Solved

Restricting a user to a direcotry

Posted on 2010-09-21
9
740 Views
Last Modified: 2013-12-06
Hi all,

I have a question regarding confining a user to a particular directory( his home ) only ,In this context the users would be using putty/telnet to get in to the system.

System details :

HP UX B.11.11

HP 9000/800

Users login shell : csh

User needs to be denied cd command or may be cd command to be aliased in such a way that no matter what ever he types in

cd xyz

he is in his home directory and does not go to any other directory.
0
Comment
Question by:Peddu_bhanu
  • 5
  • 4
9 Comments
 
LVL 38

Expert Comment

by:yuzh
ID: 33730715
0
 
LVL 1

Author Comment

by:Peddu_bhanu
ID: 33736553
chroot i guess would not be an option as it is for ftp users , i tried doing

alias cd='cd $HOME'

in .profile file of the user.However it confined him to $HOME only and doesn't let him go even in the $HOME sub directories.I would like him to go any where in his $HOME and not in any other directory.

Is there any hack/way apart from chroot
0
 
LVL 38

Expert Comment

by:yuzh
ID: 33743365
It should would!
but you shout get rid of "alias cd='cd $HOME'" .
0
 
LVL 1

Author Comment

by:Peddu_bhanu
ID: 33760376
Well if i get rid of the alias then i would not be able to achieve the criteria.

So is there a way to tweak the cd ( some how aliasing it) in the profile files of the user so that the is confined to his home directory tree and nothing else.
0
Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

 
LVL 38

Expert Comment

by:yuzh
ID: 33763912
With chroot jailed ENV, the user should be able to move around inside the home dir and the sub-dirs (user should be the owner of their home dir).
0
 
LVL 1

Author Comment

by:Peddu_bhanu
ID: 33768909
Well yuzh as i said I know it is possible using chrooted env .What I need is any other method and NOT chroot env
0
 
LVL 38

Accepted Solution

by:
yuzh earned 500 total points
ID: 33775179
You can try to use "rksh", if it is a FTP only account (not login shell), please have a look at the answer in http:Q_21943197.html
also have a look at the following note:
http://www.hpug.org.uk/index.php?option=com_content&task=view&id=492&Itemid=93 
0
 
LVL 1

Author Comment

by:Peddu_bhanu
ID: 33956712
I m looking for more options
0
 
LVL 38

Assisted Solution

by:yuzh
yuzh earned 500 total points
ID: 33966068
>>I m looking for more options
Please post your requirements, so that the experts can help you, have a nice weekend!
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
How to improve IO of Solaris machine 15 84
Audit HISTFILE for all users on AIX 9 108
Virtualizing TAPE on dual VIOS 3 79
ftpcommand 2 57
My previous tech tip, Installing the Solaris OS From the Flash Archive On a Tape (http://www.experts-exchange.com/articles/OS/Unix/Solaris/Installing-the-Solaris-OS-From-the-Flash-Archive-on-a-Tape.html), discussed installing the Solaris Operating S…
Using libpcap/Jpcap to capture and send packets on Solaris version (10/11) Library used: 1.      Libpcap (http://www.tcpdump.org) Version 1.2 2.      Jpcap(http://netresearch.ics.uci.edu/kfujii/Jpcap/doc/index.html) Version 0.6 Prerequisite: 1.      GCC …
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
In a previous video, we went over how to export a DynamoDB table into Amazon S3.  In this video, we show how to load the export from S3 into a DynamoDB table.

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

24 Experts available now in Live!

Get 1:1 Help Now