> On 17 Dec 2015, at 11:35, José Garcia <jose.gar...@zap.co.ao> wrote: > > Hi guys, merry christmas and happy new year. > > I have a freeipa (4.1.0) server on a centos 7 machine and its working fine > even with active directory integration. > > But I would like to know if is it possible to deny read access to certain > system configuration files and directories > within the server and on clients , such as /etc/passwd for example.
Same as for any users - either with UNIX DAC file permissions or SELinux. There is really nothing special about IPA users with this respect. btw The IPA users are not stored in /etc/passwd and in general the data in /etc/passwd is not sensitive. > -- > Best Regards > -- > Manage your subscription for the Freeipa-users mailing list: > https://www.redhat.com/mailman/listinfo/freeipa-users > Go to http://freeipa.org for more info on the project -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
