Visit The New, Modern Unix Linux Community


How to restrict user to a specific directory in solaris 10


 
Thread Tools Search this Thread
Operating Systems Solaris How to restrict user to a specific directory in solaris 10
# 1  
How to restrict user to a specific directory in solaris 10

Hi all,

I want to create a new user and grant him ONLY transfer files access to a specific directory where he can only upload and read the files. He should be restricted to this activity only.

Regards
# 2  
# 3  
You can also use Zones for this. You can make a sparse zone and make the filesystem read only. He can not escape to the global zone.
# 4  
You can combine a chroot environment with a custom shell like RSSH
# 5  
Think You are looking for this.


Procedure to configure FTP guest user access

1: Create a user which you want to use for the ftp , Name of the user can be anything except "ftp" ( In our Example it is "ali")

Useradd -g 10 -d /export/home/ali -m -s /bin/bash ali
passwd ali
Enter the new password twice .

2: Run the "ftpconfig -d" command , on the home directory of newly created user.

# ftpconfig –d /export/home/ali
this updates the existing directory with the info needed to make the account restricted.
After this you can see some extra directories in /export/home/ali e.g bin, dev,lib e.t.c

3: Add the user to the /etc/ftpd/ftpaccess file. There is an existing commented entry
# guestuser username
that can be uncommented and edited

guestuser ali

4: Confirm that the user is a member of a class in /etc/ftpd/ftpaccess this entry should a already exist in ftpaccess
class guestusers guest *

5: Modify permissions for guest user if necessary

delete no anonymous,guest # delete permission?
After this user ali will not be able to delete any file .

6: Run the command
# in.ftpd -a to allow the use of ftpaccess file


now when user "ali" ftps to this server

ftp 10.30.21.33
Connected to 10.30.21.33.
220 solarislab FTP server ready.
Name (10.30.21.33:solarisuser): ali
331 Password required for ali.
Password:
230 User ali logged in. Access restrictions apply.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> pwd
257 "/" is current directory.
Note that now you will see “/” as your current directory instead of /export/home/ali.
These 3 Users Gave Thanks to Bazookaaa For This Post:
# 6  
Thanks a lot,
I have created ftp user successfully ! I am alos trying to give that user rbash shell where I have read it will restrict perticular user from viewing other directory but when I am trying to login its showing invalid user.
Is it necessary to use rbash to restrict from directory to perticular user or any other option is there plz let me know


Regards
Taher

Quote:
Originally Posted by Bazookaaa
Think You are looking for this.


Procedure to configure FTP guest user access

1: Create a user which you want to use for the ftp , Name of the user can be anything except "ftp" ( In our Example it is "ali")

Useradd -g 10 -d /export/home/ali -m -s /bin/bash ali
passwd ali
Enter the new password twice .

2: Run the "ftpconfig -d" command , on the home directory of newly created user.

# ftpconfig -d /export/home/ali
this updates the existing directory with the info needed to make the account restricted.
After this you can see some extra directories in /export/home/ali e.g bin, dev,lib e.t.c

3: Add the user to the /etc/ftpd/ftpaccess file. There is an existing commented entry
# guestuser username
that can be uncommented and edited

guestuser ali

4: Confirm that the user is a member of a class in /etc/ftpd/ftpaccess this entry should a already exist in ftpaccess
class guestusers guest *

5: Modify permissions for guest user if necessary

delete no anonymous,guest # delete permission?
After this user ali will not be able to delete any file .

6: Run the command
# in.ftpd -a to allow the use of ftpaccess file


now when user "ali" ftps to this server

ftp 10.30.21.33
Connected to 10.30.21.33.
220 solarislab FTP server ready.
Name (10.30.21.33:solarisuser): ali
331 Password required for ali.
Password:
230 User ali logged in. Access restrictions apply.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> pwd
257 "/" is current directory.
Note that now you will see / as your current directory instead of /export/home/ali.
# 7  
Dear Taher,

i cannot understand why u need rbash right now. the given proicedure will restrict the user to its home directory

Previous Thread | Next Thread
Thread Tools Search this Thread
Search this Thread:
Advanced Search

Test Your Knowledge in Computers #935
Difficulty: Medium
A fixed 32-bit data format for system time means that timestamps rolls over approximately every 136 years, with the first such occurrence on 7 February 2036.
True or False?

10 More Discussions You Might Find Interesting

1. UNIX for Beginners Questions & Answers

Is there a way to restrict a user (owner) to execute scripts from a specific directory

Hello, I have a user Bob on a RHEL 7 server1. Where his script area is "/home/Bob/scripts/" and he is the owner for this directory. On the server1, there is a NFS mount from another server2, with path as "/global/work/" and Bob is the owner for this directory too in server2. (Same UID and GID... (5 Replies)
Discussion started by: karumudi7
5 Replies

2. AIX

How to restrict user to a particular directory?

hi, I want to restrict some user access to only 1 directory (including all sub-directories/files in it). can you please explain me, how can we do this? example; Filesystem GB blocks Used Free %Used Mounted on /dev/hd4 2.61 1.02 1.59 40% / /dev/hd2 ... (7 Replies)
Discussion started by: aaron8667
7 Replies

3. Solaris

Restrict FTP User to a Directory

I am using Solaris 10 on SPARC. SunOS ddw 5.10 Generic_139555-08 sun4u sparc SUNW,SPARC-Enterprise I have put some text files in a directory '/u01/network' I want to create a ftp user which can just read the files in the network directory. The ftp user shouldn't be able to navigate or see... (4 Replies)
Discussion started by: fahdmirza
4 Replies

4. Solaris

How to Restrict user login after certain time in Solaris??

My OS is Solaris 10, I would like to know if there is any way to restrict user login to the system (either remote or console login) after certain time, say 20:00 on Mon to Fri and whole day on SAT and SUN??? Sorry that I am a new user on Unix System. Any comment is fully appreciated!!! Alex (7 Replies)
Discussion started by: alessandro31
7 Replies

5. Red Hat

Restrict user to a particular directory

Hi I have a Fedora10 server and i need a particular user to view files only in a particular folder. All other files in other folders having "read" permission for all shouldn't be accessible to this user. Please let me know if ther's a way. Thanks, HG (5 Replies)
Discussion started by: Hari_Ganesh
5 Replies

6. Solaris

create user with RWX access to a specific directory in Solaris 10

I need to create a user account for a developer that will allow him rwx access to all resources in a directory. How can I do that? Thanks (5 Replies)
Discussion started by: gsander
5 Replies

7. UNIX for Dummies Questions & Answers

restrict one user to see only his home directory in his profile

Hi I need to restrict one user to see only his home directory and one more directory how i can do this in his profile. The OS is Red hat linux I create a user -- tec and group calle --tec one the user log in he will see /home/tec and he need to see /opt/load this dirctory... (6 Replies)
Discussion started by: aboorkuma
6 Replies

8. UNIX for Dummies Questions & Answers

how do U restrict a user to a single directory?

specifically - I don't need to restrict a user to a single directory - but I want them to be "ROOTED" to their home directory. so if my home directory is /home/onlyme when I login - if I do a pwd - I want to see: / but in real life I will be in /home/onlyme - it just appears as root to... (10 Replies)
Discussion started by: itobenon
10 Replies

9. UNIX for Advanced & Expert Users

Restrict FTP access to a single directory for only one user.

Hi All, It will be very great if you can help me in this issue. Thanks in advance. I need to enable FTP on a solaris9 server. I need to create a new user some "xxxxxx" and he can only FTP the files to and from between /tftpboot directory and network devices. Other users should not... (8 Replies)
Discussion started by: santhoshkumar_d
8 Replies

10. Solaris

give user permission on specific directory in solaris

dear all does any one give any user write permission using access control list or another way to solve this problem (1 Reply)
Discussion started by: murad.jaber
1 Replies

Featured Tech Videos