Changes between Version 7 and Version 8 of UnprivilegedUser


Ignore:
Timestamp:
10/18/12 09:58:49 (12 years ago)
Author:
eugenekay
Comment:

Make 'openvpn' user more restricted

Legend:

Unmodified
Added
Removed
Modified

  • UnprivilegedUser

    v7 v8  
    1919                $openvpn --daemon --writepid $piddir/$bn.pid --config $c --cd $work $script_security
    2020            else
    21                 su $OPENVPN_USER --command="$openvpn --daemon --writepid $piddir/$bn.pid --cd $work --config $c $script_security"
     21                su $OPENVPN_USER -s /bin/sh --command="$openvpn --daemon --writepid $piddir/$bn.pid --cd $work --config $c $script_security"
    2222            fi
    2323}}}
     
    5454[root@hostname ~]# mkdir /var/lib/openvpn
    5555[root@hostname ~]# chown openvpn:openvpn /var/lib/openvpn
    56 [root@hostname ~]# usermod -d /var/lib/openvpn -s /bin/sh openvpn
     56[root@hostname ~]# usermod -d /var/lib/openvpn -s /sbin/nologin openvpn
    5757}}}
    5858