Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: creating user on SUSE Linux
Operating Systems Linux SuSE creating user on SUSE Linux Post 302443595 by Corona688 on Monday 9th of August 2010 12:29:21 PM
Old 08-09-2010
I repeat: A lot depends on your FTP server. (What is it?) I think proftpd will let you restrict a user to one particular directory, and might even be able to arrange a chroot jail.

That would be highly secure -- as far as his login would be concerned, directories above the one he's chrooted into simply wouldn't exist. If you want to restrict him to one and only one directory and not even know others exist, chroot is what you want.

But, doing that depends on your FTP server.

Being able to create files in directories owned by root is normal if the directory is world-writable or he belongs to a group which is allowed to write to it. WARNING -- if he is able to create files in a directory, he may be able to delete files owned by anyone there as well! This is because file deletion is controlled by directory write permissions, not file ownership. (There are some obscure options in some filesystems to change this behavior.) An example in my home directory:
Code:
$ sudo touch something
Password:
$ ls -l something
-rw-r--r-- 1 root root 0 Aug  9 10:34 something
$ rm something
rm: remove write-protected regular empty file `something'? y
$

Make sure he doesn't belong to any groups he doesn't need to belong to.
Last edited by Corona688; 08-09-2010 at 01:37 PM..
 

4 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

new SuSE User

Hello everybody! I'm Fabian from Germany near Hannover. I bought SuSE 7.1 before 3 days . I want use SuSE as a PHPserver! (My english is very bad) Now my question: Is SuSE or Rad Hat better for this problem? On my system is always run SuSE 7.1 now, but I think Rad Hat is better for this... (4 Replies)
Discussion started by: Fabian
4 Replies

2. UNIX for Dummies Questions & Answers

[LINUX] Creating new user accounts

I've had Linux when I was young, on one of our first computers and learned it pretty quickly... However, I've been working on Windows for about 7 years now and just made the switch back to Linux, Mandrake 9.1. So I have some problem with creating new user accounts. I could create one, but once I... (3 Replies)
Discussion started by: Arendo
3 Replies

3. Shell Programming and Scripting

How to write bash script for creating user on multiple Linux hosts?

I wonder whether someone can help me with what I'm trying to achieve Basically, the objective is one script to create new user on more than 70 linux hosts if required. Everything works apart from the highlighted part. It gave me an output passwd: Unknown user name ''. when try to set... (35 Replies)
Discussion started by: fugeulu
35 Replies

4. UNIX for Advanced & Expert Users

Prevent user from creating new user from his login

Hi Experts, Need your support Redhat 6.5 I want to create a user with all(read, write, execute) privileges except that user should not be able to create any new user from his login to perform any task. (10 Replies)
Discussion started by: as7951
10 Replies

LEARN ABOUT HPUX

userdel

userdel(1M)															       userdel(1M)

NAME

       userdel - delete a user login from the system

SYNOPSIS

       alternate_password_file] login

DESCRIPTION

       The command deletes a user login from the system by modifying the appropriate login related files.

       The  command requires the login argument.  login is the name to be deleted, specified as a string of printable characters.  It may not con-
       tain a colon or a newline

       Refer to usergroupname(5) to understand the functionality changes with the Numeric User Group Name feature.

   Options
       recognizes the following options:

	      The home directory of
			login is removed from the system.  This directory must exist.  Following the successful execution of this command, none of
			the files and directories under the home directory will be available.

			If a user is deleted and the home directory is shared by others, then this directory is not deleted even with the option.

	      Force the changes, even if the login is currently in use.

	      Specify that the changes are being made to the alternate
			password file of NIS specified by the option.  The and options should not be used with this option.

	      Specify the path of the alternate password file of NIS.
			The option is used with the option.

       In  the event where a directory is shared by users of the same group and the owner of that directory is deleted, then the ownership of that
       directory is propagated to the next user who is sharing that directory.	The new owner is determined by looking at the order in	which  the
       users  sharing  this  directory	are added to the file.	If there is only one user remaining then the directory is brought back to unshared
       mode by resetting the permissions to from

   NIS
       This command is aware of NIS user and group entries.  Only local users and groups may be deleted or modified with this  command.   Attempts
       to  delete or modify NIS users or groups will result in an error.  NIS users and groups must be administered from the NIS server.  The com-
       mand may fail with the error

       (return value 6) if the user specified is an NIS user (see passwd(4)).  The error

       (return value 10) is returned if a local user belongs to an NIS group (see group(4)).

   NFS
       Errors may occur with the option if the affected directory is within an NFS mounted file system that does not allow root privileges  across
       the NFS mount, and the directory or files within the directory do not have sufficient permissions.

RETURN VALUE

       exits with one of the following values:

	      Successful completion.

	      Invalid command syntax.

	      Invalid argument supplied to an option.

	      The  login to be removed does not exist.

	      The  login to be removed is in use.

	      Cannot modify the
		   file, but the login was removed from the file.

	      Unable to remove or modify the home directory.

	      Unable to open
		   file or file is non-existent.

	      file or
		   file busy.  Another command may be modifying the file.

	      Cannot delete entry from
		   file.

	      Out of memory.

	      Invalid template file.

EXAMPLES

       Remove the user from the system:

       Remove the user from the system and delete home directory from the system:

WARNINGS

       Because	many users may try to write the file simultaneously, a password locking mechanism was devised.	If this locking fails after subse-
       quent retrying, terminates.

FILES

       Shadow Password file
       System Password file
       System group file
       Lock file used when updating password file

SEE ALSO

       passwd(1), users(1), groupadd(1M), groupdel(1M), groupmod(1M), logins(1M), useradd(1M), usermod(1M), group(4), passwd(4), shadow(4),  user-
       groupname(5).

STANDARDS CONFORMANCE

																       userdel(1M)
All times are GMT -4. The time now is 01:18 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy