Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Is there a way to restrict a user (owner) to execute scripts from a specific directory
Top Forums UNIX for Beginners Questions & Answers Is there a way to restrict a user (owner) to execute scripts from a specific directory Post 303040208 by Peasant on Thursday 24th of October 2019 11:51:06 PM
Old 10-25-2019
How about mounting the NFS share read-only / noexec no the reference server ?
User will still be able to execute the script in that directory/mountpoint using bash script.sh
Read only would stop write on that same filesystem if that would help.

Even if you do all possible magic, a shell access and permissions would still allow user Bob to copy / change / execute the shell code on server1.

Actually, i cannot think of a way to stop user Bob of being Bob in your use case, no matter which server is in question.
Perhaps someone else here has some bright idea Smilie

Hope that helps
Regards
Peasant.
 

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

CRON job to execute all scripts in a directory

Hi everyone: I'm trying to make a CRON job that will execute Fridays at 7am. I have the following: * 7 * * 5 I've been studying up on CRON and I know to have this in a file and then "crontab filename.txt" to add it to the CRON job list. The CRON part I believe I understand, but I would... (6 Replies)
Discussion started by: Annorax
6 Replies

2. Shell Programming and Scripting

How to restrict the number of commands user can execute

Hi all, Is there a way to prevent users from being able to execute commands less a select few? For instance, I wish to allow the user to be only able to execute 1 command, which is exec a.sh. He should not be able to do simple stuff such as ls, cd, rm, cat, etc. Can this be achieved? ... (1 Reply)
Discussion started by: rockysfr
1 Replies

3. UNIX for Advanced & Expert Users

Restrict FTP access to a single directory for only one user.

Hi All, It will be very great if you can help me in this issue. Thanks in advance. I need to enable FTP on a solaris9 server. I need to create a new user some "xxxxxx" and he can only FTP the files to and from between /tftpboot directory and network devices. Other users should not... (8 Replies)
Discussion started by: santhoshkumar_d
8 Replies

4. UNIX for Dummies Questions & Answers

how do U restrict a user to a single directory?

specifically - I don't need to restrict a user to a single directory - but I want them to be "ROOTED" to their home directory. so if my home directory is /home/onlyme when I login - if I do a pwd - I want to see: / but in real life I will be in /home/onlyme - it just appears as root to... (10 Replies)
Discussion started by: itobenon
10 Replies

5. UNIX for Dummies Questions & Answers

restrict one user to see only his home directory in his profile

Hi I need to restrict one user to see only his home directory and one more directory how i can do this in his profile. The OS is Red hat linux I create a user -- tec and group calle --tec one the user log in he will see /home/tec and he need to see /opt/load this dirctory... (6 Replies)
Discussion started by: aboorkuma
6 Replies

6. Linux

Restrict User to only execute the file.

Hi Gurus , I hope you are doing great . Other than owner of the file , OTHERS and GROUP should be restricted from read or write a file created by the owner. OTHERS and GROUP should be only allowed to execute the file. Thanks in advance. (8 Replies)
Discussion started by: palanisvr
8 Replies

7. Red Hat

Restrict user to a particular directory

Hi I have a Fedora10 server and i need a particular user to view files only in a particular folder. All other files in other folders having "read" permission for all shouldn't be accessible to this user. Please let me know if ther's a way. Thanks, HG (5 Replies)
Discussion started by: Hari_Ganesh
5 Replies

8. Solaris

Restrict FTP User to a Directory

I am using Solaris 10 on SPARC. SunOS ddw 5.10 Generic_139555-08 sun4u sparc SUNW,SPARC-Enterprise I have put some text files in a directory '/u01/network' I want to create a ftp user which can just read the files in the network directory. The ftp user shouldn't be able to navigate or see... (4 Replies)
Discussion started by: fahdmirza
4 Replies

9. Solaris

How to restrict user to a specific directory in solaris 10

Hi all, I want to create a new user and grant him ONLY transfer files access to a specific directory where he can only upload and read the files. He should be restricted to this activity only. Regards (6 Replies)
Discussion started by: gilldn
6 Replies

10. AIX

How to restrict user to a particular directory?

hi, I want to restrict some user access to only 1 directory (including all sub-directories/files in it). can you please explain me, how can we do this? example; Filesystem GB blocks Used Free %Used Mounted on /dev/hd4 2.61 1.02 1.59 40% / /dev/hd2 ... (7 Replies)
Discussion started by: aaron8667
7 Replies

LEARN ABOUT HPUX

userdel

userdel(1M)															       userdel(1M)

NAME

       userdel - delete a user login from the system

SYNOPSIS

       alternate_password_file] login

DESCRIPTION

       The command deletes a user login from the system by modifying the appropriate login related files.

       The  command requires the login argument.  login is the name to be deleted, specified as a string of printable characters.  It may not con-
       tain a colon or a newline

       Refer to usergroupname(5) to understand the functionality changes with the Numeric User Group Name feature.

   Options
       recognizes the following options:

	      The home directory of
			login is removed from the system.  This directory must exist.  Following the successful execution of this command, none of
			the files and directories under the home directory will be available.

			If a user is deleted and the home directory is shared by others, then this directory is not deleted even with the option.

	      Force the changes, even if the login is currently in use.

	      Specify that the changes are being made to the alternate
			password file of NIS specified by the option.  The and options should not be used with this option.

	      Specify the path of the alternate password file of NIS.
			The option is used with the option.

       In  the event where a directory is shared by users of the same group and the owner of that directory is deleted, then the ownership of that
       directory is propagated to the next user who is sharing that directory.	The new owner is determined by looking at the order in	which  the
       users  sharing  this  directory	are added to the file.	If there is only one user remaining then the directory is brought back to unshared
       mode by resetting the permissions to from

   NIS
       This command is aware of NIS user and group entries.  Only local users and groups may be deleted or modified with this  command.   Attempts
       to  delete or modify NIS users or groups will result in an error.  NIS users and groups must be administered from the NIS server.  The com-
       mand may fail with the error

       (return value 6) if the user specified is an NIS user (see passwd(4)).  The error

       (return value 10) is returned if a local user belongs to an NIS group (see group(4)).

   NFS
       Errors may occur with the option if the affected directory is within an NFS mounted file system that does not allow root privileges  across
       the NFS mount, and the directory or files within the directory do not have sufficient permissions.

RETURN VALUE

       exits with one of the following values:

	      Successful completion.

	      Invalid command syntax.

	      Invalid argument supplied to an option.

	      The  login to be removed does not exist.

	      The  login to be removed is in use.

	      Cannot modify the
		   file, but the login was removed from the file.

	      Unable to remove or modify the home directory.

	      Unable to open
		   file or file is non-existent.

	      file or
		   file busy.  Another command may be modifying the file.

	      Cannot delete entry from
		   file.

	      Out of memory.

	      Invalid template file.

EXAMPLES

       Remove the user from the system:

       Remove the user from the system and delete home directory from the system:

WARNINGS

       Because	many users may try to write the file simultaneously, a password locking mechanism was devised.	If this locking fails after subse-
       quent retrying, terminates.

FILES

       Shadow Password file
       System Password file
       System group file
       Lock file used when updating password file

SEE ALSO

       passwd(1), users(1), groupadd(1M), groupdel(1M), groupmod(1M), logins(1M), useradd(1M), usermod(1M), group(4), passwd(4), shadow(4),  user-
       groupname(5).

STANDARDS CONFORMANCE

																       userdel(1M)
All times are GMT -4. The time now is 08:18 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy