Once done, the Pseudocode of the rule should look like the following:
Begin Rule: root with EAC If ((command IN EAC as root) AND (user IN sshadmins)) Then Set Authorize: yes Set Session Capture: yes Set runUser = "root" Run Script: Enhanced Access Control Policy(policy:path default all:logpath /data/hr/** !all:log=9) Stop if authorized End If End Rule: root with EAC
1. Login as brett and become root by typing 'usrun eacroot' 2. Change to /data/, notice the 'hr' folder show's all questions marks (Enhanced Access Control Policy does not allow the user to know about the Folder properties) 3. Attempt to change into the 'hr' folder - get permission denied.
saqibfarooq87;231956 Wrote: > Hi, > > I am new to the NPUM and I have a querry. > > I have users in /bin/bash login shell and I want to restrict them to > access a folder. Is it possible to do so by using novell priviledged > user manager. > > If yes can you guide me the way to do so. > > Thanks in Advance for your help. > > Best Regards, > > Saqib Farooq