[Freeipa-users] User policies
Michael Rainey (Contractor)
michael.rainey.ctr at nrlssc.navy.mil
Wed Apr 12 20:51:18 UTC 2017
Greetings,
I have a question about user policies which I hope some can provide some
guidance. I have a small set of users who are tightly restricted on our
network. They are only allowed to log into certain machines, and mount
specific filesystems located on other machines. At the moment we have
these systems locked down through a combination of local system
accounts, and static mounts in fstab.
I have setup a few test accounts, created an HBAC Rule, and a custom
automount map for each account. Is this the best way to achieve this?
Is there a way to create a policy to restrict users to specific
filesystems? In my ideal world, it would be great to have the
restricted user to login, have the restrictions applied, then have a
non-restricted user log onto the same machine, and still have access as
they would on another machine.
So, what are your thoughts/
--
*Michael Rainey*
Network Representative
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20170412/f1dbd441/attachment.htm>
More information about the Freeipa-users
mailing list