03-05-2009
locking a users file as root
hello,
I have a challenge to find a way to lock down a file in a user's home directory, such that a user can NOT modify, rename, move, delete, etc. The solution needs to be deployable without, for example, having to switch from unix to windows, etc
We are using NFS. We want to lock the .xscreensaver in the user's home dir and not all the user to modify this file at all. I chmod the file to 700, owned by root:root but the user can go to his home dir and still do whatever he wants with this file because he is the owner of the parent directory.
Any ideas?
thanks for your help,
10 More Discussions You Might Find Interesting
1. AIX
At the office, we often have to edit one file with VI. We are 4-6 workers doing it and sometimes can be done at the same time.
We have found a problem and want to prevent it with a file lock. Is it possible and how ?
problem :
Worker-a starts edit VI session on File-A at 1PM
Worker-b... (14 Replies)
Discussion started by: Browser_ice
14 Replies
2. Solaris
Hello,
I'm working on a Solaris 9 machine. I found the root's environment variables (say, $PATH, $ORACLE_HOME, big problem) were set differently from the users'. All regular users use C shell now and share the same environment file stored in /usr/local/config/cshrc.default.
Should I just use... (4 Replies)
Discussion started by: alanlh
4 Replies
3. SCO
UnixWare 7, Release 7.1.3
We have a customer that has frequent issues with Non-Root users being unable to print. They are able to print w/o issues, but all of the sudden it stops working. The only workaround we have at this point is to reboot the server. It is happening weekly according to... (1 Reply)
Discussion started by: cfshd
1 Replies
4. Solaris
I would like to know how to prevent users connecting to a server using SSH as root.
I would still like them to be able to login with their username and then change to su.
But I would like to prevent them logging in directly as root.
I have searched the forum and read that I should set... (3 Replies)
Discussion started by: Sepia
3 Replies
5. UNIX for Dummies Questions & Answers
Hi everyone hope you can help me
i have 5 root users and the problem with that is how can you see
witch root user did what on the box how can you track the users that
played on the servers.
1) What commands they typed (in linux you get history )
2) From witch ip did they connect to the server (3 Replies)
Discussion started by: sucram
3 Replies
6. UNIX Desktop Questions & Answers
Hi there,
I'm working with a Linux server and now I can get a daily Logwatch mail ... my question is:since there are too many users with root password (...in my opinion... :mad:) how could I prevent to delete information about "su" log?
Thanks in advance,
GB (3 Replies)
Discussion started by: Giordano Bruno
3 Replies
7. Solaris
Hi,
we are running on Solaris 10 and I see that under
/usr/mail
-rw-rw---- 1 root mail 0 Nov 26 11:19 root
-rw------- 1 root mail 2 Nov 24 17:14 root.lock
-rw------- 1 root mail 2 Nov 27 09:26 root4_aGD6
-rw------- 1 root mail 2 Nov 27 09:26 rootHAaqyo
-rw------- 1 root mail 2 Nov 27 09:26... (6 Replies)
Discussion started by: manni2
6 Replies
8. Solaris
I'm using Solaris 10. I want to restrict users from executing this dangerous command.
rm -rf *
But they should be able to perform the below actions:
rm -rf *.*
rm -rf filename
rm -rf directory
Is it possible? If yes then pls let me know how to do it? (7 Replies)
Discussion started by: Arun_Linux
7 Replies
9. UNIX for Dummies Questions & Answers
Hi all,
I have a small problem. When I log in as root and try to switch to any other user using su -user, then it is giving an error saying libncurses.so permission denied. Can you help me?
Thank you in advance.
Sai. (1 Reply)
Discussion started by: sai2krishna
1 Replies
10. Shell Programming and Scripting
I need to list users in /etc/passwd with root's GID or UID or /root as home directory
If we have these entries in /etc/passwd
root:x:0:0:root:/root:/bin/bash
rootgooduser1:x:100:100::/home/gooduser1:/bin/bash
baduser1:x:0:300::/home/baduser1:/bin/bash... (6 Replies)
Discussion started by: anil510
6 Replies
LEARN ABOUT FREEBSD
pam_chroot
PAM_CHROOT(8) BSD System Manager's Manual PAM_CHROOT(8)
NAME
pam_chroot -- Chroot PAM module
SYNOPSIS
[service-name] module-type control-flag pam_chroot [arguments]
DESCRIPTION
The chroot service module for PAM chroots users into either a predetermined directory or one derived from their home directory. If a user's
home directory as specified in the passwd structure returned by getpwnam(3) contains the string ``/./'', the portion of the directory name to
the left of that string is used as the chroot directory, and the portion to the right will be the current working directory inside the chroot
tree. Otherwise, the directories specified by the dir and cwd options (see below) are used.
also_root Do not hold user ID 0 exempt from the chroot requirement.
always Report a failure if a chroot directory could not be derived from the user's home directory, and the dir option was not specified.
cwd=directory
Specify the directory to chdir(2) into after a successful chroot(2) call.
dir=directory
Specify the chroot directory to use if one could not be derived from the user's home directory.
SEE ALSO
pam.conf(5), pam(8)
AUTHORS
The pam_chroot module and this manual page were developed for the FreeBSD Project by ThinkSec AS and NAI Labs, the Security Research Division
of Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 (``CBOSS''), as part of the DARPA CHATS research program.
BSD
February 10, 2003 BSD