Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Introduction to Linux - A Hands on Guide
This guide was created as an overview of the Linux Operating System, geared toward new users as an exploration tour and getting started guide, with exercises at the end of each chapter.
For more advanced trainees it can be a desktop reference, and a collection of the base knowledge needed to proceed with system and network administration. This book contains many real life examples derived from the author's experience as a Linux system and network administrator, trainer and consultant. They hope these examples will help you to get a better understanding of the Linux system and that you feel encouraged to try out things on your own.
Click Here to receive this Complete Guide absolutely free.
I am running a small server with Gentoo. I will be using this for Web, Mail, POP3, possibly DNS, and MySQL. I am going to be hosting a few domains, two for myself and a couple other for some friends. I will also leave SSH open, for a terminal session as well as secure FTP.
My plan is to create a group for each domain I add (accept of course for my own domains). This way if more than one person happen to be involved in maintaining the site, I can give them each thier own account, as well as Email address, etc. What I want to be able to do is to create a "sub-root" administrative account, one with which I can if necessary have access to all of the files in each particular group yet not be able to, for example, run init scripts or tweak config files. (My reasoning for this is the same as that behind the idea of adding a normal user in addition to root in Linux installs: So I can do day-to-day work with it without accidentally breaking my system. I might also give such an account to another person whom I trust, but otherwise it is mainly for myself.) The best thing I can think of doing in this case is to create an account and add it to each of the groups, but the problem with this would be that it would still be possible to hide things from this admin.
Have some of you guys had a similar situation? I know the whole Linux security setup is not very flexible in terms of this sort of thing, but it seems like there should be a way. Thanks for any input.
It's not as easy as it sounds because when you chroot an SSH connection, then you are not allowing access to /bin /usr and the like, which is where the programs you want to run are. There a some decent tutorials that cover it more in depth, but a quick google search will yield multiple results.