5 Replies Latest reply on Jun 12, 2012 11:41 AM by Mike Jones

    Best way to give restricted NSH access to a server

    Mike Jones

      I would like to enable restricted nsh access to a server from another role.

       

      Ideally this role would not be able to see the server in the BladeLogic console and would only be able to copy files to and from a set directory with nsh to another server the restrictedrole has full access to.

       

      I know that the following will work by add this to the users.local

       

      restrictedrole:*     rw,map=localuser,commands=nexec

       

      This will allow me to run an nsh script job as restrictedrole which uses ncp.

       

      However I would like to restrict folder that this role can access but changing the entry to

       

      restrictedrole:*     rw,rootdir=/transferfolder,map=localuser,commands=nexec

       

      results in a "login not allowed for user" error

       

      Is it possible to do this using nsh permissions and even restrict command to ncp only

       

      Thanks

       

      Mike