On Mon, Jan 11, 2021 at 01:24:46PM -0500, Bill Oliver wrote: > The only thing I know about is putting in a bashrc that limits their > PATH to their own /home/<user>/bin file for executables, and then > adding only the executables I want them to have. So, I guess I could > do that, and just put nothing in the /home/<user>/bin file. > > Is there a better way to do this?
Yes. Give them a shell which is not listed in the file `/etc/shells`. There is a binary `/sbin/nologin` which is traditionally used for this purpose. sudo usermod -s /sbin/nologin username . If you need something more sophisticated than that, you should look at the PAM authentication stack -- it is possible to configure pretty much any service so that only users in certain groups are allowed, for example. -- Matthew Miller <mat...@fedoraproject.org> Fedora Project Leader _______________________________________________ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
