Solved

How to restrict users to their own home directory

Posted on 1998-08-05
2
364 Views
Last Modified: 2010-05-18
I would like to restrict users to their own home directory , so that they cannot cd to the root and other directories.
This is to be so when they perform ftp or telnet.

Any body can help ?

Thanks.
0
Comment
Question by:keoktay
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 

Accepted Solution

by:
dima_sherman earned 50 total points
ID: 2009206
Hi, first of all, do:
$adduser
this will ask ya for home directory for the user that ya wanna add. if this fails do this.
for non-shadowed
*****************
$ pico /etc/passwd
insert:
<username>::666:666:/home/<username>:/bin/bash
^X(save & quit)
$ mkdir /home/<username>
$ passwd <username> (Change his password quickly!)

for Shadowed
************
$ pico /etc/passwd
insert:
<username>:x:666:666:/home/<username>:/bin/bash
^X(save & quit)
$ pico /etc/shadow
<username>::
^X(save & quit)
$ passwd <username> (Change his password quickly!)
$ mkdir /home/<username>
To check if your system is shadowed do:
$ grep ":0:" /etc/passwd
if the place where the password should be is 'X' = SHADOWED!
now ask your user to login and he will automaticly login to his directory, when he will try to do cd /root he will get 'permission denied', also try to do
$ chmod o-rwx /root
This will make only you the only user (root) who can read, write and execute programs in directory /root.
I hope i've helped ya. :)
btw: DASH LE AVI SHAWA!
0
 
LVL 1

Expert Comment

by:albberat
ID: 2009207

 well what the dima_sherman is saying is quite long. If they have shell access(they use telnet for that) you should change the permissions for every file/directory(build a script or use the umask when creating new files/dirs) and they are not able to change dir(cd now has no value) but if they use telnet(shell access) how they can use "ls" command if the /bin dir can not be reached. in ftp you can use "the dialup user" where the user entry is not anymore in /etc/passwd(shell access is not permitted -- ISP's do this always) and when he logs via ftp he can jump up and down his dirs and he will not see other dirs.
 
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

My previous tech tip, Installing the Solaris OS From the Flash Archive On a Tape (http://www.experts-exchange.com/articles/OS/Unix/Solaris/Installing-the-Solaris-OS-From-the-Flash-Archive-on-a-Tape.html), discussed installing the Solaris Operating S…
Installing FreeBSD… FreeBSD is a darling of an operating system. The stability and usability make it a clear choice for servers and desktops (for the cunning). Savvy?  The Ports collection makes available every popular FOSS application and packag…
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…
Suggested Courses

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question