I have a question about user policies which I hope some can provide some
guidance. I have a small set of users who are tightly restricted on our
network. They are only allowed to log into certain machines, and mount
specific filesystems located on other machines. At the moment we have
these systems locked down through a combination of local system
accounts, and static mounts in fstab.
I have setup a few test accounts, created an HBAC Rule, and a custom
automount map for each account. Is this the best way to achieve this?
Is there a way to create a policy to restrict users to specific
filesystems? In my ideal world, it would be great to have the
restricted user to login, have the restrictions applied, then have a
non-restricted user log onto the same machine, and still have access as
they would on another machine.
So, what are your thoughts/
Manage your subscription for the Freeipa-users mailing list:
Go to http://freeipa.org for more info on the project