Latest LQ Deal: Linux Power User Bundle
Go Back > Forums > Linux Forums > Linux - Newbie
User Name
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!


  Search this Thread
Old 10-30-2008, 08:40 PM   #1
Senior Member
Registered: Mar 2003
Location: fasdf
Distribution: Debian / Suse /RHEL
Posts: 1,130

Rep: Reputation: 30
Restrict the user working directory

If I want to restrict the user can only access his home directory , even /tmp/ directory also can't access , can advise what can i do ? thx
Old 10-30-2008, 09:08 PM   #2
Registered: Nov 2004
Distribution: Slackware
Posts: 73

Rep: Reputation: 15
Create a new group such as "restricted"

And then, when creating the user, assign them to this group instead of the default "users" group.

It might be necessary to change the permissions on current /home/user directories to 700 if you want to restrict them to only their user, or 750 if you want other users from the same group to be able to read and execute the files, but not write to them.

As a side note, it might not be entirely possible to lock them out of all other directories, as the user will probably need to run programs in the system's bin directories, and programs the user will be using will write temp files to the /tmp directory.

Last edited by Savet; 10-30-2008 at 09:10 PM.
Old 10-30-2008, 11:21 PM   #3
Registered: Sep 2003
Location: Sydney Australia
Distribution: Redhat, Centos, Solaris, Ubuntu, SUSE
Posts: 282

Rep: Reputation: 45
See Restricted Shells, for example rbash.
Old 10-30-2008, 11:42 PM   #4
LQ Guru
Registered: Aug 2001
Location: Fargo, ND
Distribution: SuSE AMD64
Posts: 15,733

Rep: Reputation: 671Reputation: 671Reputation: 671Reputation: 671Reputation: 671Reputation: 671
A user needs access to /bin/, /etc/, /usr/lib/, /usr/bin/ and maybe even /tmp for programs to function properly. The programs can't run if the user can't read files in those directories. Files like /etc/passwd are needed to login. Also, kde and gnome may have links to /tmp for temporary and cached files. Being so restrictive, why have users at all!


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
vsftpd: restrict ftp user to designated directory Niceman2005 Linux - Software 3 06-19-2008 01:58 AM
Restrict directory access nazimrj Linux - Newbie 9 09-13-2006 08:49 AM
.forward file not working for user having it's home directoryon NFS mounted directory skverma_in Linux - General 0 02-14-2005 02:54 AM
restrict user to home directory at logon pragti Linux - Security 6 02-27-2004 08:00 AM
Restrict directory access bdu Linux - Security 1 02-07-2002 12:13 PM > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 01:01 AM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration