Lock Users To Home Directory

I needed to give access to a user (a web developer) but didn’t want them to be able to go anywhere but their home directory. The server is running Ubuntu 9.10 x32. No GUI.

A brief search found a shell called Iron Bars restricted SHell for linux (IBSH). This also allows you to prohibit certain commands from running.

wget http://downloads.sourceforge.net/project/ibsh/ibsh-binary/ibsh_debian_binary/debian_ibsh.deb?use_mirror=cdnetworks-us-1
dpkg -i debian_ibsh.deb
apt-get install -f
nano /etc/ibsh/globals.cmds

You can put whatever commands you want to allow in that file. Save it.

nano /etc/passwd
Change the shell of the user to /bin/ibsh

Login as the user and test it out. Try to cd /etc or rm -rf / and see what happens.

The Link is http://downloads.sourceforge.net/project/ibsh/ibsh/ibsh-0.3a/ibsh-0.3a-i386-linuxbsd-src.tar.gz?r=http%3A%2F%2Fsourceforge.net%2Fprojects%2Fibsh%2F&ts=1288626692&use_mirror=iweb

Leave a Reply

Your email address will not be published.