if it's just to view logs how about a restricted ftp account that can only access your log dir?
just a thought William 'Doug' Carroll Mainframe Systems Engineer II Global Technology Infrastructure (614) 213-4954 Office (877) 899-1697 Pager (614) 244-9897 Fax http://www.bankone.com James Melin <[EMAIL PROTECTED] To: [EMAIL PROTECTED] epin.mn.us> cc: (bcc: William D Carroll/OH/ONE) Sent by: Linux on Subject: Re: Confining a user to the home directory specified in the user record 390 Port <[EMAIL PROTECTED] ST.EDU> 10/11/2004 01:45 PM Please respond to Linux on 390 Port Looks like rbash or bash -r will do the job nicely. David Boyes <[EMAIL PROTECTED] e.net> To Sent by: Linux on [EMAIL PROTECTED] 390 Port cc <[EMAIL PROTECTED] IST.EDU> Subject Re: Confining a user to the home directory specified in the user 10/11/2004 12:28 record PM Please respond to Linux on 390 Port <[EMAIL PROTECTED] IST.EDU> > On Mon, 2004-10-11 at 11:49, James Melin wrote: > > How do you set a user account up so that the ID cannot > traverse 'above' > > their assigned home directory? Our developers want me to > setup a dozen > > user accounts with access to their application log dir. I > wanna set up one, > > and only one, and confine it to the log directory. I know > how to set the > > 'home' dir in the user record, I just don't know how to > stop them from > > getting out of it You may also want to look up the "restricted" shell -- it's designed for "padded cell" things like that. You have to specifically list any and all files that can be accessed from the id, but it sounds like that might be doable for this application. ---------------------------------------------------------------------- For LINUX-390 subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390 ---------------------------------------------------------------------- For LINUX-390 subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390 This transmission may contain information that is privileged, confidential and/or exempt from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or use of the information contained herein (including any reliance thereon) is STRICTLY PROHIBITED. If you received this transmission in error, please immediately contact the sender and destroy the material in its entirety, whether in electronic or hard copy format. Thank you. ---------------------------------------------------------------------- For LINUX-390 subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390
