05-05-2011
Quote:
Originally Posted by
netfreighter
How to create a user account on a Linux desktop machine with restrictions on connecting to the LAN, WAN, PCMCIA ports, Firewire, CDROM and generally any user controllable output options?
Don't give it any USB, CDROM, Firewire, or ethernet drivers and it won't have any USB, CDROM, Firewire, or ethernet devices.
How to do this depends on the distro. There's a few options. If these things are all modules, you can blacklist the relevant modules and they won't be able to get these modules loaded without first logging in as root. If you're compiling your own kernel you can just leave these options out entirely.
Of course, none of this prevents them just popping in a livecd and booting with that. They could do that on a mac too.
For that matter, nothing prevents them taking photographs of the screen, either.
10 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
I want to map out specific USB ports. For example if there are 7 ports on a USB hub I want to be able to identify port #2 and send a file there. How does UNIX see these ports? (1 Reply)
Discussion started by: eggfoot
1 Replies
2. Solaris
Please let me know how to setup a non-root user to be able to access a privileged port (<1024) on Solaris 8. I am currently running tomcat as "tomcat" user and I get the following error during to start up:
SEVERE: Error initializing endpoint
java.net.BindException: Permission denied<null>:443 (5 Replies)
Discussion started by: pingmeback
5 Replies
3. Red Hat
Hi Guys,
as above, how do I enable automount for USB/CDROM/DVDROM in RHEL4 & 5?
I have searched the forum on this topic but didn't find any.
Also searched the net but it seems confusing and there are different ways to do things depending on the distros.
Btw, I am on RHEL command line only... (4 Replies)
Discussion started by: DrivesMeCrazy
4 Replies
4. Linux
Hello to everyone,
I am new to linux and I want to move to this system after bad experiences with windows.
I have also a particular problem. An old laptop is probably able to handle just linux at this point of its life.
The cdrom is gone, the bios doesn't have usb boot support, there is no... (6 Replies)
Discussion started by: highkftj
6 Replies
5. Solaris
Hello,
I would to create a new user with some restriction: Example "Toto"
I am a newer in unix please tell me how to do
1. The user will will have only remote access via FTP ( not telnet, ssh etc ...)
2. The user will not be able to access via FTP to other directory
4) He will access only... (1 Reply)
Discussion started by: fedeboubou
1 Replies
6. Shell Programming and Scripting
Hi,
I am setting up a new Suse server and I'm very happy with it :). So far Apache2, SVN, PHP5 and MySQL are up and running. Now I want to create and delete users (for coders for our projects) but they aren't allowed to do anything so there must be some restrictions. I want access restriction so... (0 Replies)
Discussion started by: kever
0 Replies
7. UNIX for Dummies Questions & Answers
Hi,
I am setting up a new Suse server and I'm very happy with it . So far Apache2, SVN, PHP5 and MySQL are up and running. Now I want to create and delete users (for coders for our projects) but they aren't allowed to do anything so there must be some restrictions. I want access restriction so... (1 Reply)
Discussion started by: kever
1 Replies
8. UNIX for Advanced & Expert Users
Hi all,
I am facing a problem while writing a shell script.
My machine has two USB ports- left port and right port.
whenever I connect USBS to both the ports, entry is generated as /sys/block/sdc and /sys/block/sdd and I mount the USBs to a particular directory.
But I need to know... (3 Replies)
Discussion started by: Pkumar Sachin
3 Replies
9. Shell Programming and Scripting
Hi,
I need to work on restricting the Linux commands to the ADMIN user to some extent. It means for example, Admin users should not use passwd command to change the password of "root" or other important accounts like oracle, etc.,
So, I want to know which commands should be restricted upto which... (5 Replies)
Discussion started by: Dpu
5 Replies
10. UNIX for Advanced & Expert Users
Hi,
I have a requirement to provide root access but user should not run some specific commands, How it is possible.
following is my configuration at sudoers file,
Cmnd_Alias MYLIMIT = /usr/bin/passwd /sbin/shutdown /usr/bin/reboot /usr/sbin/visudo /bin/vi /usr/bin/vim
test2... (5 Replies)
Discussion started by: anuragr
5 Replies
LSHW(1) LSHW(1)
NAME
lshw - list hardware
SYNOPSIS
lshw [ -version ]
lshw [ -help ]
lshw [ -X ]
lshw [ [ -html ] [ -short ] [ -xml ] [ -json ] [ -businfo ] ] [ -dump filename ] [ -class class... ] [ -disable test... ] [
-enable test... ] [ -sanitize ] [ -numeric ] [ -quiet ]
DESCRIPTION
lshw is a small tool to extract detailed information on the hardware configuration of the machine. It can report exact memory configura-
tion, firmware version, mainboard configuration, CPU version and speed, cache configuration, bus speed, etc. on DMI-capable x86 or IA-64
systems and on some PowerPC machines (PowerMac G4 is known to work).
It currently supports DMI (x86 and IA-64 only), OpenFirmware device tree (PowerPC only), PCI/AGP, CPUID (x86), IDE/ATA/ATAPI, PCMCIA (only
tested on x86), SCSI and USB.
-version
Displays the version of lshw and exits.
-help Displays the available command line options and quits.
-X Launch the X11 GUI (if available).
-html Outputs the device tree as an HTML page.
-xml Outputs the device tree as an XML tree.
-json Outputs the device tree as a JSON object (JavaScript Object Notation).
-short Outputs the device tree showing hardware paths, very much like the output of HP-UX's ioscan.
-businfo
Outputs the device list showing bus information, detailing SCSI, USB, IDE and PCI addresses.
-dump filename
Dump collected information into a file (SQLite database).
-class class
Only show the given class of hardware. class can be found using lshw -short or lshw -businfo.
-C class
Alias for -class class.
-enable test
-disable test
Enables or disables a test. test can be dmi (for DMI/SMBIOS extensions), device-tree (for OpenFirmware device tree), spd (for memory
Serial Presence Detect), memory (for memory-size guessing heuristics), cpuinfo (for kernel-reported CPU detection), cpuid (for CPU
detection), pci (for PCI/AGP access), isapnp (for ISA PnP extensions), pcmcia (for PCMCIA/PCCARD), ide (for IDE/ATAPI), usb (for USB
devices),scsi (for SCSI) or network (for network interfaces detection).
-quiet Don't display status.
-sanitize
Remove potentially sensitive information from output (IP addresses, serial numbers, etc.).
-numeric
Also display numeric IDs (for PCI and USB devices).
BUGS
lshw currently does not detect Firewire(IEEE1394) devices.
Not all architectures supported by GNU/Linux are fully supported (e.g. CPU detection).
"Virtual" SCSI interfaces used for SCSI emulation over IDE are not reported correctly yet.
NOTES
lshw must be run as super user or it will only report partial information.
FILES
/usr/local/share/pci.ids
/usr/share/pci.ids
/etc/pci.ids
/usr/share/hwdata/pci.ids
A list of all known PCI ID's (vendors, devices, classes and subclasses).
/proc/bus/pci/*
Used to access the configuration of installed PCI busses and devices.
/proc/ide/*
Used to access the configuration of installed IDE busses and devices.
/proc/scsi/*, /dev/sg*
Used to access the configuration of installed SCSI devices.
/dev/cpu/*/cpuid
Used on x86 platforms to access CPU-specific configuration.
/proc/device-tree/*
Used on PowerPC platforms to access OpenFirmware configuration.
/proc/bus/usb/*
Used to access the configuration of installed USB busses and devices.
/sys/* Used on 2.6 kernels to access hardware/driver configuration information.
EXAMPLES
lshw -short
Lists hardware in a compact format.
lshw -class disk -class storage
Lists all disks and storage controllers in the system.
lshw -html -class network
Lists all network interfaces in HTML.
lshw -disable dmi
Don't use DMI to detect hardware.
SEE ALSO
/proc/*, linuxinfo(1), lspci(8), lsusb(8)
COPYING
lshw is distributed under the GNU GENERAL PUBLIC LICENSE (GPL) version 2.
AUTHOR
lshw is maintained by Lyonel Vincent <lyonel@ezix.org>.
OTHER INFO
The webpage for lshw is at
<URL:http://lshw.org/>
$Rev: 2179 $ 30 May 2010 LSHW(1)