05-11-2011
By "restricted files", what do you mean?
BTW, my previous post was just to give you an idea.
regards,
Ahamed
10 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
Hi
I want to know which profile will be called when a user without home directory is created.
When I created a user without home directory(by setting in /etc/default/useradd), the user is able to login directly into the main "/" folder but with only read permissions.
Thanks
naina (3 Replies)
Discussion started by: naina
3 Replies
2. UNIX for Dummies Questions & Answers
Hi,
I am looking for a shell script (or any other way), that puts a user in a home directory jail. So for example, I have a user named richard and I don't want him wandering outside /usr/users/richard. I don't want him to cd to anywhere including cd ..
Somebody said you can do that with... (3 Replies)
Discussion started by: mz043
3 Replies
3. UNIX for Dummies Questions & Answers
I'm using HPUX 11i. The other day a user logon to the workstation and was not able to find the /home/directory (tom is the directory) I login myself and it is the same thing.
The home directory is on the server, so I was thinking of using sam to map it again. does anyone know how to do it... (5 Replies)
Discussion started by: blizzgamer
5 Replies
4. Solaris
How to find al the user's home directories? (2 Replies)
Discussion started by: a2156z
2 Replies
5. Solaris
Hi Guys,
I have a problem with configuring a server. this is a solaris 10 with sparc platform.
I have setup so that the server is Authenticating through NIS but I dont want the server to Mount the Home directories. The users need to logged in through the CDE/display.
I have over 200 users... (2 Replies)
Discussion started by: Luky
2 Replies
6. Solaris
# ls -l
total 10
-rw-r--r-- 1 dummy2 other 140 Jun 19 21:37 local.cshrc
-rw-r--r-- 1 dummy2 other 136 Jun 19 21:37 local.cshrc~
-rw-r--r-- 1 dummy2 other 157 Jun 19 21:37 local.login
-rw-r--r-- 1 dummy2 other 178 Jun 19 21:37 local.profile... (6 Replies)
Discussion started by: chidori
6 Replies
7. AIX
Hello,
I must close ssh users to the home directory.
It means the users musn't see anything inside their home directory.
For example after login to the os and type this command "cd .."
or "cd /" it musn't work.
How can I implement it?
(Probably chroot or rootsh but how?) (1 Reply)
Discussion started by: jeszi
1 Replies
8. Emergency UNIX and Linux Support
Hi all,
So I have created two Centos machines. One is configured as a NIS master and the second is a NIS cleint. The NIS configs are all working perfectly.
I created a user nisuser on NIS Master and I can use it on the client. BUT it doesnt show a home directory . Ive been told there is... (9 Replies)
Discussion started by: Junaid Subhani
9 Replies
9. UNIX for Advanced & Expert Users
Hi,
I have created a shared directory on /home, where all users on a certain group have read, write and execute permissions.
I did this using
chmod -R g+rwx /home/shared/
The problem is, when a particular user creates a directory within /home/shared, other users are not able to write to... (8 Replies)
Discussion started by: lost.identity
8 Replies
10. HP-UX
Hi
I need to set $HISTFILE for a user with no home directory. How to go about it because this user does not have a .profilefile. (5 Replies)
Discussion started by: fretagi
5 Replies
SMRSH(8) System Manager's Manual SMRSH(8)
NAME
smrsh - restricted shell for sendmail
SYNOPSIS
smrsh -c command
DESCRIPTION
The smrsh program is intended as a replacement for sh for use in the ``prog'' mailer in sendmail(8) configuration files. It sharply limits
the commands that can be run using the ``|program'' syntax of sendmail in order to improve the over all security of your system. Briefly,
even if a ``bad guy'' can get sendmail to run a program without going through an alias or forward file, smrsh limits the set of programs
that he or she can execute.
Briefly, smrsh limits programs to be in a single directory, by default /usr/adm/sm.bin, allowing the system administrator to choose the set
of acceptable commands, and to the shell builtin commands ``exec'', ``exit'', and ``echo''. It also rejects any commands with the charac-
ters ``', `<', `>', `;', `$', `(', `)', `
' (carriage return), or `
' (newline) on the command line to prevent ``end run'' attacks. It
allows ``||'' and ``&&'' to enable commands like: ``"|exec /usr/local/bin/filter || exit 75"''
Initial pathnames on programs are stripped, so forwarding to ``/usr/ucb/vacation'', ``/usr/bin/vacation'', ``/home/server/mydir/bin/vaca-
tion'', and ``vacation'' all actually forward to ``/usr/adm/sm.bin/vacation''.
System administrators should be conservative about populating the sm.bin directory. For example, a reasonable additions is vacation(1),
and the like. No matter how brow-beaten you may be, never include any shell or shell-like program (such as perl(1)) in the sm.bin direc-
tory. Note that this does not restrict the use of shell or perl scripts in the sm.bin directory (using the ``#!'' syntax); it simply dis-
allows execution of arbitrary programs. Also, including mail filtering programs such as procmail(1) is a very bad idea. procmail(1)
allows users to run arbitrary programs in their procmailrc(5).
COMPILATION
Compilation should be trivial on most systems. You may need to use -DSMRSH_PATH="path" to adjust the default search path (defaults to
``/bin:/usr/bin:/usr/ucb'') and/or -DSMRSH_CMDDIR="dir" to change the default program directory (defaults to ``/usr/adm/sm.bin'').
FILES
/usr/adm/sm.bin - default directory for restricted programs on most OSs
/var/adm/sm.bin - directory for restricted programs on HP UX and Solaris
/usr/libexec/sm.bin - directory for restricted programs on FreeBSD (>= 3.3) and DragonFly BSD
SEE ALSO
sendmail(8)
$Date: 2004/08/06 03:55:35 $ SMRSH(8)