08-10-2004
Using rsh (Restricted Shell ) I can restrict a user to only one directory..i.e. the user cannot change directory
userid:x:5012:1: Description:/logs/log7:/usr/lib/rsh
$ echo $SHELL
/usr/lib/rsh
$ cd
cd: restricted
but,
Is there a way by which you can provide access to a user to only two directories & not just one.
Hope I'm clear
10 More Discussions You Might Find Interesting
1. Cybersecurity
restricted access...
Hi
I need to restrict users shell access to only $HOME under /home for each user. I don't want them getting out of their own directories. From what I understand chroot is something I could use, but I want to avoid this since it involves creating symbolic links to a number... (9 Replies)
Discussion started by: alwayslearningunix
9 Replies
2. UNIX for Dummies Questions & Answers
I need to create a user that only has access to 1 directory (e.g. /vol/mita/test). The user needs to be able to rsh into that directory to run a script. The user should not be able to navigate to any other directories above /vol/mita/test. Any help would be appreciated! (4 Replies)
Discussion started by: ngagne
4 Replies
3. UNIX for Dummies Questions & Answers
I have a need to allow only certain IP addresses to access a machine running solaris 9. I am not sure how this can be accomplished.
Thanks in advance for your help.
Patch (2 Replies)
Discussion started by: patch
2 Replies
4. UNIX for Advanced & Expert Users
I'm the admin in a shop in which my developers have and use the root account, all UNIX newbies.
I've been unable to convince management myself that this is an unacceptable practice.
I've looked in a couple books I have and can't find any chapters, discussions, etc that make the argument that... (2 Replies)
Discussion started by: keith.m
2 Replies
5. Solaris
We want to secure access to a server by restricting the number of users who can login to it. Our users are NIS users. Only few of them can telnet/ssh this server.
Do you have any idea on how to implement that?
thanks. (1 Reply)
Discussion started by: melanie_pfefer
1 Replies
6. UNIX for Advanced & Expert Users
Hi All,
I am facing a problem, regarding code security on a server.
We have configured a server which contains our code (ear present in jboss/server/xyz/deploy) in it, and need to bind the code to the server itself so that no one can take the code out of the. the problem is that the password of... (3 Replies)
Discussion started by: akshay61286
3 Replies
7. Solaris
Dear All,
I have created a user called "x" who is allowed only to FTP and it is working fine. Here my problem is, I want to give access to a particular directory say for eg:- /dump/test directory. I don't find any option in the useradd command to restrict access to this particular directory only... (1 Reply)
Discussion started by: Vijayakumarpc
1 Replies
8. Solaris
Hi all.
I've had a quick look around but cant see anything exactly matching my requirements.
I have a new T2000 running S10. Im looking to restrict the no. cores that a S10 non-global zone can use to 1 only. The box is single CPU but 8core.
I want to do this to save on some software... (4 Replies)
Discussion started by: boneyard
4 Replies
9. UNIX for Dummies Questions & Answers
Hello,
I am using MySecureShell to chroot all sftp accesses. The problem that I have is that my boss does not want root to be able to use sftp. Root should still be able to ssh. Any ideas? (2 Replies)
Discussion started by: mojoman
2 Replies
10. Solaris
Dear all,
I am administering a DC environment of over 100+ Solaris servers used by various teams including Databases.
Every user created on the node belonging to databases is assigned group staff(10) .
I want that all users belonging to staff should NOT be able to execute certain system... (6 Replies)
Discussion started by: Junaid Subhani
6 Replies
LEARN ABOUT X11R4
pam_rhosts_auth
pam_rhosts_auth(5) Standards, Environments, and Macros pam_rhosts_auth(5)
NAME
pam_rhosts_auth - authentication management PAM module using ruserok()
SYNOPSIS
/usr/lib/security/pam_rhosts_auth.so.1
DESCRIPTION
The rhosts PAM module, /usr/lib/security/pam_rhosts_auth.so.1, authenticates a user via the rlogin authentication protocol. Only
pam_sm_authenticate() is implemented within this module. pam_sm_authenticate() uses the ruserok(3SOCKET) library function to authenticate
the rlogin or rsh user. pam_sm_setcred() is a null function.
/usr/lib/security/pam_rhosts_auth.so.1 is designed to be stacked on top of the /usr/lib/security/pam_unix.so.1 module for both the rlogin
and rsh services. This module is normally configured as sufficient so that subsequent authentication is performed only on failure of
pam_sm_authenticate(). The following option may be passed in to this service module:
debug syslog(3C) debugging information at LOG_DEBUG level.
ATTRIBUTES
See attributes(5) for descriptions of the following attributes:
+-----------------------------+-----------------------------+
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
|MT Level |MT-Safe with exceptions |
+-----------------------------+-----------------------------+
SEE ALSO
pam(3PAM), pam_authenticate(3PAM), ruserok(3SOCKET), syslog(3C), libpam(3LIB), pam.conf(4), attributes(5)
NOTES
The interfaces in libpam() are MT-Safe only if each thread within the multi-threaded application uses its own PAM handle.
SunOS 5.10 28 Oct 1996 pam_rhosts_auth(5)