Sorry for the lack of detail... Basically,
It's a 3rd party java based application, numerous configuration files, etc, which are dynamically updated via the application itself. Lots of log files, etc. The users access it via a web page front end, but our developers are asking to get "beneath the covers" while it's running. Right now I am using a restricted ftpd where then can only do "gets" from various directories. That way they can pull the files back that they need to look at for debugging, monitoring, etc. The developers are complaining that what they really need is "telnet/ssh" access so that they can get in and look at the filesystem as a whole. I realize that they "should" be able to do this all via FTP, but I have been told to come up with a solution to make this work for them. So I guess a better way to word it would be that I am looking for a way to grant them read-only access to the filesystems on the host. But Linux Owner/Group/World Permissions won't work since I can't really muck with them since they are set by the vendor. They have certain areas which are validly world writeable, but where an accidental key stroke could wreak havoc on the app, so I need to guarantee read only to those areas. ( I sure do miss RACF at times ) I like the idea of another image which mounts all the filesystems RO, but I need to investigate it further and try some experiments. I have also found a couple of interesting discussions by searching on kiosk and restricted shell which Tzafrir Cohen recommended, but I still need to do some digging. Thanks again! ------------------------------------------- Jeremy Warren Sr. Systems Programmer KB Toy Stores mailto:[EMAIL PROTECTED]@kbtoys.com |---------+----------------------------> | | "Post, Mark K" | | | <[EMAIL PROTECTED]| | | m> | | | Sent by: Linux on| | | 390 Port | | | <[EMAIL PROTECTED]| | | IST.EDU> | | | | | | | | | 03/22/2003 01:38 | | | PM | | | Please respond to| | | Linux on 390 Port| | | | |---------+----------------------------> >-----------------------------------------------------------------------------------------------------------------------------| | | | To: [EMAIL PROTECTED] | | cc: | | Subject: Re: [LINUX-390] Read-Only Telnet | >-----------------------------------------------------------------------------------------------------------------------------| Jeremy, You're a little too vague (for me) about what you mean by "so they can look at an application." Do you mean you want to be able to demo something for them? Do you only want to allow them to see the output of the application? (In that case, generating HTML output and having them point their web browser at the system might be quickest/easiest.) Something else entirely? Mark Post -----Original Message----- From: Jeremy Warren [mailto:[EMAIL PROTECTED] Sent: Friday, March 21, 2003 9:21 AM To: [EMAIL PROTECTED] Subject: Read-Only Telnet Does anyone know of a simple/quick way to setup a GUARANTEED read-only access to a linux guest? Maybe some type of read-only telnet/ssh daemon? I couldn't find a switch to either of them. Basically I need to grant read-only access to a system to a group of users so they can look at an application, However the user/group/world file permissions for other reasons don't allow me to guarantee that these users will have read-only. TIA! ------------------------------------------- Jeremy Warren Sr. Systems Programmer KB Toy Stores mailto:[EMAIL PROTECTED]@kbtoys.com
