[SunHELP] (no subject)
Paul Walsh
sunhelp at sunhelp.org
Thu Dec 13 03:16:56 CST 2001
>Message: 9
>From: ymui at royalsunalliance.ca
>Date: Wed, 12 Dec 2001 11:58:07 -0500
>Subject: [SunHELP] Define users with FTP access only
>Reply-To: sunhelp at sunhelp.org
>
>Hello Administrators,
>
>How do you define a user with FTP access to files he can read only ? That
>is, he cannot even sign on to Solaris.
>
>Suggestions/comments much appreciated.
>
>Thanks, Y. Mui.
Set the user up with a "shell" of /etc/ftponly (where ftponly is the
script at the end of this message)
usermod -s /etc/ftponly username
This will stop the user logging on but will still allow them to FTP to/from
the system
Hope that helps,
Paul Walsh
Senior Systems Administrator, IT Services,
University of Central England, BIRMINGHAM B42 2SU, UK
Tel: +44 (0)121 331 5708 Fax: +44 (0)121 356 2875
#!/bin/sh
#
# ftponly shell
#
trap "/bin/echo Sorry; exit 0" 1 2 3 4 5 6 7 10 15
#
IFS=""
# Set Admin to your administrators email address
Admin=Admin at your.dom.ain
System=`uname -n`
#
/bin/echo
/bin/echo
"********************************************************************"
/bin/echo " You are NOT allowed interactive access to $System."
/bin/echo
/bin/echo " Direct questions concerning this policy to $Admin."
/bin/echo
"********************************************************************"
/bin/echo
# send a message to syslog
logger User ${LOGNAME} attempt to login to Solaris denied
#
exit 0
More information about the SunHELP
mailing list