Re: [S.u.S.E. Linux] permissions

pbleser＠prov-liege.be

21 Apr 1998 21 Apr '98

08:27

You can make them use a _restricted_ shell (rbash instead of bash) - take a look at "man bash", in "RESTRICTED SHELL" : the users are set chroot, so they can't get "higher" than they're home, but you have to provide a /bin, etc... for every single one of these users ! Pascal -----Original Message----- From: Michael Clark To: suse-linux-e@suse.com Date: samedi 18 avril 1998 02:04 Subject: [S.u.S.E. Linux] permissions

...

Does anyone know how to limit a user's ability to navigate the file system.

I know that

...

FTP automatically creates a false root so that an anonymous FTP connection cannot get below that directory. I would like to be able to allow certain users a login and rights to their home directory ONLY!! I have set very restrictive rights, only to get numerous errors upon login. Even with these restrictive permissions the user can look around if they know UN*X filesystems.

Any help would be appreciated.

mc

-- To get out of this list, please send email to majordomo@suse.com with this text in its body: unsubscribe suse-linux-e

-- To get out of this list, please send email to majordomo@suse.com with this text in its body: unsubscribe suse-linux-e

Show replies by date

mclark＠datsrvr.datsit.com

21 Apr 21 Apr

20:59

New subject: [S.u.S.E. Linux] permissions -- RBASH missing

I have looked at the documentation for RBASH, and it looks like exactly what I need. The only problem is, I don't have RBASH on my system. If I start a bash shell, then type 'bash -r' I get the restricted shell. How do I create/find RBASH???? I have tried aliases and links to no avail. thanks mc Pascal Bleser wrote:

...

You can make them use a _restricted_ shell (rbash instead of bash) - take a look at "man bash", in "RESTRICTED SHELL" : the users are set chroot, so they can't get "higher" than they're home, but you have to provide a /bin, etc... for every single one of these users !

Pascal

-----Original Message----- From: Michael Clark To: suse-linux-e@suse.com Date: samedi 18 avril 1998 02:04 Subject: [S.u.S.E. Linux] permissions

...
Does anyone know how to limit a user's ability to navigate the file system.

I know that

...
FTP automatically creates a false root so that an anonymous FTP connection cannot get below that directory. I would like to be able to allow certain users a login and rights to their home directory ONLY!! I have set very restrictive rights, only to get numerous errors upon login. Even with these restrictive permissions the user can look around if they know UN*X filesystems.

Any help would be appreciated.

mc

-- To get out of this list, please send email to majordomo@suse.com with this text in its body: unsubscribe suse-linux-e

-- To get out of this list, please send email to majordomo@suse.com with this text in its body: unsubscribe suse-linux-e

-- To get out of this list, please send email to majordomo@suse.com with this text in its body: unsubscribe suse-linux-e

jrodman＠skaro.nightcrawler.com

22 Apr 22 Apr

00:03

New subject: [S.u.S.E. Linux] permissions -- RBASH missing

...

I have looked at the documentation for RBASH, and it looks like exactly what I need. The only problem is, I don't have RBASH on my system. If I start a bash shell, then type 'bash -r' I get the restricted shell. How do I create/find RBASH???? I have tried aliases and links to no avail.

This really depends upon how bash is built/what version of bash, but the version SuSE ships with supports the sensible way to do it, links. Simply make a symbolic link - rbash - that points at bash: u <enter root password> cd /bin ln -s bash rbash exit add it to the file /etc/shells.in u <enter root pwd> echo "/bin/rbash" >>/etc/shells.in exit configure your users to the shell /bin/rbash using YaST, and you're set. -josh

...

Pascal Bleser wrote:

...
You can make them use a _restricted_ shell (rbash instead of bash) - take a look at "man bash", in "RESTRICTED SHELL" : the users are set chroot, so they can't get "higher" than they're home, but you have to provide a /bin, etc... for every single one of these users !

Pascal

-----Original Message----- From: Michael Clark To: suse-linux-e@suse.com Date: samedi 18 avril 1998 02:04 Subject: [S.u.S.E. Linux] permissions

...
Does anyone know how to limit a user's ability to navigate the file system.

I know that

...
FTP automatically creates a false root so that an anonymous FTP connection cannot get below that directory. I would like to be able to allow certain users a login and rights to their home directory ONLY!! I have set very restrictive rights, only to get numerous errors upon login. Even with these restrictive permissions the user can look around if they know UN*X filesystems.

Any help would be appreciated.

mc

-- To get out of this list, please send email to majordomo@suse.com with this text in its body: unsubscribe suse-linux-e

-- To get out of this list, please send email to majordomo@suse.com with this text in its body: unsubscribe suse-linux-e

-- To get out of this list, please send email to majordomo@suse.com with this text in its body: unsubscribe suse-linux-e

-- To get out of this list, please send email to majordomo@suse.com with this text in its body: unsubscribe suse-linux-e

morche＠sat1.de

09:39

New subject: [S.u.S.E. Linux] permissions -- RBASH missing

Michael Clark wrote:

...

I have looked at the documentation for RBASH, and it looks like exactly what I need. The only problem is, I don't have RBASH on my system. If I start a bash shell, then type 'bash -r' I get the restricted shell. How do I create/find RBASH???? I have tried aliases and links to no avail.

...

...
...
Linux: the greatest adventure game since the invention of the PC <<< -- To get out of this list, please send email to majordomo@suse.com with

... cd /bin ln -s bash rbash 8-) -- Matthias Morche (<A HREF="mailto:morche@sat1.de">mailto:morche@sat1.de</A>) SAT.1 (<A HREF="http://www.sat1.de"><A HREF="http://www.sat1.de</A">http://www.sat1.de) this text in its body: unsubscribe suse-linux-e

9570

Age (days ago)

9571

Last active (days ago)

List overview

Download

3 comments

4 participants

participants (4)

jrodman＠skaro.nightcrawler.com
mclark＠datsrvr.datsit.com
morche＠sat1.de
pbleser＠prov-liege.be