asked on

Creating a user who can only see their own files.

Can anyone tell me how to create a user that can only see their own files, have created the user but they can still see files in other home directories.

I'm going to tear my hair out soon (what's left).

Otetelisanu

[root@ man restricted_shell
Reformatting page. Wait... done

Maintenance Commands rsh(1M)

NAME
rsh, restricted_shell - restricted shell command interpreter

SYNOPSIS
/usr/lib/rsh [ -acefhiknprstuvx ] [ argument ... ]

DESCRIPTION
rsh is a limiting version of the standard command inter-
preter sh , used to restrict logins to execution environ-
ments whose capabilities are more controlled than those of
sh (see sh(1) for complete description and usage).

When the shell is invoked, it scans the environment for the
value of the environmental variable, SHELL. If it is found
and rsh is the file name part of its value, the shell
becomes a restricted shell.

The actions of rsh are identical to those of sh , except
that the following are disallowed:

o changing directory (see cd(1)),

o setting the value of $PATH,

o pecifying path or command names containing /,

o redirecting output (> and >>).

The restrictions above are enforced after .profile is inter-
preted.

A restricted shell can be invoked in one of the following
ways:

1. rsh is the file name part of the last entry in the
/etc/passwd file (see passwd(4));

2. the environment variable SHELL exists and rsh is the
file name part of its value; the environment variable
SHELL needs to be set in the .login file;

3. the shell is invoked and rsh is the file name part of
argument 0;

4. the shell is invoke with the -r option.When a command
to be executed is found to be a shell procedure, rsh
invokes sh to execute it. Thus, it is possible to
provide to the end-user shell procedures that have
access to the full power of the standard shell, while
imposing a limited menu of commands; this scheme
assumes that the end-user does not have write and exe-
cute permissions in the same directory.

SunOS 5.7 Last change: 1 Nov 1993 1

Maintenance Commands rsh(1M)

The net effect of these rules is that the writer of the
.profile (see profile(4)) has complete control over user
actions by performing guaranteed setup actions and leaving
the user in an appropriate directory (probably not the login
directory).

The system administrator often sets up a directory of com-
mands (that is, /usr/rbin) that can be safely invoked by a
restricted shell. Some systems also provide a restricted
editor, red .

EXIT STATUS
Errors detected by the shell, such as syntax errors, cause
the shell to return a non-zero exit status. If the shell is
being used non-interactively execution of the shell file is
abandoned. Otherwise, the shell returns the exit status of
the last command executed.

ATTRIBUTES
See attributes(5) for descriptions of the following attri-
butes:
____________________________________________________________
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
|_____________________________|_____________________________|
| Availability | SUNWcsu |
|_____________________________|_____________________________|

SEE ALSO
intro(1), cd(1), login(1), rsh(1), sh(1), exec(2),
passwd(4), profile(4), attributes(5)

NOTES
The restricted shell, /usr/lib/rsh, should not be confused
with the remote shell, /usr/bin/rsh, which is documented in
rsh(1).

SunOS 5.7 Last change: 1 Nov 1993 2

[root@dfwdba2:$PWD]

erikjensen

ASKER

No good since this does not allow the user to log in as an FTP user.

ASKER CERTIFIED SOLUTION

chris_calabrese

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

tfewster

No comment has been added lately, so it's time to clean up this Topic Area.
I will leave a recommendation for this question in the Cleanup topic area as follows:

- Answered by chris_calabrese

Please leave any comments here within the next 7 days

PLEASE DO NOT ACCEPT THIS COMMENT AS AN ANSWER !

tfewster
Cleanup Volunteer

Netminder

Per recommendation, force-accepted.

Netminder
EE Admin