restricting permissions to the user's

i have several users to my server, i want that the users should be only and only be confined to there home's i.e $USER/HOME" any command for out of their home should result in an access denied message. i hade done it but how i have forgotten.
i do not want to explicitly give permissions to other directories in my "/". but to chage the user's access for all users at a time.
tiwariAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

pksundarCommented:
1.Give the user restricted shell(rbash)
2.do not give execute permission to cd command
0
tiwariAuthor Commented:
Sorry! it can't be accepted due to following reasons.

1.I don't want something like "rbash"
2) the "cd" is a tcl builtin command that cannot be disabled without recomliing so it is out of the question
thanks any way but could use some more ideas
0
barreroCommented:
Why don't use some kind of "special shell" you made, where you change the root (chroot)...
the new root could be in each users directory...
and to avoid multiplicity, the bin, lib, etc... could be slinks.

By this way, they just have access to their home... and the linked subdirs... nothing else...

0
Cloud Class® Course: Microsoft Azure 2017

Azure has a changed a lot since it was originally introduce by adding new services and features. Do you know everything you need to about Azure? This course will teach you about the Azure App Service, monitoring and application insights, DevOps, and Team Services.

tiwariAuthor Commented:
Can I get any kind of help in Writting My own Small shell!!?????
0
barreroCommented:
There is a more or less full example in "Advnced Programming for the unix environnment" written by Richard Stevens.

It's easy, all you need, is to know how to use:  execv, signals... and of course chroot.... in the execv, after chroot, you execute the normal shell but this one will run on the limited space (a shell script may do the same, but I thik it;s more secure to use a compiled code...)

Marcel
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
fatalerror080298Commented:
What the hell kind of answer is that?  If he wanted to buy a book on it he would have.  If you know the answer why don't you explain how to do it?
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Linux Networking

From novice to tech pro — start learning today.