Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: How to restrict user to one folder alone when they log in
Top Forums UNIX for Dummies Questions & Answers How to restrict user to one folder alone when they log in Post 302487127 by verdepollo on Tuesday 11th of January 2011 01:27:52 PM
Old 01-11-2011
Also it would be helpful to know how the user is going to log in? (ssh, ftp, telnet, cvs?).

Depending on your particular needs, a chroot would do the work or a custom shell (like the ones mentioned above).
 

10 More Discussions You Might Find Interesting

1. Solaris

restrict a user to certain command

Hi all, I am using Sun OS 5.10. I am new to Unix. Is there some way to restrict a specific user to certain command say "/usr/bin/more" ?? for example: I want that user1 can execute more command & user2 can't. Can we somehow edit .profile file in the home directory of user to achieve... (1 Reply)
Discussion started by: vikas027
1 Replies

2. AIX

New user and restrict path

Hello I have a question in Aix 5.3 can I create a user, that only can see a specify path. I mean the user log in the default path its /home/newuser he type cd the path that need to check /example/directory_check but if he wants to go to / or any other path. we can not do this. I only... (1 Reply)
Discussion started by: lo-lp-kl
1 Replies

3. UNIX for Advanced & Expert Users

Restrict Access to the folder

Hi I have requirement to create 3 new users on my server but to restrict their access to a set of particular folders. /export/home/kapil/shared, /export/home/kapil/shared/Folder1 /export/home/kapil/shared/Folder2 These folders should be accessible to all the 3 users and to me too.... (1 Reply)
Discussion started by: kapilk
1 Replies

4. UNIX for Dummies Questions & Answers

Restrict command for an user ?

Hi everyone ! I got "viewer" and "root" user on a *nix computer. When i log in using "viewer" I only can use "df" command. When I try another command like "ls" it say : -bash: ls: command not found I checked permission of "/bin/ls" file, it has excute permission for everyone. Inside home... (4 Replies)
Discussion started by: camus
4 Replies

5. Red Hat

Restrict user to a particular directory

Hi I have a Fedora10 server and i need a particular user to view files only in a particular folder. All other files in other folders having "read" permission for all shouldn't be accessible to this user. Please let me know if ther's a way. Thanks, HG (5 Replies)
Discussion started by: Hari_Ganesh
5 Replies

6. UNIX for Dummies Questions & Answers

Restrict user access.

Hi All, How can we restrict a particular user access to a particular shell in solaris 10. Thanks in Advance. (5 Replies)
Discussion started by: rama krishna
5 Replies

7. Red Hat

Restrict user access

Hi there I have an application user on my system that wants accesses to these file systems as such: rwx: /SAPO /SAPS12 /R3_888 /R3_888B /R3_888F /R3_888R r: /usr/sap these are the existing FS permissions:ownerships: # ls -ld /SAPO (9 Replies)
Discussion started by: hedkandi
9 Replies

8. AIX

How to restrict user to a particular directory?

hi, I want to restrict some user access to only 1 directory (including all sub-directories/files in it). can you please explain me, how can we do this? example; Filesystem GB blocks Used Free %Used Mounted on /dev/hd4 2.61 1.02 1.59 40% / /dev/hd2 ... (7 Replies)
Discussion started by: aaron8667
7 Replies

9. HP-UX

Restrict ssh for particular user

Dear Concern, We want to restrict ssh for particular user "oracle". Our HP UX version is as below. Please advise. # uname -a HP-UX tabsdb02 B.11.31 U ia64 2963363594 unlimited-user license (2 Replies)
Discussion started by: makauser
2 Replies

10. Web Development

Restrict user for certain number of connection

Hello, I need help in Apache to restrict user for number of concurrent connection. its basically related to nagios monitoring site. End user opening N no of tab to monitor and it increase load on server. any setting will help me here. (3 Replies)
Discussion started by: ghpradeep
3 Replies

LEARN ABOUT DEBIAN

rssh.conf

RSSH.CONF(5)							  Derek D. Martin						      RSSH.CONF(5)

NAME

       /etc/rssh.conf - configuration file for rssh

OVERVIEW

       rssh.conf is the configuration file for rssh.  It allows the system administrator to control the behavior of the shell.	Configuration key-
       words are either used by themselves on a line, or followed by an equal sign ('=') and a configuration value.  Comments start  with  a  hash
       ('#')  and  can occur anywhere on the line.  Configuration options are case insensitive. Spaces at the beginning or end of line, or between
       the equal sign and the configuration keywords or values are ignored.  If the value of a configuration option contains  spaces,  it  (or	at
       least the space) must be enclosed in either single or double quotes.

       A  default  configuration  file is provided with the source distribution of rssh.  If the configuration file is missing or contains errors,
       ssh will lock out all users.  If a config file is present, the default is to lock out users if no services have been explicitly allowed.

       New in v2.1 is the ability to configure options on a per-user basis, using the user keyword.  More details are below.

CONFIGURATION KEYWORDS

       allowscp
	      Tells the shell that scp is allowed.

       allowsftp
	      Tells the shell that sftp is allowed.

       allowcvs
	      Tells the shell that cvs is allowed.

       allowrdist
	      Tells the shell that rdist is allowed.

       allowrsync
	      Tells the shell that rsync is allowed.

       allowsvnserve
	      Tells the shell that svnserve is allowed.

       umask
	      Sets the umask value for file creations in the scp/sftp session.	This is normally set at login time by the user's shell.  In  order
	      not to use the system default, rssh must set the umask.

       logfacility
	      Allows  the  system  administrator  to control what syslog facility rssh logs to.  The facilities are the same as those used by sys-
	      logd.conf(5), or the C macros for the facilities can be used instead.  For example:

	      logfacility=user
	      logfacility=LOG_USER

	      are equivalent, and tell rssh to use the user facility for logging to syslog.

       chrootpath
	      Causes rssh (actually a helper program) to call the chroot() system call, changing the root of the file system to whatever directory
	      is specified.  Note that the value on the right hand side of the equal sign is the name of a directory, not a command.  For example:

	      chrootpath=/usr/chroot

	      will  change  the  root  of  the	virtual  file  system to /usr/chroot, preventing the user from being able to access anything below
	      /usr/chroot in the file system, and making /usr/chroot appear to be the root directory.  Care must be  taken  to	set  up  a  proper
	      chroot jail; see the file CHROOT in the rssh source distribution for hints about how to do this.	See also the chroot(2) man page.

	      If  the  user's home directory (as specified in /etc/passwd) is underneath the path specified by this keyword, then the user will be
	      chdir'd into their home directory.  If it is not, then they will be chdir'd to the root of the chroot jail.

	      In other words, if the jail is /chroot, and your user's home directory is /chroot/home/user, then  once  rssh_chroot_helper  changes
	      the  root  of the system, it will cd into /home/user inside the jail.  However, if your user's home directory is given as /home/user
	      in /etc/passwd, then even if that directory exists in the jail, the chroot helper will not try to cd there.  The user's normal  home
	      directory must live inside the jail for this to work.

       user
	      The  user  keyword  allows  for the configuration of options on a per-user basis.  THIS KEYWORD OVERRIDES ALL OTHER KEYWORDS FOR THE
	      SPECIFIED USER.  That is, if you use a user keyword for user foo, then foo will use only the settings in that user line, and not any
	      of  the settings set with the keywords above.  The user keyword's argument consists of a group of fields separated by a colon (':'),
	      as shown below.  The fields are, in order:

	      username
		     The username of the user for whom the entry provides options
	      umask
		     The umask for this user, in octal, just as it would be specified to the shell
	      access bits
		     Six binary digits, which indicate whether the user is allowed to use rsync, rdist, cvs,  sftp,  scp  and  svnserve,  in  that
		     order.  One means the command is allowed, zero means it is not.
	      path
		     The  directory  to which this user should be chrooted (this is not a command, it is a directory name).  See chroot_path above
		     for complete details.

	      For example, you might have something like this:

	      user = luser:022:000010:

	      This does the following: for the user with the username "luser", set the umask to 022, disallow sftp, and allow scp.  Because  there
	      is  no  chroot  path  specified,	the  user will not be chrooted, regardless of default options set with the keywords above.  If you
	      wanted this user to be chrooted, you would need to specify the chroot path explicitly, even if it should be the  same  as  that  set
	      using the chrootpath keyword.  Remember that if there are spaces in the path, you need to quote it, something like this:

	      user = "luser:022:000010:/usr/local/chroot dir"

	      See the default rssh.conf file for more examples.

SEE ALSO

       rssh(1), sshd(8), ssh(1), scp(1), sftp(1), svnserve(8), syslogd.conf(5), chroot(2).

man pages							    7 Jul 2003							      RSSH.CONF(5)
All times are GMT -4. The time now is 02:48 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy