SU restriction

[samjoo]

hi!

I want to restrict switching other dir using 'su' command except for user's home dir.

How to get the solution?

 

[Germo]

Sorry for not understanding probably but could you explain that again please?

Do you mean restricting users from "su"'ing to other user or restrict users from changing into another user home directories....?

 

[samjoo]

hi! Germo
thanks for your reply!

I'm sorry! i correct from 'su' to 'cd'commnad.

 

[Germo]

Right Here goes mate,

Here are the steps below (to be done as root user),

1. create a new group..for example I'll use the group "test01".

2. if you create a new user set there Primary Group and Group Set to the new group you created in step 1 (test01).

3. if the user already exist change there Primary Group and Group Set to the new group you created in step 1 (test01).

4. as root cd into "/home" change the permissions of the users home directory.

Example = lets say I have created a new user called "terry1", now his home directory would be /home/terry1, his current permission by default on his home directory are "drwxr-xr-x 2 terry1 staff /home/terry1", change the permissions too "drwxr-x--- 2 terry1 test01 /home/terry1" do this by the following

chown terry1:test01 /home/terry1
chmod 760 terry1

Now any other user not in the "test01" group will not be able to see anything within the home directory of terry1.

I hope this helps, let me now?

 

[hirschaj]

You can set up your users to use restricted shell (Rsh). Here is some info on restricted shell...

http://www16.boulder.ibm.com/pseries/en_US/aixuser/usrosdev/restricted_shell.htm

Jim Hirschauer

http://www.aixexpert.com

 

[samjoo]

Thanks! Germo.

I'd like to make An specific user can,t move other dir except for user own home dir.

Thanks in advance!