|
|
Sponsored Content
Operating Systems
Solaris
Restricting commands & access
Post 302852427 by verdepollo on Wednesday 11th of September 2013 01:57:33 PM
09-11-2013
Quote:
Of course the poster might be using Solaris 8, 9 or a really outdated release of S10.
Anyway... another example of why it's important to be specific about the OS version.
|
|
10 More Discussions You Might Find Interesting
1. Cybersecurity
restricted access...
Hi
I need to restrict users shell access to only $HOME under /home for each user. I don't want them getting out of their own directories. From what I understand chroot is something I could use, but I want to avoid this since it involves creating symbolic links to a number... (9 Replies)
Discussion started by: alwayslearningunix
9 Replies
2. UNIX for Dummies Questions & Answers
I need to create a user that only has access to 1 directory (e.g. /vol/mita/test). The user needs to be able to rsh into that directory to run a script. The user should not be able to navigate to any other directories above /vol/mita/test. Any help would be appreciated! (4 Replies)
Discussion started by: ngagne
4 Replies
3. Solaris
Hi All,
I'm on Solaris 8, I need to provide Read-only access to a user to 2 directories only.
Using rsh (restricted shell) as the user's login shell, I can restrict the user's access to a certain directory only, but how can I set in such a way that the user can access only the 2 directories... (4 Replies)
Discussion started by: max_min
4 Replies
4. UNIX for Advanced & Expert Users
I'm the admin in a shop in which my developers have and use the root account, all UNIX newbies.
I've been unable to convince management myself that this is an unacceptable practice.
I've looked in a couple books I have and can't find any chapters, discussions, etc that make the argument that... (2 Replies)
Discussion started by: keith.m
2 Replies
5. Solaris
We want to secure access to a server by restricting the number of users who can login to it. Our users are NIS users. Only few of them can telnet/ssh this server.
Do you have any idea on how to implement that?
thanks. (1 Reply)
Discussion started by: melanie_pfefer
1 Replies
6. UNIX for Dummies Questions & Answers
Hi all,
I have user called "Z". The home directory is /home/Z. I have another directory /home/Z/OP. Within /home/Z/OP, i have 2 directories
/home/Z/OP/OP1 and /home/Z/OP2.
I want to restrict access for Z to only access
/home/Z/OP and
/home/Z/OP1 and
/home/Z/OP2.
What kind of... (4 Replies)
Discussion started by: new2ss
4 Replies
7. UNIX for Advanced & Expert Users
Hi All,
I am facing a problem, regarding code security on a server.
We have configured a server which contains our code (ear present in jboss/server/xyz/deploy) in it, and need to bind the code to the server itself so that no one can take the code out of the. the problem is that the password of... (3 Replies)
Discussion started by: akshay61286
3 Replies
8. Solaris
Hi all.
I've had a quick look around but cant see anything exactly matching my requirements.
I have a new T2000 running S10. Im looking to restrict the no. cores that a S10 non-global zone can use to 1 only. The box is single CPU but 8core.
I want to do this to save on some software... (4 Replies)
Discussion started by: boneyard
4 Replies
9. UNIX for Dummies Questions & Answers
Hello,
I am using MySecureShell to chroot all sftp accesses. The problem that I have is that my boss does not want root to be able to use sftp. Root should still be able to ssh. Any ideas? (2 Replies)
Discussion started by: mojoman
2 Replies
10. AIX
Hello folks,
I have an AIX server that is connected to a storage array via a Brocade switch using 4 ports from either side. The zoning is done such that there are 4 paths visible from the server to the storage.
My work involves frequent disabling or enabling the switch ports that are... (1 Reply)
Discussion started by: nkiran
1 Replies
LEARN ABOUT FREEBSD
getfacl
GETFACL(1) BSD General Commands Manual GETFACL(1) NAME
getfacl -- get ACL information SYNOPSIS
getfacl [-dhinqv] [file ...] DESCRIPTION
The getfacl utility writes discretionary access control information associated with the specified file(s) to standard output. If the getconf(1) utility indicates that {_POSIX_ACL_EXTENDED} is not in effect for a file then the standard discretionary access permissions are interpreted as an ACL containing only the required ACL entries. The following option is available: -d The operation applies to the default ACL of a directory instead of the access ACL. An error is generated if a default ACL cannot be associated with file. This option is not valid for NFSv4 ACLs. -h If the target of the operation is a symbolic link, return the ACL from the symbolic link itself rather than following the link. -i For NFSv4 ACLs, append numerical ID at the end of each entry containing user or group name. Ignored for POSIX.1e ACLs. -n Display user and group IDs numerically rather than converting to a user or group name. Ignored for POSIX.1e ACLs. -q Do not write commented information about file name and ownership. This is useful when dealing with filenames with unprintable char- acters. -v For NFSv4 ACLs, display access mask and flags in a verbose form. Ignored for POSIX.1e ACLs. The following operand is available: file A pathname of a file whose ACL shall be retrieved. If file is not specified, or a file is specified as -, then getfacl reads a list of pathnames, each terminated by one newline character, from the standard input. For an explanation of the ACL syntax, see the setfacl(1) manual page. EXIT STATUS
The getfacl utility exits 0 on success, and >0 if an error occurs. EXAMPLES
getfacl / Retrieve ACL for the directory /. getfacl -d / Retrieve the default ACL for the directory /, if any. SEE ALSO
setfacl(1), acl(3), getextattr(8), setextattr(8), acl(9), extattr(9) STANDARDS
The getfacl utility is expected to be IEEE Std 1003.2c compliant. HISTORY
Extended Attribute and Access Control List support was developed as part of the TrustedBSD Project and introduced in FreeBSD 5.0. AUTHORS
Robert N M Watson BSD
September 4, 2009 BSD