Limiting access


 
Thread Tools Search this Thread
Top Forums UNIX for Dummies Questions & Answers Limiting access
# 1  
Old 02-23-2001
Data

Hi, I'm new to linux and unix, and i have couple of problems:

1) how can i limit the access for a user, for example, i created a user, and i want that this user will be able to be only in one directory, and will see only the files i want him to.

2) I have a domain name, and i want that every time i type this domain name in the browser, it will be connected to my unix/linux server. (to connect a DNS with my own server)

10Q very much...
# 2  
Old 02-23-2001
1) Since the 'cd' command is a shell builtin, you would have to write (or modify) your own shell to remove the ability to change directories with this command. An alternative might be to have his login script run a program which calls the chroot() system call. do a 'man chroot' for information.
I suggest finding a local Unix guru to help you.

2) Contact an ISP and pay them to put your DNS info in their servers, or look into using <A HREF="http://soa.granitecanyon.com/">The Public DNS Service</A>.
# 3  
Old 02-23-2001
Oh..ok, and another question,
if i did FTP from my ip, and i give someone username and password, how can i make his root directory to be something that's not root (for example his home directory)?
# 4  
Old 02-23-2001
CHROOT

To do as you wish, you could use chroot in the /etc/password file in the last field (where the shell is). For example, to make the user have a root of /home/misha, then you would change the final field in /etc/password to be something like:

Code:
/usr/bin/chroot /usr/misha /bin/sh

In most implementations (and the GNU version) the shell does not have do be specified because without an argument the default shell is the command.

As PxT suggests, chroot is the approach. However, building a chroot environment can be tricky because commands that a user would normally have access to are not available unless explicitly under the new chroot directory. In other words, you must build a new environment under the new pseudo root file system and provide all commands.

This could be difficult for newbies, but it can be done I suggest reading the chroot manpage and supporting documents carefully.
# 5  
Old 02-24-2001
Network

first of all, thank you for all your help,
second: I dont really got you, please tell me step by step how to limit me.
give me an example with user named test.
i want to limit him to be only in the directory of: /home/test
and I think my passwd file is shadowed.
 
Login or Register to Ask a Question

Previous Thread | Next Thread

9 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

Limiting the Script

Greetings. I have script to monitor the disk space of folder it runs every 17 min with help of cron. It sends email when disk size reaches to 85 %. Now the issue is that it continousely generates email until we clear some space in that folder. Is it possible to restrict the Script to send only... (14 Replies)
Discussion started by: manju98458
14 Replies

2. UNIX for Advanced & Expert Users

Limiting access to postqueue

Hi, I have a Debian 6 machine running Postfix 2.7.1. The email server works pretty well. I discovered that any non-root user can access to the mail queue using postqueue command just like root. How can I limit this access? (1 Reply)
Discussion started by: mjdousti
1 Replies

3. Solaris

Limiting Connections from a single IP

I'm looking for a way to limit connections to a Solaris 10 box from any single IP. The problem is that I've had more experience doing this with IPTables on Linux, rather than with IPFilter, which I've found to be somewhat feature-poor. I hope there is some way to do this using IPFilter, I've... (2 Replies)
Discussion started by: spynappels
2 Replies

4. Emergency UNIX and Linux Support

Limiting a user to a script upon login, nothing else.

Hi there, I have a Debian 5.0 server that my company uses for deployment testing. This server needs to be accessed by NOC people that have no NIX knowledge whatsoever. I am creating a bash script for a menu-based command interface for the commands they need to run on their testing routines,... (21 Replies)
Discussion started by: ppucci
21 Replies

5. Solaris

Limiting number of processors used by an application

Hello, Using a Solaris SunOS 5.10, is there anyway to limit the number of processors utilised by an external vendor application over the server, from the unix OS perspective? (1 Reply)
Discussion started by: pgop
1 Replies

6. HP-UX

Limiting SFTP Users While Not Limiting Regular Users?

Hi, I have searched the web and have come back with nothing that is satisfactory for what I require. SFTP is my corporations new file transfer standard. What I require is a method to lock down SFTP users to their directory (they may go to sub directories) while not restricting regular users. ... (2 Replies)
Discussion started by: Emancipator
2 Replies

7. Shell Programming and Scripting

limiting data inputs for the user

if my user has to enter the name of months to carry out a search how can I limit the input values to only the month names and nothing else? so far my input criteria for the user is this: i would like it so the user can only enter the months in the way i have stated. otherwise they would... (11 Replies)
Discussion started by: amatuer_lee_3
11 Replies

8. HP-UX

limiting failed logins to three

I have tried limiting failed logins to three by the following method logins -ox \ | awk -F: '($8 != "LK" && $1 != "root") { print $1 }' \ | while read logname; do /usr/lbin/modprpw -m umaxlntr=3 "$logname" done /usr/lbin/modprdef -m umaxlntr=3 but it is failing on the 4th... any ideas?... (1 Reply)
Discussion started by: csaunders
1 Replies

9. UNIX for Dummies Questions & Answers

question about limiting the display from the ls command

hey guys im rly new to unix. im attempting to list the 5 largest files in a directory. so i got this far... ls -lR | sort -r and this lists all files by filesize, how can i limit this to only the 5 largest? (4 Replies)
Discussion started by: Aesop
4 Replies
Login or Register to Ask a Question