Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 382
  • Last Modified:

How to restrict users to their own home directory

I would like to restrict users to their own home directory , so that they cannot cd to the root and other directories.
This is to be so when they perform ftp or telnet.

Any body can help ?

Thanks.
0
keoktay
Asked:
keoktay
1 Solution
 
dima_shermanCommented:
Hi, first of all, do:
$adduser
this will ask ya for home directory for the user that ya wanna add. if this fails do this.
for non-shadowed
*****************
$ pico /etc/passwd
insert:
<username>::666:666:/home/<username>:/bin/bash
^X(save & quit)
$ mkdir /home/<username>
$ passwd <username> (Change his password quickly!)

for Shadowed
************
$ pico /etc/passwd
insert:
<username>:x:666:666:/home/<username>:/bin/bash
^X(save & quit)
$ pico /etc/shadow
<username>::
^X(save & quit)
$ passwd <username> (Change his password quickly!)
$ mkdir /home/<username>
To check if your system is shadowed do:
$ grep ":0:" /etc/passwd
if the place where the password should be is 'X' = SHADOWED!
now ask your user to login and he will automaticly login to his directory, when he will try to do cd /root he will get 'permission denied', also try to do
$ chmod o-rwx /root
This will make only you the only user (root) who can read, write and execute programs in directory /root.
I hope i've helped ya. :)
btw: DASH LE AVI SHAWA!
0
 
albberatCommented:

 well what the dima_sherman is saying is quite long. If they have shell access(they use telnet for that) you should change the permissions for every file/directory(build a script or use the umask when creating new files/dirs) and they are not able to change dir(cd now has no value) but if they use telnet(shell access) how they can use "ls" command if the /bin dir can not be reached. in ftp you can use "the dialup user" where the user entry is not anymore in /etc/passwd(shell access is not permitted -- ISP's do this always) and when he logs via ftp he can jump up and down his dirs and he will not see other dirs.
 
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now