Thursday, March 20, 2014

Solaris: Restricted ftp access

groupadd partsftp
useradd -c "F1 performance project" -d /root/home/partsftp -g partsftp -m -s /usr/bin/false partsftp
svcadm -v enable ftp



Change user's home directory to /u01/network:
Code:
usermod -d /u01/network ftp_user

Then add:
Code:
restricted-uid ftp_user
to /etc/ftpd/ftpaccess file.


server1# vi /etc/shells
"/etc/shells" [New file]
/usr/bin/false



    deny-uid uid-range [uid-range...]
     deny-gid gid-range [gid-range...]
     allow-uid uid-range  [uid-range...]
     allow-gid gid-range [gid-range...]



/etc/ftpd/ftpaccess example
--------------
.
.
.
. omitted

# limit-time    anonymous       30
# limit         anonusers       10      Wk0730-1800       /etc/ftpd/toomany.msg
# limit         anonusers       50      SaSu|Any1800-0730 /etc/ftpd/toomany.msg
restricted-uid partsftp
allow-uid partsftp
deny-uid *
defumask 022
server1#
at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

UNIX: How to print column nicely using printf

[user@hostfwnms1-oam tmp]# cat b.sh printf "%-26s %-19s %-8s %-8s %-s %-s\n" HOSTNAME IP PING SNMPWALK 0-ok 1-fail for i in `cat n...

  • Solaris: rsync in parallel
    This does increase the amount of CPU and I/O that both your sending and receiving side use, but I’ve been able to run ~25 parallel instance...
  • AIX How to kill session on vtmenu
    syntax: rmvterm –m {msys} –p {lpar} # rmvterm -m Server-9117-570-SN103FACD_B -p WBITVIO2
  • VERITAS Cluster command list
    Cluster operations Start VCS hastart [-force-stale] hasys -force system Stop VCS hastop -local [-force-evacuate] hastop -sys system [-force-...