Hi all,
I need to create a special linux user account that has a very
limited set of permissions on the system. Essentially to
have read-only permissions for his home dir (and sub dirs)
and nothing else - i.e. this user has no write or execute
permissions and should not be able to read/access other user
dirs or indeed anything outside of his home directory,
irrespective of rwx permissions.


Thanks,

well you can't prevent them reading anything outside of a home directory otherwise they can't use the system commands etc - they'd have no way to do the few things you want them to be able to do. And if they are not executing anything, why do they need a shell login, is this not more of an ftp / http access that's needed?

I guess you probably want to look at a chroot jail, but not of their home directory, as they still own that, so you'd actually want them no have no home directory, but instead be dumped somewhere else, with the tools they are allowed to use to do whatever they can do symlinked into that mini environment with chroot, so there is nowhere else to go.

That doesn't make any sense. His home dir is there as a place for ANY application he uses to store his preferences, histories, etc. The whole point of home directories is that they are isolated from the rest of the file structure.

So, what do you propose he do with this set of permissions; that wouldn't even allow him to log in, or list files, or *anything*. Since this is the whole point of creating a user, this requirement seems to be senseless.

--

Actually I want to create a user for FTP Server which has no any privileges to access any things outside his home directory .

Thanks.

I am still waiting for this problem .
Is there anything wrong in my thread .


Thanks

You may be waiting a while. This isn't paid tech support, it just folks generously giving their time and effort.