Summary: User setup question REVISED

From: Wesley Suess <wes.suess_at_bigidea.com>
Date: Fri Jan 04 2002 - 08:27:20 EST
A few late additions to this summary:

Tajinder Panesar (among many others) asked:
"This may seem like a trivial question. but how can this be done using
 rksh or rsh? I thought these two were just remote shells."

Answer:
There are two rsh's. One is in /usr/bin. This is the Remote Shell you
and I are accustomed to. The other is in /usr/lib. This is the
Restricted Shell. rksh is located in /usr/bin as well. rksh is
Restricted KShell. Both behave pretty much the same as their
non-restricted counterparts. The restrictions are pretty much the same
on both as well. Neither allow changing to any other directory and
neither allow redirection of output (among other restrictions which slip
my mind at the moment).

Also, Joohyun Cha sent me a solution which fits my needs pretty closely:
"Jail Chroot Project.  http://www.gsyc.inf.uc3m.es/~assman/jail/"

I will let you all know how this works.

-=Wes=-


Wesley Suess wrote:

> Thanks to all the SunManagers who responded so quickly! You guys are
> awesome!
>
> Anyway, here's a quick summary (my original message is quoted below):
>
> Most people suggested using rksh. One or two people mentioned
> /usr/lib/rsh which is functionally very similary to rksh. Both will keep
>
> user Foo in the /export/home/Foo directory, but will not allow the user
> to create new directories or go into the directories under
> /export/home/Foo......
>
> I got a suggection to use ACls. I'm looking at my books and man pages
> now to se how I can set this up to my satisfaction...
>
> The solution of using rksh is what I'm going to use for now until I
> figure out how to ustilise ACLs effectively.
>
> Thanks again to those who helped out so quickly!
>
> -=Wes=-
>
> > I have a user which I want to keep under a particular directory... How
>
> > can I restrict their movement within the file system/directory
> structure
> > so they can not go outside of their home directory...
> >
> > Example: User Foo has his home directory in /export/home/Foo... I
> don't
> > want the user to be able to cd to /export or /export/home or even /
> ...
> >
> > Thanks,
> > Wes
> >
> >
>
> --
> ---------------------wes.suess@bigidea.com--------------------
> -= Wesley Suess - SSA/Unix - Big Idea Productions - ext6270 =-
> --------------------------------------------------------------
> "ABILITY, n.  The natural equipment to accomplish some small
> part of the meaner ambitions distinguishing able men from
> dead ones." - The Patton Diaries
> _______________________________________________
> sunmanagers mailing list
> sunmanagers@sunmanagers.org
> http://www.sunmanagers.org/mailman/listinfo/sunmanagers

--
---------------------wes.suess@bigidea.com--------------------
-= Wesley Suess - SSA/Unix - Big Idea Productions - ext6270 =-
--------------------------------------------------------------
"ABILITY, n.  The natural equipment to accomplish some small
part of the meaner ambitions distinguishing able men from
dead ones." - The Patton Diaries
_______________________________________________
sunmanagers mailing list
sunmanagers@sunmanagers.org
http://www.sunmanagers.org/mailman/listinfo/sunmanagers
Received on Fri Jan 4 07:29:14 2002

This archive was generated by hypermail 2.1.8 : Thu Mar 03 2016 - 06:42:31 EST