Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Is there a way to restrict a user (owner) to execute scripts from a specific directory
Top Forums UNIX for Beginners Questions & Answers Is there a way to restrict a user (owner) to execute scripts from a specific directory Post 303040201 by karumudi7 on Thursday 24th of October 2019 09:38:49 PM
Old 10-24-2019
Is there a way to restrict a user (owner) to execute scripts from a specific directory
Hello,

I have a user Bob on a RHEL 7 server1. Where his script area is "/home/Bob/scripts/" and he is the owner for this directory.
On the server1, there is a NFS mount from another server2, with path as "/global/work/" and Bob is the owner for this directory too in server2. (Same UID and GID on both servers).

Now per policy, the "/global/work/" in Server1 is only for reference purpose, but should NOT execute any scripts from here. Because those are suppose to execute from Server2 only.



So how can I restrict, Bob, the owner of both, not to run any shell script from "/global/work" from server1, but allow him to do all other work as normal.


PS: I have access to edit his profile files.


Thanks!
 

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

CRON job to execute all scripts in a directory

Hi everyone: I'm trying to make a CRON job that will execute Fridays at 7am. I have the following: * 7 * * 5 I've been studying up on CRON and I know to have this in a file and then "crontab filename.txt" to add it to the CRON job list. The CRON part I believe I understand, but I would... (6 Replies)
Discussion started by: Annorax
6 Replies

2. Shell Programming and Scripting

How to restrict the number of commands user can execute

Hi all, Is there a way to prevent users from being able to execute commands less a select few? For instance, I wish to allow the user to be only able to execute 1 command, which is exec a.sh. He should not be able to do simple stuff such as ls, cd, rm, cat, etc. Can this be achieved? ... (1 Reply)
Discussion started by: rockysfr
1 Replies

3. UNIX for Advanced & Expert Users

Restrict FTP access to a single directory for only one user.

Hi All, It will be very great if you can help me in this issue. Thanks in advance. I need to enable FTP on a solaris9 server. I need to create a new user some "xxxxxx" and he can only FTP the files to and from between /tftpboot directory and network devices. Other users should not... (8 Replies)
Discussion started by: santhoshkumar_d
8 Replies

4. UNIX for Dummies Questions & Answers

how do U restrict a user to a single directory?

specifically - I don't need to restrict a user to a single directory - but I want them to be "ROOTED" to their home directory. so if my home directory is /home/onlyme when I login - if I do a pwd - I want to see: / but in real life I will be in /home/onlyme - it just appears as root to... (10 Replies)
Discussion started by: itobenon
10 Replies

5. UNIX for Dummies Questions & Answers

restrict one user to see only his home directory in his profile

Hi I need to restrict one user to see only his home directory and one more directory how i can do this in his profile. The OS is Red hat linux I create a user -- tec and group calle --tec one the user log in he will see /home/tec and he need to see /opt/load this dirctory... (6 Replies)
Discussion started by: aboorkuma
6 Replies

6. Linux

Restrict User to only execute the file.

Hi Gurus , I hope you are doing great . Other than owner of the file , OTHERS and GROUP should be restricted from read or write a file created by the owner. OTHERS and GROUP should be only allowed to execute the file. Thanks in advance. (8 Replies)
Discussion started by: palanisvr
8 Replies

7. Red Hat

Restrict user to a particular directory

Hi I have a Fedora10 server and i need a particular user to view files only in a particular folder. All other files in other folders having "read" permission for all shouldn't be accessible to this user. Please let me know if ther's a way. Thanks, HG (5 Replies)
Discussion started by: Hari_Ganesh
5 Replies

8. Solaris

Restrict FTP User to a Directory

I am using Solaris 10 on SPARC. SunOS ddw 5.10 Generic_139555-08 sun4u sparc SUNW,SPARC-Enterprise I have put some text files in a directory '/u01/network' I want to create a ftp user which can just read the files in the network directory. The ftp user shouldn't be able to navigate or see... (4 Replies)
Discussion started by: fahdmirza
4 Replies

9. Solaris

How to restrict user to a specific directory in solaris 10

Hi all, I want to create a new user and grant him ONLY transfer files access to a specific directory where he can only upload and read the files. He should be restricted to this activity only. Regards (6 Replies)
Discussion started by: gilldn
6 Replies

10. AIX

How to restrict user to a particular directory?

hi, I want to restrict some user access to only 1 directory (including all sub-directories/files in it). can you please explain me, how can we do this? example; Filesystem GB blocks Used Free %Used Mounted on /dev/hd4 2.61 1.02 1.59 40% / /dev/hd2 ... (7 Replies)
Discussion started by: aaron8667
7 Replies

LEARN ABOUT SUNOS

install

install(1B)					     SunOS/BSD Compatibility Package Commands					       install(1B)

NAME

       install - install files

SYNOPSIS

       /usr/ucb/install [-cs] [-g group] [-m mode] [-o owner] filename1 filename2

       /usr/ucb/install [-cs] [-g group] [-m mode] [-o owner] filename... directory

       /usr/ucb/install -d [-g group] [-m mode] [-o owner] directory

DESCRIPTION

       install is used within makefiles to copy new versions of files into a destination directory and to create the destination directory itself.

       The first two forms are similar to the cp(1) command with the addition that executable files can be stripped during the copy and the owner,
       group, and mode of the installed file(s) can be given.

       The third form can be used to create a destination directory with the required owner, group and permissions.

       Note: install uses no special privileges to copy files from one place to another. The implications of this are:

	 o  You must have permission to read the files to be installed.

	 o  You must have permission to copy into the destination file or directory.

	 o  You must have permission to change the modes on the final copy of the file if you want to use the -m option to change modes.

	 o  You must be superuser if you want to specify the ownership of the installed file with -o. If you are not the super-user, or if  -o	is
	    not in effect, the installed file will be owned by you, regardless of who owns the original.

OPTIONS

       -c	       Copy  files.  In fact install always copies files, but the -c option is retained for backwards compatibility with old shell
		       scripts that might otherwise break.

       -d	       Create a directory. Missing parent directories are created as required as in mkdir -p. If the directory already exists, the
		       owner, group and mode will be set to the values given on the command line.

       -s	       Strip executable files as they are copied.

       -g group        Set the group ownership of the installed file or directory. (staff by default.)

       -m mode	       Set the mode for the installed file or directory. (0755 by default.)

       -o owner        If run as root, set the ownership of the installed file to the user-ID of owner.

ATTRIBUTES

       See attributes(5) for descriptions of the following attributes:

       +-----------------------------+-----------------------------+
       |      ATTRIBUTE TYPE	     |	    ATTRIBUTE VALUE	   |
       +-----------------------------+-----------------------------+
       |Availability		     |SUNWscpu			   |
       +-----------------------------+-----------------------------+

SEE ALSO

       chgrp(1), chmod(1), chown(1), cp(1), mkdir(1), strip(1), install(1M), attributes(5)

SunOS 5.10							    14 Sep 1992 						       install(1B)
All times are GMT -4. The time now is 04:22 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy