01-18-2012
disallow change directory
Dear all expects,
I have a security problem that I would like to resolve.
I need to create a user ID in my AIX 5.3 environment and to point the login to a specific directory for FTP purposes. There is only 2 directories that I can allow the user ID to perform read/write. I would like to prevent the user ID to go other places for read / writing..
User ID : TestFTP
Home Directory : /home/TestFTP
/home/TestFTP/.profile : cd /data06/ABC01
Thus, it ends up sign in to /data06/ABC01.
It should be allowed to read/write on /data06/ABC01 and /data06/ABC01/ABC01_BAK.
Other than that, it cannot cd .. to go back to /data06 or it cannot cd to any other directories.
May I know how to create such as ID?
Thanks.
10 More Discussions You Might Find Interesting
1. Shell Programming and Scripting
Hi all,
I'm trying to wirte a small shell script in Linux. My script has the flow like,
cmd1
cmd2
cd testdata
cmd3
After exiting the program, the CWD remains the same as where I execute the program. I need it to be changed to the latest updated directory in the program. How can I do... (1 Reply)
Discussion started by: vadivel
1 Replies
2. Shell Programming and Scripting
I want to limit the directories that a user can
access. When this users logs in, I do not want
them to cd to any directory but those in their
$HOME. In other words:
login:
pwd:
/home/user
cd / -- user tries to cd to root directory.
pwd
/home/user -- user is still in home... (4 Replies)
Discussion started by: oscarr
4 Replies
3. Shell Programming and Scripting
hi,
Iam in directory A. I run a script from there. inside the script i have a command cd B.
When i come out of the script directory is A only.
Even when i come out scrip i want the directory to be B
How to achieve (2 Replies)
Discussion started by: mkan
2 Replies
4. UNIX for Dummies Questions & Answers
I have a directory that is existing under my root dir of the FTP server. The DIR name is 'Software Patch'. I want to move in to that DIR to download some patches. But, when I issued a command 'cd SOftware Patch', the system said that it cannot find the dir 'Software'. I tried all possible ways like... (2 Replies)
Discussion started by: vskr72
2 Replies
5. UNIX for Advanced & Expert Users
Hello,
What is the best way to disallow new ssh connections for the duration of my session ?
I want to evade read/write collisions. Things work like that - one session put files on server, other copies these files and then deletes them. So in order to evade collision:
- I check if there are... (1 Reply)
Discussion started by: vilius
1 Replies
6. Shell Programming and Scripting
I have a simple shell script that prompts the user to enter a directory to navigate to.
What i want it to do and i don't know how to do this is if the directory is invalid automatically navigate to the home directory.
echo "enter a directory to navigate to:"
read directory
cd $directory... (6 Replies)
Discussion started by: icelated
6 Replies
7. UNIX for Dummies Questions & Answers
Hi,
I Installed mysql on my CentOS 6.2 Server. But when I tried to change the location of /var/lib/mysql to another directory. I can't start the mysql. Below is what I've done
yum install mysql mysql-server mysql-devel
mkdir /path/to/new/
cp -R /var/lib/mysql /path/to/new
chown -R... (1 Reply)
Discussion started by: ganitolngyundre
1 Replies
8. Shell Programming and Scripting
I am trying to do the following task :
export ENV=aaa
export ENV_PATH=$(cd /apps | ls | grep $ENV)
However, it's not working. What's the way to change to directory and search some file in that directory in single command
Please help. (2 Replies)
Discussion started by: saurau
2 Replies
9. Shell Programming and Scripting
Hi All,
There is a code like below in my script
###############################################
###Create Directories and Sub-Directories
###############################################
dpdir=DP_FROM_${from}_TO_${to}
mkdir $dpdir
cd $dpdir
mkdir AWQM WFCONTROLLER PROVCO PRISM
... (1 Reply)
Discussion started by: pvmanikandan
1 Replies
10. Shell Programming and Scripting
#!/bin/bash
echo -n "Enter number of sanger patients : "; read id
perl -ne 'chomp; system ("perl table_annovar.pl $_ humandb/ -buildver hg19 -protocol refGene,popfreq_all,common,clinvar,clinvarsubmit,clinvarreference -operation g,f,f,f,f,f -otherinfo")' < file.txt
I have the above script... (7 Replies)
Discussion started by: cmccabe
7 Replies
LEARN ABOUT OPENSOLARIS
ftpusers
ftpusers(4) File Formats ftpusers(4)
NAME
ftpusers - file listing users to be disallowed ftp login privileges
SYNOPSIS
/etc/ftpd/ftpusers
DESCRIPTION
The ftpusers file lists users for whom ftp login privileges are disallowed. Each ftpuser entry is a single line of the form:
name
where name is the user's login name.
The FTP Server, in.ftpd(1M), reads the ftpusers file. If the login name of the user matches one of the entries listed, it rejects the login
attempt.
The ftpusers file has the following default configuration entries:
root
daemon
bin
sys
adm
lp
uccp
nuucp
smmsp
listen
nobody
noaccess
nobody4
These entries match the default instantiated entries from passwd(4). The list of default entries typically contains the superuser root and
other administrative and system application identities.
The root entry is included in the ftpusers file as a security measure since the default policy is to disallow remote logins for this iden-
tity. This policy is also set in the default value of the CONSOLE entry in the /etc/default/login file. See login(1). If you allow root
login privileges by deleting the root entry in ftpusers, you should also modify the security policy in /etc/default/login to reflect the
site security policy for remote login access by root.
Other default entries are administrative identities that are typically assumed by system applications but never used for local or remote
login, for example sys and nobody. Since these entries do not have a valid password field instantiated in shadow(4), no login can be per-
formed.
If a site adds similar administrative or system application identities in passwd(4) and shadow(4), for example, majordomo, the site should
consider including them in the ftpusers file for a consistent security policy.
Lines that begin with # are treated as comment lines and are ignored.
FILES
/etc/ftpd/ftpusers A file that lists users for whom ftp login privileges are disallowed.
/etc/ftpusers See /etc/ftpd/ftpusers. This file is deprecated, although its use is still supported.
/etc/default/login
/etc/passwd password file
/etc/shadow shadow password file
ATTRIBUTES
See attributes(5) for descriptions of the following attributes:
+-----------------------------+-----------------------------+
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
+-----------------------------+-----------------------------+
|Availability |SUNWftpr |
+-----------------------------+-----------------------------+
|Interface Stability |See below. |
+-----------------------------+-----------------------------+
The interface stability for /etc/ftpd/ftpusers is Volatile. The interface stability for /etc/ftpusers is (Obsolete).
SEE ALSO
login(1), in.ftpd(1M), ftpaccess(4), ftphosts(4), passwd(4), shadow(4), attributes(5), environ(5)
SunOS 5.11 1 May 2003 ftpusers(4)