Re: [S.u.S.E. Linux] permissions
You can make them use a _restricted_ shell (rbash instead of bash) - take a look at "man bash", in "RESTRICTED SHELL" : the users are set chroot, so they can't get "higher" than they're home, but you have to provide a /bin, etc... for every single one of these users ! Pascal -----Original Message----- From: Michael Clark <mclark@datsrvr.datsit.com> To: suse-linux-e@suse.com <suse-linux-e@suse.com> Date: samedi 18 avril 1998 02:04 Subject: [S.u.S.E. Linux] permissions
Does anyone know how to limit a user's ability to navigate the file system.
I know that
FTP automatically creates a false root so that an anonymous FTP connection cannot get below that directory. I would like to be able to allow certain users a login and rights to their home directory ONLY!! I have set very restrictive rights, only to get numerous errors upon login. Even with these restrictive permissions the user can look around if they know UN*X filesystems.
Any help would be appreciated.
mc
-- To get out of this list, please send email to majordomo@suse.com with this text in its body: unsubscribe suse-linux-e
-- To get out of this list, please send email to majordomo@suse.com with this text in its body: unsubscribe suse-linux-e
I have looked at the documentation for RBASH, and it looks like exactly what I need. The only problem is, I don't have RBASH on my system. If I start a bash shell, then type 'bash -r' I get the restricted shell. How do I create/find RBASH???? I have tried aliases and links to no avail. thanks mc Pascal Bleser wrote:
You can make them use a _restricted_ shell (rbash instead of bash) - take a look at "man bash", in "RESTRICTED SHELL" : the users are set chroot, so they can't get "higher" than they're home, but you have to provide a /bin, etc... for every single one of these users !
Pascal
-----Original Message----- From: Michael Clark <mclark@datsrvr.datsit.com> To: suse-linux-e@suse.com <suse-linux-e@suse.com> Date: samedi 18 avril 1998 02:04 Subject: [S.u.S.E. Linux] permissions
Does anyone know how to limit a user's ability to navigate the file system.
I know that
FTP automatically creates a false root so that an anonymous FTP connection cannot get below that directory. I would like to be able to allow certain users a login and rights to their home directory ONLY!! I have set very restrictive rights, only to get numerous errors upon login. Even with these restrictive permissions the user can look around if they know UN*X filesystems.
Any help would be appreciated.
mc
-- To get out of this list, please send email to majordomo@suse.com with this text in its body: unsubscribe suse-linux-e
-- To get out of this list, please send email to majordomo@suse.com with this text in its body: unsubscribe suse-linux-e
-- To get out of this list, please send email to majordomo@suse.com with this text in its body: unsubscribe suse-linux-e
I have looked at the documentation for RBASH, and it looks like exactly what I need. The only problem is, I don't have RBASH on my system. If I start a bash shell, then type 'bash -r' I get the restricted shell. How do I create/find RBASH???? I have tried aliases and links to no avail.
This really depends upon how bash is built/what version of bash, but the version SuSE ships with supports the sensible way to do it, links. Simply make a symbolic link - rbash - that points at bash: u <enter root password> cd /bin ln -s bash rbash exit add it to the file /etc/shells.in u <enter root pwd> echo "/bin/rbash" >>/etc/shells.in exit configure your users to the shell /bin/rbash using YaST, and you're set. -josh
Pascal Bleser wrote:
You can make them use a _restricted_ shell (rbash instead of bash) - take a look at "man bash", in "RESTRICTED SHELL" : the users are set chroot, so they can't get "higher" than they're home, but you have to provide a /bin, etc... for every single one of these users !
Pascal
-----Original Message----- From: Michael Clark <mclark@datsrvr.datsit.com> To: suse-linux-e@suse.com <suse-linux-e@suse.com> Date: samedi 18 avril 1998 02:04 Subject: [S.u.S.E. Linux] permissions
Does anyone know how to limit a user's ability to navigate the file system.
I know that
FTP automatically creates a false root so that an anonymous FTP connection cannot get below that directory. I would like to be able to allow certain users a login and rights to their home directory ONLY!! I have set very restrictive rights, only to get numerous errors upon login. Even with these restrictive permissions the user can look around if they know UN*X filesystems.
Any help would be appreciated.
mc
-- To get out of this list, please send email to majordomo@suse.com with this text in its body: unsubscribe suse-linux-e
-- To get out of this list, please send email to majordomo@suse.com with this text in its body: unsubscribe suse-linux-e
-- To get out of this list, please send email to majordomo@suse.com with this text in its body: unsubscribe suse-linux-e
-- To get out of this list, please send email to majordomo@suse.com with this text in its body: unsubscribe suse-linux-e
Michael Clark wrote:
I have looked at the documentation for RBASH, and it looks like exactly what I need. The only problem is, I don't have RBASH on my system. If I start a bash shell, then type 'bash -r' I get the restricted shell. How do I create/find RBASH???? I have tried aliases and links to no avail.
... cd /bin ln -s bash rbash 8-) -- Matthias Morche (<A HREF="mailto:morche@sat1.de">mailto:morche@sat1.de</A>) SAT.1 (<A HREF="http://www.sat1.de"><A HREF="http://www.sat1.de</A">http://www.sat1.de</A</A>>)
Linux: the greatest adventure game since the invention of the PC <<< -- To get out of this list, please send email to majordomo@suse.com with this text in its body: unsubscribe suse-linux-e
participants (4)
-
jrodman@skaro.nightcrawler.com -
mclark@datsrvr.datsit.com -
morche@sat1.de -
pbleser@prov-liege.be