Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Is there a way to restrict a user (owner) to execute scripts from a specific directory
Top Forums UNIX for Beginners Questions & Answers Is there a way to restrict a user (owner) to execute scripts from a specific directory Post 303040210 by Neo on Thursday 24th of October 2019 11:57:48 PM
Old 10-25-2019
Quote:
Originally Posted by Peasant
Even if you do all possible magic, a shell access and permissions would still allow user Bob to copy / change / execute the shell code on server1.
This is not a stated requirement of the original poster (OP).

The OP only stated he wanted to have files in a directory which are not executable because they are for reference only.

The user "Bob" already has access to executable copies, per the OP.
 

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

CRON job to execute all scripts in a directory

Hi everyone: I'm trying to make a CRON job that will execute Fridays at 7am. I have the following: * 7 * * 5 I've been studying up on CRON and I know to have this in a file and then "crontab filename.txt" to add it to the CRON job list. The CRON part I believe I understand, but I would... (6 Replies)
Discussion started by: Annorax
6 Replies

2. Shell Programming and Scripting

How to restrict the number of commands user can execute

Hi all, Is there a way to prevent users from being able to execute commands less a select few? For instance, I wish to allow the user to be only able to execute 1 command, which is exec a.sh. He should not be able to do simple stuff such as ls, cd, rm, cat, etc. Can this be achieved? ... (1 Reply)
Discussion started by: rockysfr
1 Replies

3. UNIX for Advanced & Expert Users

Restrict FTP access to a single directory for only one user.

Hi All, It will be very great if you can help me in this issue. Thanks in advance. I need to enable FTP on a solaris9 server. I need to create a new user some "xxxxxx" and he can only FTP the files to and from between /tftpboot directory and network devices. Other users should not... (8 Replies)
Discussion started by: santhoshkumar_d
8 Replies

4. UNIX for Dummies Questions & Answers

how do U restrict a user to a single directory?

specifically - I don't need to restrict a user to a single directory - but I want them to be "ROOTED" to their home directory. so if my home directory is /home/onlyme when I login - if I do a pwd - I want to see: / but in real life I will be in /home/onlyme - it just appears as root to... (10 Replies)
Discussion started by: itobenon
10 Replies

5. UNIX for Dummies Questions & Answers

restrict one user to see only his home directory in his profile

Hi I need to restrict one user to see only his home directory and one more directory how i can do this in his profile. The OS is Red hat linux I create a user -- tec and group calle --tec one the user log in he will see /home/tec and he need to see /opt/load this dirctory... (6 Replies)
Discussion started by: aboorkuma
6 Replies

6. Linux

Restrict User to only execute the file.

Hi Gurus , I hope you are doing great . Other than owner of the file , OTHERS and GROUP should be restricted from read or write a file created by the owner. OTHERS and GROUP should be only allowed to execute the file. Thanks in advance. (8 Replies)
Discussion started by: palanisvr
8 Replies

7. Red Hat

Restrict user to a particular directory

Hi I have a Fedora10 server and i need a particular user to view files only in a particular folder. All other files in other folders having "read" permission for all shouldn't be accessible to this user. Please let me know if ther's a way. Thanks, HG (5 Replies)
Discussion started by: Hari_Ganesh
5 Replies

8. Solaris

Restrict FTP User to a Directory

I am using Solaris 10 on SPARC. SunOS ddw 5.10 Generic_139555-08 sun4u sparc SUNW,SPARC-Enterprise I have put some text files in a directory '/u01/network' I want to create a ftp user which can just read the files in the network directory. The ftp user shouldn't be able to navigate or see... (4 Replies)
Discussion started by: fahdmirza
4 Replies

9. Solaris

How to restrict user to a specific directory in solaris 10

Hi all, I want to create a new user and grant him ONLY transfer files access to a specific directory where he can only upload and read the files. He should be restricted to this activity only. Regards (6 Replies)
Discussion started by: gilldn
6 Replies

10. AIX

How to restrict user to a particular directory?

hi, I want to restrict some user access to only 1 directory (including all sub-directories/files in it). can you please explain me, how can we do this? example; Filesystem GB blocks Used Free %Used Mounted on /dev/hd4 2.61 1.02 1.59 40% / /dev/hd2 ... (7 Replies)
Discussion started by: aaron8667
7 Replies

LEARN ABOUT MOJAVE

mnthome

mnthome(1)						    BSD General Commands Manual 						mnthome(1)

NAME

     mnthome -- mount an AFP (AppleShare) home directory with the correct privileges

SYNOPSIS

     mnthome [-v] [-d] [-m mntpath] [-n] [-b] [-p password] [-i] [-x mount point] [-u] [-s]

DESCRIPTION

     The mnthome command unmounts the AFP (AppleShare) home directory that was automounted as guest, and remounts it with the correct privileges
     by logging into the AFP server using the current username and password.  This command also allows you to have guest access turned off on your
     AFP server too and still have AFP home directories work with "su".

     When you ssh into another computer using an account that has an AFP home directory or you "su <netuser>" where <netuser> is an AFP home
     directory user, then the resulting home directory will not have the correct access privileges.

     This is because automount is assuming NFS behavior which assumes that all computers share the same user/group privileges and mounts volumes
     using "no security" and lets the client enforce privileges based on the current user.

     AFP is different since the privileges are based on the user that logged into the server.  Since automount does not put up an authentication
     dialog asking for an user name and password, automount mounts the fileserver using guest login.  Thus you end up with getting the world
     access privileges and the privileges are shown via "mapping".  You also would have to allow guest access to the server to that sharepoint.

     Mapping makes all the files/folders appear like they are owned by the current user.  Even those items not really owned by the current user
     show up as being owned by the current user.  The server provides user access rights (UARights) which is a summary of what the access rights
     are regardless of the category (owner, group, world) from which they were obtained.  When doing "mapping", the AppleShare client will take
     these UARights and show them as the owner rights.	So, everything looks like it is owned by the current user and the owner rights are set to
     the UARights.  Thus if you had access to that file/folder before, then you still do.

     The options are:

     -v      Display version number.

     -d      Print debugging information.

     -m      Alternative mount point is specified with the -m option followed by a path to an existing directory.  Normally, the volume is mounted
	     in /Network/Servers/ or /var/automount/Network/Servers/.

     -n      Do not force the unmount of the previous mount point.

     -b      Exec the user's shell after mount of home.

     -p      A password may be specified with the -p option followed by a password.  If this option is not used, then the user will be prompted to
	     enter in a password.

     -i      Display information about the AFP home mount point.

     -u      Attempt to unmount the current home directory mount.

     -x      This option must be followed by a path to an existing AFP mount point.  Display information about the mount point.

     -s      Skip preflight check to see if the currently mounted home directory is already correctly mounted for the user.

EXAMPLES

     The following example illustrates how to mount an AFP home directory:

	   mnthome

     This example shows how to print the debugging information and provide a password:

	   mnthome -d -p foobar

SEE ALSO

     mount(2), unmount(2), mount(8) mount_afp(8)

BUGS

     I get the mounting url from the "home_loc" attribute and the mountpath from the "home" attribute (with the path from home_loc subtracted
     out).  If your AFP home directory automounts in a different location, then you need to use the -m option to specify an alternative mount
     point.

     I cant figure out how to cd out of the current home dir so I can do the unmount and then restore the user back into the new home dir.  If you
     are in the AFP home directory when you use mnthome, you automatically get put back into that same directory when mnthome leaves.  If mnthome
     works, then your current directory is a dead directory and you need to "cd ~" to get to your new home directory.

     If the server with the home directory was already mounted by another user, you will not be able to replace it with a mount made by your user
     id.  The original mount must be first unmounted by the mounting user or root.

HISTORY

     The mnthome command first appeared Mac OS X version 10.3.

RETURN VALUES

     0			mnthome successfully remounted the AFP home directory.

     [EINVAL]		Invalid arguements were passed in.

     [EPERM]		The current AFP home directory could not be unmounted by mnthome because the current user does not have the correct
			access.  The current AFP home directory was probably mounted by another user first.

     [EAUTH]		Incorrect password.

Mac OS X							  August 4, 2004							  Mac OS X
All times are GMT -4. The time now is 12:59 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy