is there a way to create a user and limit him to read,write and execute only in one direcotry.
the directory is already exsist and it belongs to dba group.
i would like to make this user can't even cd to another directory or even if he can he cant do anything in the other directories.
if anyone can help me with this and with the code in doing it, i would be very great full thanks in advance
this should be the default thing already.... that is.
if you create a home dir john as /home/john, make him as owner and give all permission... he will not be able to do anything with /home/tom or /home/jerry. ( make the permissions appropriately at tom & jerry )
He can manipulate anything under /home/john. are you looking for this -- read about chmod, chown.
what you mean by only one directory ? -- only /home/john and he should not go to /home/john/Music or something else ?
If it is he can do anything with /home/john, and he should not go for /home/tom, then tom should be owner of that dir, and for others/group dont give read & execute permission.
Although I'm unsure about what precisely your requirements are, you might achieve that by using a combination of ACLs and a restricted shell like rksh.
If Bash is started with the name rbash, or the `--restricted' option is supplied at invocation, the shell becomes restricted. A restricted shell is used to set up an environment more controlled than the standard shell. A restricted shell behaves identically to bash with the exception that the following are disallowed:
Changing directories with the cd builtin.
Setting or unsetting the values of the SHELL, PATH, ENV, or BASH_ENV variables.
Specifying command names containing slashes.
Specifying a filename containing a slash as an argument to the . builtin command.
Specifying a filename containing a slash as an argument to the `-p' option to the hash builtin command.
Importing function definitions from the shell environment at startup.
Parsing the value of SHELLOPTS from the shell environment at startup.
Redirecting output using the `>', `>|', `<>', `>&', `&>', and `>>' redirection operators.
Using the exec builtin to replace the shell with another command.
Adding or deleting builtin commands with the `-f' and `-d' options to the enable builtin.
Specifying the `-p' option to the command builtin.
Turning off restricted mode with `set +r' or `set +o restricted'.