From: Kevin Raubenolt (raubenol@ohio.edu)
Date: Thu Oct 17 2002 - 09:31:48 EDT
Sorry if this is a dup, but I signed the previous message which upset the
mailing-daemon which indicated the message was not sent.
I have a machine running Enhanced Security (C2) Tru64UNIX 5.1A which I have
to give "non-sysadmins" access to. I want to chroot them into a directory
to prevent the users from causing any harm to my system. I have configured
a login shell that will do this. This directory also has /bin, /etc, /usr,
... in-order for the users to execute commands. However, I have run into a
couple of problems.
1. passwd does not work when the user logs into his/her account.
>passwd
Change password: <user_name>: unknown user.
I assume this is caused because I have not moved the TCB database into the
user directory. My question is how would you accomplish this chroot user
environment which would support password changes? Is it as simple as
moving the TCB database and files? My concern would be that the user
accounts profiles would be separate from the system database and password
changes would not "actually" change the user's passwd.
2. I believe this is linked to the previous problem of user profiles not
being available but ps, w, and uptime do not provide information on
processes or users.
Kevin Raubenolt Network Engineer
Ohio University Communication Network Services
-------------------------------------------------------
My PGPKEY: http://oak.cats.ohiou.edu/~raubenol/pgp.html
or http://pgpkeys.mit.edu/ search: raubenol
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:48:56 EDT