Solved

How to restrict users to their own home directory

Posted on 1998-08-05
2
348 Views
Last Modified: 2010-05-18
I would like to restrict users to their own home directory , so that they cannot cd to the root and other directories.
This is to be so when they perform ftp or telnet.

Any body can help ?

Thanks.
0
Comment
Question by:keoktay
2 Comments
 

Accepted Solution

by:
dima_sherman earned 50 total points
ID: 2009206
Hi, first of all, do:
$adduser
this will ask ya for home directory for the user that ya wanna add. if this fails do this.
for non-shadowed
*****************
$ pico /etc/passwd
insert:
<username>::666:666:/home/<username>:/bin/bash
^X(save & quit)
$ mkdir /home/<username>
$ passwd <username> (Change his password quickly!)

for Shadowed
************
$ pico /etc/passwd
insert:
<username>:x:666:666:/home/<username>:/bin/bash
^X(save & quit)
$ pico /etc/shadow
<username>::
^X(save & quit)
$ passwd <username> (Change his password quickly!)
$ mkdir /home/<username>
To check if your system is shadowed do:
$ grep ":0:" /etc/passwd
if the place where the password should be is 'X' = SHADOWED!
now ask your user to login and he will automaticly login to his directory, when he will try to do cd /root he will get 'permission denied', also try to do
$ chmod o-rwx /root
This will make only you the only user (root) who can read, write and execute programs in directory /root.
I hope i've helped ya. :)
btw: DASH LE AVI SHAWA!
0
 
LVL 1

Expert Comment

by:albberat
ID: 2009207

 well what the dima_sherman is saying is quite long. If they have shell access(they use telnet for that) you should change the permissions for every file/directory(build a script or use the umask when creating new files/dirs) and they are not able to change dir(cd now has no value) but if they use telnet(shell access) how they can use "ls" command if the /bin dir can not be reached. in ftp you can use "the dialup user" where the user entry is not anymore in /etc/passwd(shell access is not permitted -- ISP's do this always) and when he logs via ftp he can jump up and down his dirs and he will not see other dirs.
 
0

Featured Post

6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

Join & Write a Comment

Suggested Solutions

I promised to write further about my project, and here I am.  First, I needed to setup the Primary Server.  You can read how in this article: Setup FreeBSD Server with full HDD encryption (http://www.experts-exchange.com/OS/Unix/BSD/FreeBSD/A_3660-S…
FreeBSD on EC2 FreeBSD (https://www.freebsd.org) is a robust Unix-like operating system that has been around for many years. FreeBSD is available on Amazon EC2 through Amazon Machine Images (AMIs) provided by FreeBSD developer and security office…
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
This video shows how to set up a shell script to accept a positional parameter when called, pass that to a SQL script, accept the output from the statement back and then manipulate it in the Shell.

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now