| delorie.com/archives/browse.cgi | search |
| X-Recipient: | archive-cygwin AT delorie DOT com |
| DomainKey-Signature: | a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id |
| :list-unsubscribe:list-subscribe:list-archive:list-post | |
| :list-help:sender:message-id:date:from:mime-version:to:subject | |
| :references:in-reply-to:content-type:content-transfer-encoding; | |
| q=dns; s=default; b=uYUbTJaSxMxEwEOYxR/hYj1SjqW091LY8OV51jKyQsK | |
| SnMYKqj7WEVDuXSGzxMPnOXj9RmP+GS3Ucu3kMTUKa2jTq+iUm383JNeeTRNTfFX | |
| OAd2NtRbVVutQs9gIIzciU3tIMdtCDVsqIssxtyTjIhPe5eaBGkqyoGgW/t6NFu8 | |
| = | |
| DKIM-Signature: | v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id |
| :list-unsubscribe:list-subscribe:list-archive:list-post | |
| :list-help:sender:message-id:date:from:mime-version:to:subject | |
| :references:in-reply-to:content-type:content-transfer-encoding; | |
| s=default; bh=kJqR7xCGAnv5wPLELXYPM4cZzLE=; b=mBMYbFxH4xNwkPcqh | |
| Kg3du4rIvLJO3cJKj96KTn/FrF3oQJxI8srfQuooIf+FC/cNBTd5jUNXwNPemTUN | |
| DO6aV8uMkU8pKfhdfHqSPs2cnwzLnfsyOgQEnbEcl0Z1tanzKCNxdPPeKG1UVSZL | |
| miwbtVfDycTmzANRKj0N3vrfw0= | |
| Mailing-List: | contact cygwin-help AT cygwin DOT com; run by ezmlm |
| List-Id: | <cygwin.cygwin.com> |
| List-Subscribe: | <mailto:cygwin-subscribe AT cygwin DOT com> |
| List-Archive: | <http://sourceware.org/ml/cygwin/> |
| List-Post: | <mailto:cygwin AT cygwin DOT com> |
| List-Help: | <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs> |
| Sender: | cygwin-owner AT cygwin DOT com |
| Mail-Followup-To: | cygwin AT cygwin DOT com |
| Delivered-To: | mailing list cygwin AT cygwin DOT com |
| Authentication-Results: | sourceware.org; auth=none |
| X-Spam-SWARE-Status: | No, score=-3.1 required=5.0 tests=AWL,BAYES_00,KAM_NUMSUBJECT autolearn=no version=3.3.1 spammy=expertise |
| X-HELO: | Ishtar.sc.tlinx.org |
| Message-ID: | <5D1FA591.4050605@tlinx.org> |
| Date: | Fri, 05 Jul 2019 12:31:29 -0700 |
| From: | L A Walsh <cygwin AT tlinx DOT org> |
| User-Agent: | Thunderbird |
| MIME-Version: | 1.0 |
| To: | cygwin AT cygwin DOT com |
| Subject: | Re: Domain User restrictions - Windows server 2012 R2 |
| References: | <9e8b10829e18453f9e3af064a0d67c7c AT ATGRZSW1694 DOT avl01 DOT avlcorp DOT lan> <CANV9t=SFgKkmzpy6-LfLdR-Arvw34BwqpvMvznC2dKRKgUYYqg AT mail DOT gmail DOT com> |
| In-Reply-To: | <CANV9t=SFgKkmzpy6-LfLdR-Arvw34BwqpvMvznC2dKRKgUYYqg@mail.gmail.com> |
| X-IsSubscribed: | yes |
On 2019/07/03 10:01, Bill Stewart wrote: > On Wed, Jul 3, 2019 at 2:41 AM Bergbauer, Daniel AVL/DE vwrote: > > >> What I want now is, to restrict every user, who connects to the server via ssh, to its home folder /home/'username' == C:\projects\'username' >> I don't know if this would work or be easy, but you could add everyone to a special group, say 'cygmake', then use windows permission to disallow access to directories they shouldn't be able to enter using a windows "deny" entry. You might have to play with it a bit, since you want them to have execute access to the windows binaries, but maybe not read(?) Never tried that before, but if that works...might solve your problem. Also, for their individual directories, you might want them only readable by the user themselves -- so no other users can read it. It's not ideal, since it involves changing permissions everywhere you don't want them going, but at least, it has the benefit of being limited to the 1 group you'd have to restrict. I feel like I'm lacking sufficient expertise in windows to come up with a good solution -- maybe asking the question in a windows forum about how to do the equivalent of chroot or restricting them to their directory and some list of windows directories? good luck! -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
| webmaster | delorie software privacy |
| Copyright © 2019 by DJ Delorie | Updated Jul 2019 |