Make every user that is sharing a member of a group, example "shared"
Then change the group ownership of the shared home area to "shared" and make it group writable and change the sticky bit.
Then ensure all access using a umask 0002 (some clients will try to preserve client side perms, so make sure files, etc. on the client side have group write perms.... an example is sftp, if the client file isn't grouip writable, neither will the remote side when copied).
In order to bypass normal operations and "fix" the bits for any file operation, you'll need an extra level of abstraction to the filesystem (unless somebody knows of something).
Hello!
I want users in a certain group to be restricted to their home directory. So that they have full access to all files and folders in their home directory but the cant go to any directory above.
Does anyone know how to do this?
Anders (1 Reply)
I accidently reset the permissions of my /home/punkrockguy318 directory to root only. How can I get my punkrockguy318 permissions ( and all of it's contents) to be read/write accesable only to punkrockguy318 and root? (5 Replies)
Hi
I want to know which profile will be called when a user without home directory is created.
When I created a user without home directory(by setting in /etc/default/useradd), the user is able to login directly into the main "/" folder but with only read permissions.
Thanks
naina (3 Replies)
Hello All,
I have a new HPUX system going into production and it will be used by 2 projects. One of the contract requirements is the 2 groups can not have access to the others work or data. I believe I have the system pretty well locked up using groups and permissions and selective mounting of... (2 Replies)
Hi,
I am looking for a shell script (or any other way), that puts a user in a home directory jail. So for example, I have a user named richard and I don't want him wandering outside /usr/users/richard. I don't want him to cd to anywhere including cd ..
Somebody said you can do that with... (3 Replies)
I'm using HPUX 11i. The other day a user logon to the workstation and was not able to find the /home/directory (tom is the directory) I login myself and it is the same thing.
The home directory is on the server, so I was thinking of using sam to map it again. does anyone know how to do it... (5 Replies)
My users home directory located in a RHEL 5.0 nfs server.
Client is ubuntu 8.1 using NIS for authntication anf NFS for automounting
home Directory on the client side.
I set 700 to the users home directory.
My problem here is some of the users change the mode, which result in leak of... (2 Replies)
Hi Guys,
I have a problem with configuring a server. this is a solaris 10 with sparc platform.
I have setup so that the server is Authenticating through NIS but I dont want the server to Mount the Home directories. The users need to logged in through the CDE/display.
I have over 200 users... (2 Replies)
RHEL5.0
As we know, when root create a new user, a new home directory will be created : /home/user
I want to know what determine the access permission of /home/user .
Thanks! (1 Reply)
Hi friends,
I must to give ssh connection to own customer.
So I want to lock ssh user on own home directory. It is not necessery to reach other folders. I know that ftp user can lock on own folder but I don't know how to lock ssh user.
I am waitting your kindly helps :D
---------- Post... (10 Replies)
Discussion started by: getrue
10 Replies
LEARN ABOUT CENTOS
pkcsslotd
PKCSSLOTD(8) openCryptoki PKCSSLOTD(8)NAME
pkcsslotd - shared memory manager for opencryptoki
DESCRIPTION
The pkcsslotd daemon manages PKCS#11 objects between PKCS#11-enabled applications. When 2 or more processes are accessing the same crypto-
graphic token, the daemon is notified and updates each application when the token's objects change.
NOTES
Only one instance of the pkcsslotd daemon should be running on any given host. If a prior instance of pkcsslotd did not shut down cleanly,
then it may leave an allocated shared memory segment on the system. The allocated memory segment can be identified by its key and can be
safely removed once the daemon is stopped with the ipcrm command, such as:
ipcrm -M 0x6202AB38
The daemon creates the shared memory segment with group ownership by the pkcs11 group. All non-root users that should be able to use open-
Cryptoki need to be members of the group. Only trusted users should be assigned to the group, see the "SECURITY NOTE" in the opencryp-
toki(7) manual page for details.
SEE ALSO opencryptoki(7),
pkcsconf(1),
pk_config_data(5),
pkcs11_startup(1).
3.0 May 2007 PKCSSLOTD(8)