-   Linux - Software (
-   -   lock user to directory and service (

turbo_acura 12-06-2007 06:37 AM

lock user to directory and service

In Redhat ES4, how do i create a user and lock him down to his home directory and only able to use the SSH service only?


jschiwal 12-06-2007 09:08 AM

I think that either you need to put him in a jail, or use SE-Linux settings. However, he will need to be able to read directories like /bin/, /usr/bin/, /etc/, /lib/, /usr/lib etal to be able to run commands.

turbo_acura 12-06-2007 09:26 AM

i'm trying to avoid using SELinux as it has caused me problems in the past. The user just needs to use SSH, which i wouldn't think they need access to /bin and other directories..but not sure really...

jschiwal 12-06-2007 09:38 AM

SSH is a transport to run the shell, which is bash by default. You would need the same access if you used SSH as you would if you were logged in locally. Any command the person runs that needs to load a dynamic library will need access to that library and the directory that library is in. The /etc/ directory must be readable to be able to log in.

All times are GMT -5. The time now is 11:01 AM.