Actually since we will have multiple websphere systems running, that's not
a bad idea. One stop log shopping,
Jeremy Warren
[EMAIL PROTECTED]
omTo
Sent by: Linux on [EMAIL
When you export a samba share, since the desktops use wins, we've been
seeing that desktops cannot resolve the dns name if it isn't in the wins
server but if you go with the ip address (ie \\calhoun doesn't work but
\\123.456.789.001 does) - do you have to register this with a primary wins
server
You can tell Samba to register itself with WINS:
wins server = aaa.bbb.ccc.ddd
Mark Post
-Original Message-
From: Linux on 390 Port [mailto:[EMAIL PROTECTED] On Behalf Of James
Melin
Sent: Wednesday, October 13, 2004 8:55 AM
To: [EMAIL PROTECTED]
Subject: Re: Confining a user to the
if it's just to view logs how about a restricted ftp account that can only
access your log dir?
just a thought
William 'Doug' Carroll
Mainframe Systems Engineer II
Global Technology Infrastructure
(614) 213-4954 Office
(877) 899-1697 Pager
(614) 244-9897 Fax
http://www.bankone.com
On Tue, 12 Oct 2004 02:34:20 -0400, Doug Carroll
[EMAIL PROTECTED] wrote:
if it's just to view logs how about a restricted ftp account that can only
access your log dir?
Or a web server?
--
Rob van der Heij rvdheij @ gmail.com
I thought about that but they wanna be able to less and tail the file. A
lot of this is because I am about to go to pam authentication and don't
want to add a bunch of short lived local users, or I'd simply add all of
the developers to a group and go that way. I just don't want to, and my
boss is
On Tue, 2004-10-12 at 08:16, James Melin wrote:
I thought about that but they wanna be able to less and tail the file. A
Maybe you want to, rather than let them have a real shell, just a a CGI
app that displays the file(s) and lets you scroll back and forth in it
(them)?
Adam
Yes, and if they want to see more... that's what the refresh button on the
browser is for. (Yes, I'm smirking.)
Around here anonymous FTP is a no-no so if someone needs a file distributed
it goes up under the /HTML tree. (Yes, I'm _that_ lazy, I symlink /HTML to
wherever the document root is
Mebbe. But that sounds like work :) I'll have to look at that. Isn't hard,
certainly.
Adam Thornton
[EMAIL PROTECTED]
mine.net To
Sent by: Linux on [EMAIL PROTECTED]
390
-Original Message-
From: James Melin [mailto:[EMAIL PROTECTED]
Sent: Monday, October 11, 2004 04:49 PM
To: [EMAIL PROTECTED]
Subject: Confining a user to the home directory specified in the user record
How do you set a user account up so that the ID cannot traverse 'above'
their
On Tue, 2004-10-12 at 09:41, James Melin wrote:
Mebbe. But that sounds like work :)
Yeah, but easier than building a nice padded shell environment for
them... Basically, if all they need is a pager, then don't give them a
real shell. Or maybe just NFS-export the log directory read only, and
Another thought would be to setup a small system that they had access to
that you didn't care about if they broke...
Then do read only NFS mounts to the real box...
This way they can go in and do what they need to without breaking things...
my $.02
---
Jeremy
Or use Samba to export the directory and they can connect directly from
their Windows desktops (or UNIX or Linux or Mac) without the hassle of
setting up another system.
Mark Post
-Original Message-
From: Linux on 390 Port [mailto:[EMAIL PROTECTED] On Behalf Of Jeremy
Warren
Sent:
How do you set a user account up so that the ID cannot traverse 'above'
their assigned home directory? Our developers want me to setup a dozen
user accounts with access to their application log dir. I wanna set up one,
and only one, and confine it to the log directory. I know how to set the
On Mon, 2004-10-11 at 11:49, James Melin wrote:
How do you set a user account up so that the ID cannot traverse 'above'
their assigned home directory? Our developers want me to setup a dozen
user accounts with access to their application log dir. I wanna set up one,
and only one, and confine
On Mon, 2004-10-11 at 11:49, James Melin wrote:
How do you set a user account up so that the ID cannot
traverse 'above'
their assigned home directory? Our developers want me to
setup a dozen
user accounts with access to their application log dir. I
wanna set up one,
and only one, and
Well, basically I want to define one user for the developers to use to
view the log directory of their Java app, rather than defining a dozen. I
will be doing the PAM authentication thing soon, so that's why I don't
wanna define individual users.
They have no business going into other directories
As David said, look at what a restricted shell does for you. man bash and
then look for RESTRICTED SHELL starting in column one. It should do what
you want.
Mark Post
-Original Message-
From: Linux on 390 Port [mailto:[EMAIL PROTECTED] On Behalf Of James
Melin
Sent: Monday, October
Looks like rbash or bash -r will do the job nicely.
David Boyes
[EMAIL PROTECTED]
e.net To
Sent by: Linux on [EMAIL PROTECTED]
390 Port
On Llu, 2004-10-11 at 18:45, James Melin wrote:
Looks like rbash or bash -r will do the job nicely.
For most real uses bash -r breaks down very fast. Gives someone vi
and they can break out for example. If your distro is new enough you
can use bind mounts to avoid extra copies of data on those
20 matches
Mail list logo
