Kelvin Ng wrote:
> I've created new a user account for login . This
> user acount basically to allow system administrator
> login from home via internet , to access company
> network devicess such as router,switch and server.
hope you are using a secure shell or something like that for this.
> This is the only way to allow system administrator
> access company private network. Otherwise , there is
> no possible to access private network from internet .
> Since my linux box act as transit ,I wants to allow
> them to access those files or command within their
> home directory ; but restrict use those files or
> command located in /usr, /etc /bin and other user home
> directory . They are also allow to use ping
> ,traceroute and telnet command for trouble shooting
> and maintenance. Does somebody knows how to
> configure it ?
all the comands u want the person to use should be copied to some
directory (e.g. ~/bin). create a directory structure in his home
directory which wil hav /etc, /usr, etc. and do a chroot to his home in
the system initialization script (/etc/profile or /etc/bashrc) after
cheking that particular user. something like folows:
if [$USER = "special" ] ; then
chroot $HOME #$HOME is the directory which has the complete directory
structure of /etc, /bin, /usr.
exit
fi
----------------------------------------------
LIH is all for free speech. But it was created
for a purpose. Violations of the rules of
this list will result in stern action.
