[Freeipa-users] deny read Access to passwd for external users
Jakub Hrozek
jhrozek at redhat.com
Mon Jan 4 08:04:57 UTC 2016
> On 17 Dec 2015, at 11:35, José Garcia <jose.garcia at zap.co.ao> wrote:
>
> Hi guys, merry christmas and happy new year.
>
> I have a freeipa (4.1.0) server on a centos 7 machine and its working fine even with active directory integration.
>
> But I would like to know if is it possible to deny read access to certain system configuration files and directories
> within the server and on clients , such as /etc/passwd for example.
Same as for any users - either with UNIX DAC file permissions or SELinux. There is really nothing special about IPA users with this respect.
btw The IPA users are not stored in /etc/passwd and in general the data in /etc/passwd is not sensitive.
> --
> Best Regards
> --
> Manage your subscription for the Freeipa-users mailing list:
> https://www.redhat.com/mailman/listinfo/freeipa-users
> Go to http://freeipa.org for more info on the project
More information about the Freeipa-users
mailing list