> On 17 Dec 2015, at 11:35, José Garcia <jose.gar...@zap.co.ao> wrote:
> Hi guys, merry christmas and happy new year.
> I have a freeipa (4.1.0) server on a centos 7 machine and its working fine
> even with active directory integration.
> But I would like to know if is it possible to deny read access to certain
> system configuration files and directories
> within the server and on clients , such as /etc/passwd for example.
Same as for any users - either with UNIX DAC file permissions or SELinux. There
is really nothing special about IPA users with this respect.
btw The IPA users are not stored in /etc/passwd and in general the data in
/etc/passwd is not sensitive.
> Best Regards
> Manage your subscription for the Freeipa-users mailing list:
> Go to http://freeipa.org for more info on the project
Manage your subscription for the Freeipa-users mailing list:
Go to http://freeipa.org for more info on the project