Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Limit user access
Operating Systems AIX Limit user access Post 302436888 by verdepollo on Tuesday 13th of July 2010 11:47:46 AM
Old 07-13-2010
What about a chroot with hard links to the three directories???
 

10 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

User Login Limit

Gud day :) We have a limited user login so we want to restrict 1 login per user. We have added below script in each user's profile but it is not working :confused: , I displayed the output for COUNT (by inserting echo command) but the value is always 1. Hope you could help me. Thanks ;) ... (3 Replies)
Discussion started by: lancemendioro
3 Replies

2. AIX

Limit a user on AIX

Hello, Sorry for my poor English. I have to reduce rights for a user on AIX system so that: When he does , he find in output, only filesystems on which he has permissions .He can't do to change user. Very thanks for helping. (2 Replies)
Discussion started by: edosseh
2 Replies

3. IP Networking

Does my provider limit my internet access or somesites access?

Hi Good Day, i would like to ask for further info about my problems experiencing this evening. Im a PPP0 connection in the internet using 3G located in asia pacific region.i had this problem this evening in my INTERNET connections that there are some sites i can't open example ( Gizmodo.com,... (2 Replies)
Discussion started by: jao_madn
2 Replies

4. UNIX and Linux Applications

pnp4nagios limit access

I have nagios contacts set up, and these successfully limit access to view hosts and services in the nagios web UI. But pnp4nagios gives access to all graphs (by editing the hostname and service name in the URL) - it does not respect the nagios-defined access controls. (0 Replies)
Discussion started by: ahmad.zuhd
0 Replies

5. Homework & Coursework Questions

Limit simultaneous file access

Use and complete the template provided. The entire template must be completed. If you don't, your post may be deleted! 1. The problem statement, all variables and given/known data: So my problem is: 4990 of 5000 users should be able to access a file. How can this be accomplished. 2.... (1 Reply)
Discussion started by: protiss
1 Replies

6. Cybersecurity

Limit access in Ubuntu

can we use semantec or any kind of software in ubuntu/linux to limit access of a user to edit a specific file? example::: a. will not play media player or use usb. we will edit blacklist.conf to do this. however user should still be able to do apt-get install, shutdown, edit other files etc.... (1 Reply)
Discussion started by: lhareigh890
1 Replies

7. Solaris

How to Limit ftp access parameters for specific users?

Dear friends, :) I create new user useradd -g other -d /export/home/sltftp -m -s /bin/bash -c "SLT user account for TMA ftp backup" sltftp now i need do restrict thees chmod delete overwrite rename from this user:(for all the files in the server ,sltftp user can only able to download... (4 Replies)
Discussion started by: darakas
4 Replies

8. Solaris

Limit FTP user's access to a specific directory

Hi, I have searched "Limit FTP user's access to a specific directory" subject for 3 days. I found proftp and vsftp but i couldn't compile and install. Is there any idea. Please suggest. (6 Replies)
Discussion started by: hamurd
6 Replies

9. UNIX and Linux Applications

Limit Website access upto specific count

Hi to all, I am new to Linux. but i am facing issue with my web server in Ubuntu 11.10. In my webserver i want to restrict maximum users website access (e.g., suppose i want to restrict users to access web to 250 persons in single time). So can you please suggest me to how to do that in... (1 Reply)
Discussion started by: Chintanghanti
1 Replies

10. Solaris

Limit bash/sh user's access to a specific directory

Hello Team, I have Solaris 10 u6 I have a user test1 using bash that belong to the group staff. I would like to restrict this user to navigate only in his home directory and his subfolders but not not move out to other directories. How can I do it ? Thanks in advance (1 Reply)
Discussion started by: csierra
1 Replies

LEARN ABOUT FREEBSD

chroot

CHROOT(2)						      BSD System Calls Manual							 CHROOT(2)

NAME

     chroot -- change root directory

LIBRARY

     Standard C Library (libc, -lc)

SYNOPSIS

     #include <unistd.h>

     int
     chroot(const char *dirname);

DESCRIPTION

     The dirname argument is the address of the pathname of a directory, terminated by an ASCII NUL.  The chroot() system call causes dirname to
     become the root directory, that is, the starting point for path searches of pathnames beginning with '/'.

     In order for a directory to become the root directory a process must have execute (search) access for that directory.

     It should be noted that chroot() has no effect on the process's current directory.

     This call is restricted to the super-user.

     Depending on the setting of the 'kern.chroot_allow_open_directories' sysctl variable, open filedescriptors which reference directories will
     make the chroot() fail as follows:

     If 'kern.chroot_allow_open_directories' is set to zero, chroot() will always fail with EPERM if there are any directories open.

     If 'kern.chroot_allow_open_directories' is set to one (the default), chroot() will fail with EPERM if there are any directories open and the
     process is already subject to the chroot() system call.

     Any other value for 'kern.chroot_allow_open_directories' will bypass the check for open directories

RETURN VALUES

     Upon successful completion, the value 0 is returned; otherwise the value -1 is returned and the global variable errno is set to indicate the
     error.

ERRORS

     The chroot() system call will fail and the root directory will be unchanged if:

     [ENOTDIR]		A component of the path name is not a directory.

     [EPERM]		The effective user ID is not the super-user, or one or more filedescriptors are open directories.

     [ENAMETOOLONG]	A component of a pathname exceeded 255 characters, or an entire path name exceeded 1023 characters.

     [ENOENT]		The named directory does not exist.

     [EACCES]		Search permission is denied for any component of the path name.

     [ELOOP]		Too many symbolic links were encountered in translating the pathname.

     [EFAULT]		The dirname argument points outside the process's allocated address space.

     [EIO]		An I/O error occurred while reading from or writing to the file system.

SEE ALSO

     chdir(2), jail(2)

HISTORY

     The chroot() system call appeared in 4.2BSD.  It was marked as ``legacy'' in Version 2 of the Single UNIX Specification (``SUSv2''), and was
     removed in subsequent standards.

BUGS

     If the process is able to change its working directory to the target directory, but another access control check fails (such as a check for
     open directories, or a MAC check), it is possible that this system call may return an error, with the working directory of the process left
     changed.

SECURITY CONSIDERATIONS

     The system have many hardcoded paths to files where it may load after the process starts.	It is generally recommended to drop privileges
     immediately after a successful chroot call, and restrict write access to a limited subtree of the chroot root, for instance, setup the sand-
     box so that the sandboxed user will have no write access to any well-known system directories.

BSD
								  January 3, 2012							       BSD
All times are GMT -4. The time now is 04:09 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy