Server :: Chroot Users To Thier Home Directories?
Dec 11, 2010How can i chroot group of users to thier home directories and they have ssh access on RHEL 5.5 .. i tried many tuts but it was about chroot services.
View 2 Replies
ADVERTISEMENT
Fedora :: Chroot Users To Home Directory In SFTP Server?
Apr 12, 2011I see this questioned asked a lot and figured this tutorialThis tutorial explains how to create an SFTP server which confines (or chroot) users to their own home directory and deny them shell access.
View 1 Replies View RelatedRed Hat / Fedora :: Restrict Users To Their Home Directories And Allow Admins To Have Different Home Directories?
Jan 20, 2010Is it possible to restrict users to their home directories and allow admins to have different home directories? Essentially I want users to have a folder in /var/www/html/$USER and admins to have either unrestricted access or have their root directory be ./ or /www or /etc. I have is set now so users have access to thier home direcotry but I need to upload web files as admin.
So far I have created:
chroot_list
user_list
[code]....
Server :: Setup Vsftpd With AD Users Without Home Directories Created?
Jul 3, 2009I'm testing a Debian Lenny virtual machine to simulate my ideal setup for FTP server (with vsftpd): I want all internal users (corporation users with Active Directory accounts) to ftp into the same directory (i.e. /var/FTP/AD-DOMAIN/) and external users (customers) to ftp into their home directories (created manually on request).
I added user_config_dir=/etc/vsftpd_user_conf option in /etc/vsftpd.conf file and I've created /etc/vsftpd_user_conf/domain-user1 with local_root=/var/FTP/AD-DOMAIN
I have setup vsftp so I can ftp with every external and internal user chrooted and is working properly. AD validation for internal users and "normal" validation (via /etc/passwd) for external users work perfect.
I can FTP this server into /var/FTP/AD-DOMAIN with any AD user with its home directory created (i.e. /home/AD-DOMAIN/domain-user1/) but if I try to ftp with any AD user without its home directory created I get the error "500 OOPS: cannot change directory:/home/AD-DOMAIN/domain-user2"
I have found some references (http://wiki.flexion.org/FtpServer.html and http://howto.gumph.org/content/setup...ies-in-vsftpd/) about vsftp PAM authentication so I would supposedly get rid of the error message and the user would log into /var/FTP/AD-DOMAIN without problems, but I can't figure out how to setup my FTP server.
Debian :: Restrict FTP Users To Home Folders (chroot)?
Feb 11, 2010I have a debian-based ftp server running that I have created a few user accounts on. I will have clients uploading files to the server via ftp soon, and I need a way to restrict their access to only their home folders. I am not familiar with chroot, but from what I read, it can be used to restrict a user to their home folder, and that sounds perfect. How can I do this?
View 4 Replies View RelatedGeneral ::anything Special About Home Directory Before Users' Home Directories Are Stored There
Jun 19, 2010Is there anything special about a home directory before users' home directories are stored there, or is just as typical as any other "empty" folder?Let me just cut to the chase, but please no ear ringing about the folly of messing around as root, particularly with directories at root level. I know it's considered stupidity, but I deleted my home directory.
Is there an easy way to restore a working home directory? I tried copying /etc/skel under root, but I'm not sure what a home directory should look like once it has been restored. Besides . & .., there were .screenrc & .xsession in my home directory when I copied /etc/skel. Are these files suppose to be in "/home" or "/home/~" or both?
Fedora Servers :: How To Chroot The Sftponly Users Into Their Home Directory
May 21, 2010I have an SFTP server using OpenSSH on a server running Fedora 12. I want to chroot my sftponly users into their home directory but I want to let them have write access to their upload/ folder. Right now users can log in and view & download items, but for some reason I can't get write access to work. Here's some info:
username: testuser
group: sftponly
from /etc/passwd:
testuser:x:501:501::/home/testuser/:/bin/false
[code]...
General :: Add Directories To A New Users / Home?
Mar 31, 2011I don't quite understand /etc/skel. I know that everything in /etc/skel will effect all NEW users, and that's about it.
Basically, what I'm trying to do is add the directories "home" and "work" to the users /home directory.
How do I do this?
Fedora :: Permission To Access Users' Home Directories?
Jan 25, 2011I'm a refugee from WindowsXP, running Fedora 14 with three user accountsMy problem is that I need the primary user (userd 500) to be able to have full access all other users' files in their home directories so that user can copy, move, delete, etc.I tried making that user a member of the other users' groups - but I still get the 'not got permission' error when I try to access their home directories
View 8 Replies View RelatedUbuntu Servers :: Placing Quota/cap On Users' /home Directories?
Jul 28, 2010I have my home server setup, running 10.04 x64. The OS is installed on a 300GB WD Blue drive, and I have a RAID5 array md0, consisting of 4x 2TB WD Green drives, mounted as /home. I am sharing the home directories using samba and using them to back-up the other computers in the house. I have created a user account+password for each computer, giving it its own "/home/computername_backup/" directory to store it's backups in.
Computers being backed-up:(750GB) Gaming PC running Win7 Ultimate x64
(30GB + 2TB) HTPC running Win7 Home Premium x64
(32GB) Netbook running Win7 Home Premium x32
(250GB) 2 Macbook Pros Running OS X 10.6.4 (tweaked to allow time machine to recognize the samba share as a time machine volume
Question: 5.37TB of /home seems good for now, and I haven't run into any problems so far, but I don't want to have to keep checking. I'd like to put a size cap on each user's home, to prevent one of the computers from gobbling up all the space. Is there an easy (or hard) way to configure this type of thing? My Macbook, for example, only has a 250GB HD. I could give it 3-400GB of space for its home and that would be plenty - whenever it filled its /home/, it would start erasing the oldest backups. If there is no size limit, I believe it will just continue to grow until all the free space is gone.
Considerations: Right now, the HTPC is storing all its media locally (on the installed 2TB drive). However, I've already used 3/4 of the space and the HPTC enclosure can only hold one drive. My plan moving forward is to have /home be used to store media files (iTunes music for all computers and tv/movies for the HTPC), which is another reason I'd like to ensure that the backups don't take up all the space.
I realize I could create a partition for each computer, but I'd prefer not to go down this route. This would seem an untenable tactic if I added another computer next month, or if I realized that the partition was too small.
Programming :: Script To Search Users Home Directories For Certain Words?
Feb 20, 2011I am trying to create a bash script that will search all users home directories on a system for words like quit, steal, kill etc. Pretty sure I'm going to be using grep /home. The only thing is that obviously a word like 'kill' could have normal uses too like "I need to kill the process." How would I go about flagging a user with the word/phrase found, and the path while also omitting legitimate uses?
View 1 Replies View RelatedUbuntu Servers :: Mounting Home Directories Of Users To Respective Desktops
Jan 8, 2010I'm trying to mount the home directories of the users on the server to the respective desktops. I would like to use the libpam-mount module. do you guys know, how make it run? I am using 9.10 both server and desktop and the most recent pam-mount module. I know that the /etc/security/pam_mount.conf.xml needs to be edited. I added the following to it:
Code:
<volume user="username" fstype="cifs" server="IP-Server" path="/home/username" mountpoint="/media/server" />
Red Hat / Fedora :: SELinux Is Preventing The Samba Daemon From Reading Users' Home Directories
Sep 1, 2010My Fedora box is giving me an SELinux security error:
Code: Summary:
SELinux is preventing the samba daemon from reading users' home directories.
Detailed Description:
SELinux has denied the samba daemon access to users' home directories. Someone
is attempting to access your home directories via your samba daemon. If you only
setup samba to share non-home directories, this probably signals an intrusion
attempt. For more information on SELinux integration with samba, look at the
samba_selinux man page. (man samba_selinux)
Allowing Access: If you want samba to share home directories you need to turn on the
samba_enable_home_dirs boolean: "setsebool -P samba_enable_home_dirs=1"
Fix Command:
setsebool -P samba_enable_home_dirs=1
Additional Information:
Source Context system_u:system_r:smbd_t:s0
Target Context unconfined_u:object_r:user_home_dir_t:s0
Target Objects /home/micah [ dir ]
Source smbd
[code]....
Server :: Restricting Users To Two Directories Centos 5.3?
Feb 16, 2010I need some kind of step by step process to restrict my users to only have access to directories that I specify ? For example user joe can only access his home directory, read access to /tmp and read access to /var/log/httpd
View 1 Replies View RelatedGeneral :: Multiple Users To Create Directories Over SFTP So The New Directories Keep The Same Permissions?
May 15, 2011I want to make a webserver with multiple users allowed to login through SFTP to a specific folder, www.Multiple users are added, lets say user1 and user2, and all of them belonging to the www-data group. The www directory has an owner www-data and a group www-data.
I have used chmod -R 775 on the www folder, but after I try to create a folder test through my SFTP server (using Filezilla) the group of the directory created has only r and x permissions, and I am not able to log in with the second user user2 and create a directory within www/test due to a lack of w permission to the group.
I also tried using chmod 2775 on www directory, but without luck. Can somebody explain to me, how can I make it so that a newly created directory inherits the root directory group permissions?
Server :: Home Directories Based On Group Membership
Jul 10, 2011I have recently joined an 11.04 server to an AD and want to configure home directories based on group membership for all AD users that login. Basically, I want one home directory for "Domain Users" and another for "Domain Admins".
View 8 Replies View RelatedServer :: [CentOS + LDAP] Create Home Directories On The First Login?
May 26, 2010I noticed in Fedora that in Authenticate Configs ->Advanced, that there is an option to "Create home directories on the first login".I'd like to know if its possible to enable that through a text config file on a CentOS box that has ldap authentication enabled. Right now it's complaining that the home folder does not exist upon loggin with an ldap account.
View 1 Replies View RelatedServer :: Use The NAS Storage Device To Store The Home Directories Of User?
Jun 15, 2011we have purchased the Dell PowerVault NF 500 NAS Storage Box with Window Storage server 2003 is Installed.we have LDAP server for authentication the user in network for accessing network resources.All ubuntu users on client side use ubuntu(LDAP server )for user authentication.when a user logon on client side machine his home directory is created on client machine .
but we want to use the NAS storage device to store the home directories of user.we want to implement that ,whenever a user logon his home directory is created on powerValut NF 500 storage device so that all user data is stored centrally for taking the backup .we want to mount NAS storage device so that user uses when they login and create user profile.
Server :: Samba And SELinux - Share The User Home Directories?
Oct 6, 2010I'm running a Samba server (3.5.2-60.fc13) on Fedora 13 (64 bit). I want to share the user home directories and want to allow following of symlinks out of the share tree. So in smb.conf I used
unix extensions = no
wide links = yes
For SELinux I did:
setsebool -P samba_enable_home_dirs=1
getsebool -a | grep samba
samba_create_home_dirs --> off
samba_domain_controller --> off
[code]....
However I can't follow the symlinks when mounting my home directory on a Windows machine, unless I disable SeLinux.
General :: SFTP Chroot - Unable Move Directories To Other Locations Of The System
Sep 26, 2010I tried setting up sftp for my users. Each of my user have their home directory at "/var/www/public_html/$USER". When my users are using sftp, they can only see their own directories and unable to move to other locations of the system. I followed through the following tutorials: [URL]
The users are able to sftp into the system successfully. However, they are able to see the whole system. Somehow, it appears that the users are not jailed in their home directory although in the tutorial it states otherwise. The difference of my system against the tutorial is that I am using Dropbear for SSH server while it is using Openssh server. Although dropbear does not support sftp, I am able to login through sftp through the use of sftp-server. For the internal mechanics, I am not sure how though.
Assuming that when I tried to SFTP, the sftp-server is ran with the sshd_config, then everything should be working fine right? Do i need to run chroot command at all? The following is the procedure I used to attempt the objective:
1) Add a new user to the group: SFTPonly
2) Chown user:SFTPonly user/home/directory
2) Modify the sshd_config to what is reflected in the tutorial and other paths.
Server :: Users Are Not Getting Their Home Directory In Rhel5?
Aug 3, 2010I don't know what i have done by mistake.
[root@server1 ~]# su - user
su: warning: cannot change directory to /home/user: Permission denied
-bash: /home/user/.bash_profile: Permission denied
-bash-3.2$ cd ~
-bash: cd: /home/user: Permission denied
-bash-3.2$
General :: Where To Chroot Their User Home Directory?
Oct 22, 2010Is there a way where i can chroot their user home directory, lets say the user login on linux box /home/user, what i wanted to do is to chroot /home/user where user won't be able to browse the filesystem which is /. Tnx
View 1 Replies View RelatedSecurity :: Sudo For Users But Only +r On Other /home/users Ubuntu 10.04 ?
Nov 1, 2010We are trying to set up a classroom training environment where our SIG can hold classes for prospective converts from Microsoft/Mac. The ten machines will have /home/student01..10 and /home/linsig01..10 as users. We want /home/student01 to be able to explore and sudo so they can learn to administer their personal machines at home. We don't want them to be able to modify (sudo) /home/linsig01. I've seen the tutorial on Access Control Lists but I'd like other input so we get it right the first time.
View 3 Replies View RelatedGeneral :: Access To Certain Directories To Ssh Users
Apr 17, 2010I want to restrict access to certain directories to my ssh users but allow them to read files by known path from there(mostly it's meant to be done by applications).
View 2 Replies View RelatedCentOS 5 :: Mapping Directories To Users?
May 6, 2009Problem: I need to map directories to a user's home directory when they log in.
For example, I need to map /school/homework/ to user "steve" in his home directory when he logs in. I'm guessing I could use a logon script, but I can't figure out what command I should be putting in the script. I've been searching for hours through man pages and googled it a ton and can't find anything on it.
Ubuntu Servers :: Completely Chroot Enviornoment Where Every Single Service Is In Chroot Mode (bind,mysql, Postfix)?
Jul 12, 2011recently we decided to make our own panel (like Plesk or cPanel) but for Ubuntu and it will be licenced under GPL (like any other professional sofware).want to make a panel not only that fits our needs but also the needs of other system administrators and domain owners. We researched other panels and found out that non of them has security/look/ease of use in one package. Bad codig is another problem found in other panels.I made a short overwiev of what I think we have to have in the beginning.I Security :1. Completely chroot enviornoment where every single service is in chroot mode (bind,mysql, postfix, .... )2. Easily managed IPtables trough web-based interface. 3. Coding rules has to be strict.
II Software selection :
1. MTA - Postfix
2. POP - dovecot
[code]....
Fedora Security :: Give FTP Control Of Different Directories To Different Users
Aug 24, 2010I have my own dedicated server box running (using it for game servers). I access it via ssh and I have root control of it. It has FEDORA Operating System. I wanna give FTP control of different directories to different users. Right now there are no other FTP users except root. I have installed vsftpd and dont know what should I do next? How do I add users (who can read/write/delete files) and How do I restrict them to their home directory?
Here is what I want:
username:client1
password:12345
home directory: home/server1
username:client2
password:12345
home directory: home/server2
Ubuntu :: Using Sudo To Restrict Users For Accessing Directories?
Jun 20, 2011Is it possible to restrict users with 'sudo' from accessing certain directories? Rather than just exclude cd and ls from the sudo privileges, that is.
View 5 Replies View RelatedUbuntu Servers :: Samab With Multiple Users Accessing Different Directories?
Apr 16, 2010I currently have samba setup and connecting. What I am trying to do is have multiple users with access to different directories. For example , let's say there are folders A B C on my Linux machine. I want one guy to see A and C and another guy to see B and C and a third guy to see them all. But I want each user to have access to change delete or execute the files within these directories that they have access to
View 4 Replies View RelatedGeneral :: If Some Users Modify/delete/create Files/directories?
Oct 25, 2010i've been wondering how do i know if some users create/modify/delete file/directory in linux, i've been using pyinotify in python script.this script like the example from the manual:
Code:
#!/usr/bin/python
import pyinotify, os, time
[code]...
