We have linux (Ubuntu) desktops that are join to a domain using SSSD, i want to restrict users from accessing other users home directory and files for old and new users. It is possible set this automatically ?
Asked
Active
Viewed 203 times
1 Answers
0
For existing users, chown go-rwx /home/* (or wherever the users' home directories are).
For new users, make sure that whatever you're using to auto-create home directories for new users (probably PAM module pam_mkhomedir.so?) is configured to create home directories with suitable protection: this can be achieved by adding the umask=0077 option to the pam_mkhomedir.so line.
telcoM
- 4,448
- 15
- 25
-
Thank you very much, that solved my problem – John T Apr 16 '20 at 08:05
-
You don't have enough reputation yet to upvote answers, but you can still mark an answer as *accepted* - it's even better than a regular upvote. Click on the green checkmark just below the voting arrow buttons next to my answer. – telcoM Apr 16 '20 at 11:57