|
|
Sponsored Content
Top Forums
UNIX for Dummies Questions & Answers
Restricting access
Post 4160 by ngagne on Thursday 19th of July 2001 03:16:33 PM
07-19-2001
|
|
10 More Discussions You Might Find Interesting
1. Cybersecurity
restricted access...
Hi
I need to restrict users shell access to only $HOME under /home for each user. I don't want them getting out of their own directories. From what I understand chroot is something I could use, but I want to avoid this since it involves creating symbolic links to a number... (9 Replies)
Discussion started by: alwayslearningunix
9 Replies
2. UNIX for Dummies Questions & Answers
I have a need to allow only certain IP addresses to access a machine running solaris 9. I am not sure how this can be accomplished.
Thanks in advance for your help.
Patch (2 Replies)
Discussion started by: patch
2 Replies
3. Solaris
Hi All,
I'm on Solaris 8, I need to provide Read-only access to a user to 2 directories only.
Using rsh (restricted shell) as the user's login shell, I can restrict the user's access to a certain directory only, but how can I set in such a way that the user can access only the 2 directories... (4 Replies)
Discussion started by: max_min
4 Replies
4. UNIX for Advanced & Expert Users
I'm the admin in a shop in which my developers have and use the root account, all UNIX newbies.
I've been unable to convince management myself that this is an unacceptable practice.
I've looked in a couple books I have and can't find any chapters, discussions, etc that make the argument that... (2 Replies)
Discussion started by: keith.m
2 Replies
5. Solaris
We want to secure access to a server by restricting the number of users who can login to it. Our users are NIS users. Only few of them can telnet/ssh this server.
Do you have any idea on how to implement that?
thanks. (1 Reply)
Discussion started by: melanie_pfefer
1 Replies
6. UNIX for Advanced & Expert Users
Hi All,
I am facing a problem, regarding code security on a server.
We have configured a server which contains our code (ear present in jboss/server/xyz/deploy) in it, and need to bind the code to the server itself so that no one can take the code out of the. the problem is that the password of... (3 Replies)
Discussion started by: akshay61286
3 Replies
7. Solaris
Dear All,
I have created a user called "x" who is allowed only to FTP and it is working fine. Here my problem is, I want to give access to a particular directory say for eg:- /dump/test directory. I don't find any option in the useradd command to restrict access to this particular directory only... (1 Reply)
Discussion started by: Vijayakumarpc
1 Replies
8. Solaris
Hi all.
I've had a quick look around but cant see anything exactly matching my requirements.
I have a new T2000 running S10. Im looking to restrict the no. cores that a S10 non-global zone can use to 1 only. The box is single CPU but 8core.
I want to do this to save on some software... (4 Replies)
Discussion started by: boneyard
4 Replies
9. UNIX for Dummies Questions & Answers
Hello,
I am using MySecureShell to chroot all sftp accesses. The problem that I have is that my boss does not want root to be able to use sftp. Root should still be able to ssh. Any ideas? (2 Replies)
Discussion started by: mojoman
2 Replies
10. Solaris
Dear all,
I am administering a DC environment of over 100+ Solaris servers used by various teams including Databases.
Every user created on the node belonging to databases is assigned group staff(10) .
I want that all users belonging to staff should NOT be able to execute certain system... (6 Replies)
Discussion started by: Junaid Subhani
6 Replies
LEARN ABOUT CENTOS
volfs
volfs(7FS) File Systems volfs(7FS) NAME
volfs - Volume Management file system DESCRIPTION
volfs is the Volume Management file system rooted at root_dir. The default location for root-dir is /vol, but this can be overridden using the -d option of vold (see vold(1M)). This file system is maintained by the Volume Management daemon, vold, and will be considered to be /vol for this description. Media can be accessed in a logical manner (no association with a particular piece of hardware), or a physical manner (associated with a particular piece of hardware). Logical names for media are referred to through /vol/dsk and /vol/rdsk. /vol/dsk provides block access to random access devices. /vol/rdsk provides character access to random access devices. The /vol/rdsk and /vol/dsk directories are mirrors of one another. Any change to one is reflected in the other immediately. The dev_t for a volume will be the same for both the block and character device. The default permissions for /vol are mode=0555, owner=root, group=sys. The default permissions for /vol/dsk and /vol/rdsk are mode=01777, owner=root, group=sys. Physical references to media are obtained through /vol/dev. This hierarchy reflects the structure of the /dev name space. The default per- missions for all directories in the /vol/dev hierarchy are mode=0555, owner=root, group=sys. mkdir(2), rmdir(2), unlink(2) (rm), symlink(2) (ln -s), link(2) (ln), and rename(2) (mv) are supported, subject to normal file and direc- tory permissions. The following system calls are not supported in the /vol filesystem: creat(2), only when creating a file, and mknod(2). If the media does not contain file systems that can be automatically mounted by rmmount(1M), users can gain access to the media through the following /vol locations: +-----------------------------------+------------------------------------+ | Location | State of Media | +-----------------------------------+------------------------------------+ |/vol/dev/diskette0/unnamed_floppy | formatted unnamed floppy-block | | | device access | +-----------------------------------+------------------------------------+ |/vol/dev/rdiskette0/unnamed_floppy | formatted unnamed floppy-raw | | | device access | +-----------------------------------+------------------------------------+ |/vol/dev/diskette0/unlabeled | unlabeled floppy-block device | | | access | +-----------------------------------+------------------------------------+ |/vol/dev/rdiskette0/unlabeled | unlabeled floppy-raw device access | +-----------------------------------+------------------------------------+ |/vol/dev/dsk/c0t6/unnamed_cdrom | CD-ROM-block device access | +-----------------------------------+------------------------------------+ |/vol/dev/rdsk/c0t6/unnamed_cdrom | CD-ROM-raw device access | +-----------------------------------+------------------------------------+ For more information on the location of CD-ROM and floppy media, see System Administration Guide: Basic Administration or rmmount(1M). Partitions Some media support the concept of a partition. If the label identifies partitions on the media, the name of the media becomes a directory with partitions under it. Only valid partitions are represented. Partitions cannot be moved out of a directory. For example, if disk volume 'foo' has three valid partitions, 0, 2, and 5, then: /vol/dsk/foo/s0 /vol/dsk/foo/s2 /vol/dsk/foo/s5 for block access and /vol/rdsk/foo/s0 /vol/rdsk/foo/s2 /vol/rdsk/foo/s5 for character access. If a volume is relabeled to reflect different partitions, the name space changes to reflect the new partition layout. A format program can check to see if there are others with the volume open and not allow the format to occur if it is. Volume Management, however, does not explicitly prevent the rewriting of a label while others have the volume open. If a partition of a volume is open, and the volume is relabeled to remove that partition, it will appear exactly as if the volume were missing. A notify event will be generated and the user may cancel the operation with volcancel(1), if desired. SEE ALSO
volcancel(1), volcheck(1), volmissing(1) rmmount(1M), vold(1M), rmmount.conf(4), vold.conf(4) System Administration Guide: Basic Administration SunOS 5.10 8 Feb 1995 volfs(7FS)