 |
 |
setting user's home dir to be shown as root
|
|
|
|
|
Junior Member
Join Date: Nov 2004
Location: Michigan
Status:
Offline
|
|
I want to limit a certain user's ability to "roam" the server. When they ssh in, I want their home directory to be shown as root for them (ie: they can't do 'ls ../'). Is there any easy way to do this?
|
|
|
| |
|
|
|
|
|
|
|
Dedicated MacNNer
Join Date: Jun 2003
Status:
Offline
|
|
Yes, by using the Workgroup Manager, part of the Server manager program group.
|
|
|
| |
|
|
|
|
|
|
|
Dedicated MacNNer
Join Date: Jun 2003
Status:
Offline
|
|
Yes, by using the Workgroup Manager, part of the Server manager program group.
|
|
|
| |
|
|
|
|
|
|
|
Junior Member
Join Date: Nov 2004
Location: Michigan
Status:
Offline
|
|
Sorry I'm probably blind but I can't find the option anywhere in Workgroup Manager. Can you be more specific please?
|
|
|
| |
|
|
|
|
|
|
|
Dedicated MacNNer
Join Date: Jun 2003
Status:
Offline
|
|
Sorry for the double-posting.
In the Workgroup Manager, when creating new users, the server will only create a "network" user, without any real "home" folder.
1. If you have direct access to the server, and are able to create users from System Pref > Accounts, that will create a "home folder" for that user directly (Users/useraccountfolder). That will allow you to select the Share point for any given user in WM (Share > Select User Home > Click on user name folder > Save) later on.
2. Creating users through the WM will create a "online user" without any home folder. For this setup, you would have to create a Share Point through WM first (the Share button on top of the WM window), and then assign it to a user.
The help docs in WM should tell you how to create Share Points. Short version, click on Share in WM > All tab > Select a folder > Save (i am not sure if the steps are in line, but that is what I remember, sorry I am not in front of a OSX box right now).
Hope it helps.
|
|
|
| |
|
|
|
|
|
|
|
Professional Poster
Join Date: Apr 2001
Location: Long Beach, CA
Status:
Offline
|
|
Originally posted by ctlq:
I want to limit a certain user's ability to "roam" the server. When they ssh in, I want their home directory to be shown as root for them (ie: they can't do 'ls ../'). Is there any easy way to do this?
I hate to dash your hopes, but this is likely not possible in the form that you are requesting. Running any kind of command that is not built into the shell requires read access to the directories in the search path, which would be outside of the home directory.
The better option would be to make sure that you don't have any sensitive files in places that you shouldn't. You should keep your files in the Documents folder of your home directory. If you must keep them elsewhere, then modify the permissions on the folder so that this user does not have access. You may need to create additional groups that don't include this or other users.
In Unix, you can't or shouldn't keep users out of /, but you can keep them out of the files within there.
Note that what you are requesting is easily possible with ftp or afp, etc... you may just need to restrict this user from command line access. If you set their default shell to "none", then that's a start. It may still be possible to use SSH to execute a shell, but I haven't tried.
BTW, zwiebel_ has a somewhat distorted view of what Workgroup Manager is and is not capable of doing. You have no reason to use system preferences to create the account.
|
ACSA 10.4/10.3, ACTC 10.3, ACHDS 10.3
|
| |
|
|
|
|
|
|
|
| |
|
|
|
 
|
|
|
Forum Rules
|
|
|
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
|
HTML code is Off
|
|
|
|
|
|
|
|
|
|
|
|
|
Top
