Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Restrict Access to the folder
Top Forums UNIX for Advanced & Expert Users Restrict Access to the folder Post 302332439 by kapilk on Thursday 9th of July 2009 06:25:56 AM
Old 07-09-2009
Restrict Access to the folder
Hi

I have requirement to create 3 new users on my server but to restrict their access to a set of particular folders.

/export/home/kapil/shared,
/export/home/kapil/shared/Folder1
/export/home/kapil/shared/Folder2

These folders should be accessible to all the 3 users and to me too. I should be the owner of all the folders and also new users should be able to write the files inside these folders and should be able to rename the files created by me.

Is there is any way to achive this?
 

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

restrict tcp-port access

Hi Is there any way to restrict the TCP-IP port usage. I want to restrict TCP-IP port 1500/1550 to the oracle osuser. Tanks in advance. Remi (2 Replies)
Discussion started by: remivisser
2 Replies

2. UNIX for Advanced & Expert Users

Apache restrict access with certificates

Hello! Does anyone know if it's possible to restrict access to apache webserver with certificates? What I want is that if a user has a certificate in his browser then he get's access, if not show error or another page. I would be very happy if someone knew! /D (2 Replies)
Discussion started by: Esaia
2 Replies

3. Red Hat

restrict access of a user to two directories only

Hi all, I am using RHEL 5.0 I need a user say test to have full access to two directories, say /tmp1 & /tmp2 only other than his home directory. I do not want to change his login shell which is ksh or bash by default. Moreover, he should not even have read access of other directories. ... (10 Replies)
Discussion started by: vikas027
10 Replies

4. Solaris

Restrict access to solaris10 [SOLVED]

Hello, I have a solaris10 sparc running on a server and it is a Sun DS (LDAP) server as well as LDAP client. I have changed ssh server port to something other than 22 but is there any way to configure that only users abc, def, ghi from LDAP can login via ssh? SSH software on solaris10 is... (0 Replies)
Discussion started by: upengan78
0 Replies

5. UNIX for Dummies Questions & Answers

How to restrict user to one folder alone when they log in

Can some one help me with this issue . I require to restrict a particular user to a particular folder alone when they log in. I dont want this particular user to come out of this folder. Kindly help (7 Replies)
Discussion started by: kirbhas72
7 Replies

6. UNIX for Dummies Questions & Answers

Restrict user access.

Hi All, How can we restrict a particular user access to a particular shell in solaris 10. Thanks in Advance. (5 Replies)
Discussion started by: rama krishna
5 Replies

7. Red Hat

Restrict user access

Hi there I have an application user on my system that wants accesses to these file systems as such: rwx: /SAPO /SAPS12 /R3_888 /R3_888B /R3_888F /R3_888R r: /usr/sap these are the existing FS permissions:ownerships: # ls -ld /SAPO (9 Replies)
Discussion started by: hedkandi
9 Replies

8. Shell Programming and Scripting

Restrict access to .ksh scripts

Hi, How to restrict access to a .ksh script in such the way that the users can only execute the script, neither read nor write. I tried the below code so that my user alone has the rwx and other users can only execute. chmod 711 sample.ksh But when I logged in as a different user... (26 Replies)
Discussion started by: machomaddy
26 Replies

9. Ubuntu

Restrict SUDO Access

Linux ubuntu 3.0.0-12-generic #20-Ubuntu SMP Fri Oct 7 14:56:25 UTC 2011 x86_64 x86_64 x86_64 GNU/Linux Hi Folks, Please help me. I am bit struck here. Here is the OS info. Linux ubuntu 3.0.0-12-generic #20-Ubuntu SMP Fri Oct 7 14:56:25 UTC 2011 x86_64 x86_64 x86_64 GNU/Linux I have a... (17 Replies)
Discussion started by: explorer007
17 Replies

10. UNIX for Dummies Questions & Answers

Restrict access

I'm trying to use squid to restrict elinks' access to certain websites(only http traffic). I have tried some configs in squid.conf but no luck. Hope someone has a bit of time to explain me how can you make these config's :) ---------- Post updated at 05:40 PM ---------- Previous update was at... (1 Reply)
Discussion started by: Birnbacher
1 Replies

LEARN ABOUT DEBIAN

pam_xauth

PAM_XAUTH(8)							 Linux-PAM Manual						      PAM_XAUTH(8)

NAME

       pam_xauth - PAM module to forward xauth keys between users

SYNOPSIS

       pam_xauth.so [debug] [xauthpath=/path/to/xauth] [systemuser=UID] [targetuser=UID]

DESCRIPTION

       The pam_xauth PAM module is designed to forward xauth keys (sometimes referred to as "cookies") between users.

       Without pam_xauth, when xauth is enabled and a user uses the su(1) command to assume another user's privileges, that user is no longer able
       to access the original user's X display because the new user does not have the key needed to access the display. pam_xauth solves the
       problem by forwarding the key from the user running su (the source user) to the user whose identity the source user is assuming (the target
       user) when the session is created, and destroying the key when the session is torn down.

       This means, for example, that when you run su(1) from an xterm session, you will be able to run X programs without explicitly dealing with
       the xauth(1) xauth command or ~/.Xauthority files.

       pam_xauth will only forward keys if xauth can list a key connected to the $DISPLAY environment variable.

       Primitive access control is provided by ~/.xauth/export in the invoking user's home directory and ~/.xauth/import in the target user's home
       directory.

       If a user has a ~/.xauth/import file, the user will only receive cookies from users listed in the file. If there is no ~/.xauth/import
       file, the user will accept cookies from any other user.

       If a user has a .xauth/export file, the user will only forward cookies to users listed in the file. If there is no ~/.xauth/export file,
       and the invoking user is not root, the user will forward cookies to any other user. If there is no ~/.xauth/export file, and the invoking
       user is root, the user will not forward cookies to other users.

       Both the import and export files support wildcards (such as *). Both the import and export files can be empty, signifying that no users are
       allowed.

OPTIONS

       debug
	   Print debug information.

       xauthpath=/path/to/xauth
	   Specify the path the xauth program (it is expected in /usr/X11R6/bin/xauth, /usr/bin/xauth, or /usr/bin/X11/xauth by default).

       systemuser=UID
	   Specify the highest UID which will be assumed to belong to a "system" user. pam_xauth will refuse to forward credentials to users with
	   UID less than or equal to this number, except for root and the "targetuser", if specified.

       targetuser=UID
	   Specify a single target UID which is exempt from the systemuser check.

MODULE TYPES PROVIDED

       Only the session type is provided.

RETURN VALUES

       PAM_BUF_ERR
	   Memory buffer error.

       PAM_PERM_DENIED
	   Permission denied by import/export file.

       PAM_SESSION_ERR
	   Cannot determine user name, UID or access users home directory.

       PAM_SUCCESS
	   Success.

       PAM_USER_UNKNOWN
	   User not known.

EXAMPLES

       Add the following line to /etc/pam.d/su to forward xauth keys between users when calling su:

	   session  optional  pam_xauth.so

IMPLEMENTATION DETAILS

       pam_xauth will work only if it is used from a setuid application in which the getuid() call returns the id of the user running the
       application, and for which PAM can supply the name of the account that the user is attempting to assume. The typical application of this
       type is su(1). The application must call both pam_open_session() and pam_close_session() with the ruid set to the uid of the calling user
       and the euid set to root, and must have provided as the PAM_USER item the name of the target user.

       pam_xauth calls xauth(1) as the source user to extract the key for $DISPLAY, then calls xauth as the target user to merge the key into the
       a temporary database and later remove the database.

       pam_xauth cannot be told to not remove the keys when the session is closed.

FILES

       ~/.xauth/import
	   XXX

       ~/.xauth/export
	   XXX

SEE ALSO

       pam.conf(5), pam.d(5), pam(7)

AUTHOR

       pam_xauth was written by Nalin Dahyabhai <nalin@redhat.com>, based on original version by Michael K. Johnson <johnsonm@redhat.com>.

Linux-PAM Manual						    06/04/2011							      PAM_XAUTH(8)
All times are GMT -4. The time now is 03:55 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy