_useradd
SSS_USERADD(8) SSSD Manual pages SSS_USERADD(8)
NAME
sss_useradd - create a new user
SYNOPSIS
sss_useradd [options] LOGIN
DESCRIPTION
sss_useradd creates a new user account using the values specified on the command line plus the default values from the system.
OPTIONS
-u,--uid UID
Set the UID of the user to the value of UID. If not given, it is chosen automatically.
-c,--gecos COMMENT
Any text string describing the user. Often used as the field for the user's full name.
-h,--home HOME_DIR
The home directory of the user account. The default is to append the LOGIN name to /home and use that as the home directory. The base
that is prepended before LOGIN is tunable with "user_defaults/baseDirectory" setting in sssd.conf.
-s,--shell SHELL
The user's login shell. The default is currently /bin/bash. The default can be changed with "user_defaults/defaultShell" setting in
sssd.conf.
-G,--groups GROUPS
A list of existing groups this user is also a member of.
-m,--create-home
Create the user's home directory if it does not exist. The files and directories contained in the skeleton directory (which can be
defined with the -k option or in the config file) will be copied to the home directory.
-M,--no-create-home
Do not create the user's home directory. Overrides configuration settings.
-k,--skel SKELDIR
The skeleton directory, which contains files and directories to be copied in the user's home directory, when the home directory is
created by sss_useradd.
This option is only valid if the -m (or --create-home) option is specified, or creation of home directories is set to TRUE in the
configuration.
-Z,--selinux-user SELINUX_USER
The SELinux user for the user's login. If not specified, the system default will be used.
-h,--help
Display help message and exit.
THE LOCAL DOMAIN
In order to function correctly, a domain with "id_provider=local" must be created and the SSSD must be running.
The administrator might want to use the SSSD local users instead of traditional UNIX users in cases where the group nesting (see
sss_groupadd(8)) is needed. The local users are also useful for testing and development of the SSSD without having to deploy a full remote
server. The sss_user* and sss_group* tools use a local LDB storage to store users and groups.
SEE ALSO
sss_groupadd(8), sss_groupdel(8), sss_groupshow(8), sss_groupmod(8), sss_userdel(8), sss_usermod(8).
AUTHORS
The SSSD upstream - http://fedorahosted.org/sssd
SSSD
03/04/2013 SSS_USERADD(8)