Debian :: Suid And Writing Files Permissions In The ET Server?
Feb 22, 2010
I have tried to configure an Enemy Territory Server in an way that a common user could run it just executing a command line. The first thing I did was writing a script like that
/usr/local/games/enemy-territory/etded +set dedicated 1 +set net_port 27960 +set fs_game etpub +set fs_homepath /usr/local/games/enemy-territory/27960 +set sv_punkbuster 1 +set +exec server.cfg +set +exec punkbuster.cfg +set +exec bots.cfg
and then putting it in the /usr/local/bin directory. Ok, the things seem to be fine, but then I realized that the program tries to write some config and log files. I noticed that because some warnings appear in the command line, like that Couldn't write etconfig.cfg always that I run the command as a normal user. On the other hand, if I give writing permission to these files, all the warnings disapear.
But I don't think it is a good way, because someone could change these files by hand, what would not be good.
My last try was to set the suid of the script up, with the command chmod u+s /usr/local/bin/etded-server
But as I already knew that suid does not work well with shell script I wrote a C source like that:
[Code]...
View 4 Replies
ADVERTISEMENT
May 10, 2010
Currently when I create a folder, it comes down as 755 permissions.
I want it to come down as 775 permissions by default.
How can I change this?
View 2 Replies
View Related
Jan 11, 2010
I have looked at a LOT of forum posts and other sites trying to solve this problem but I have had no luck. I've seen the following:[URL].. I have an entry in my fstab that lets root mount a samba share on a Windows Server 2003 machine and gives users full read/write access to the share. The fstab entry looks like:
Code:
//servername.net/share /mnt/share cifs rw,user,umask=000,username=someuser,noauto,file_mode=0777,dir_mode=0777 0 0
However, when a normal user tries to mount the share they get one of two errors:
1. If I have /sbin/mount.cifs set to 777
Code:
mount error(1): Operation not permitted
Refer to the mount.cifs(8) manual page (e.g. man mount.cifs)
2. If I have /sbin/mount.cifs set to +s
Code: mount error: permission denied or not superuser and mount.cifs not installed SUID Does anyone have any suggestions as to how I would go about getting a user able to mount this samba share?
View 1 Replies
View Related
Jan 25, 2010
For some time now, I'm having some problems with configuring an NFSv4 server to let it work with a firewall. I've already searched to web, but I was unable to find a solution that works for me.
The situation is as follows:
I'm trying to connect an NFS client to an NFS server that is behind a firewall. I don't have access to this firewall, but I can contact the administrator to open some ports for me. I already did this for opening port 2049.
The result is that the client can read files from the server, but is unable to write files to the server. I believe that for writing an extra RPC-connection needs to be set up. However, the ports on which the RPC-connection is set up, seem to be different for every connection (I verified this using 'netstat -tn').
Clearly, this is a problem since the server is protected by the firewall.
Thus, what I want to do is configure the server in such a way, that it always uses the same server-side port(s) to connect with the writing clients (just like 2049 for reading). I've already tried to configure the /etc/default/nfs-kernel-server and /etc/default/nfs-common files, but that hasn't really worked out yet.
Note: Because I don't like to contact the system admin every day, I hooked up 2 computers (client/server) on which I set up the same configuration (without the firewall). I'd like to see it working on those machines first (that is, 'netstat -tn' showing the correct port), before I contact the admin to open some extra ports.
View 2 Replies
View Related
Apr 26, 2010
what is suid or nosuid and would it override nfs server? I really don't know what this all means. whats the difference?
View 1 Replies
View Related
Jan 17, 2011
I would like not check first, and if not ok, then to write the permssisions. Means no use to write endessly on disk if not needed. How to check and fix the permissions to avoid writing (chmod o-rwx /home/*) ?
View 3 Replies
View Related
May 18, 2011
I have inherited ownership of a Debian server process that logs its error message to stdout/stderr. Currently its initscript has lines like:
start-stop-daemon [options] --exec $DAEMON -- $DAEMON_ARGS < /dev/null 2>&1 | logger $LOG_OPTIONS 2> /dev/null &
I have tried to abstract as much of that away as possible. The options specify a pid file, to make a pid file. A subsequent line tries to establish whether the process is up, though I think several conditions are not checked for. This script seems pretty ropey to me. I am trying to start again with the lsb-base one in /etc/init.d/skeleton though that is going to require a lot of modification. get the code change to use the syslog API however that is out of the question at least for now.
1.) Create a named pipe
2.) Start up a logger daemon that reads from the named pipe
3.) start up the server process that writes to the named pipe
It would be ideal for this if start-stop-daemon offered options to specify where the IO of the daemon process should be redirected to. However I am not about to offer to adopt that package (with ~400 bugs) so I doubt that will happen. Trying to specify the redirection on the command line does not work. In the case of the logger daemon start-stop-daemon seems to hang on the system call. In the case of the server process the pipe gets closed when start-stop-daemon exits, so the logger daemon exits. None of that seems surprising.So what I am doing now is to write simple wrapper scripts for the server and logger processes. Both wrapper scripts have this structure:
1.) sanity check the arguments
2.) exec program [suitable redirection of IO]
Then the start-stop-daemon can call the wrapper scripts as daemons. From my experiments so far this seems to work. However I feel a bit uncomfortable with this. It introduces several new wrapper scripts.I cannot think of any obvious security holes but I suppose race conditions are inevitable.
View 1 Replies
View Related
Apr 26, 2010
I have a Samba share set up on a SUSE server that about 30 Windows XP clients are connecting to on a daily basis. They connect using Winbind and their Active Directory usernames and passwords which are stored on a Windows small business server (Server 2003). The share is called "company" and it's right off the root of the partition. Within "company" there are about 75-100 folders, most of which need to be publicly available and publicly writeable. There are a few that need to be locked down to a certain group of people so I've used group membership and access control lists for those.
The permissions on new files/folders still aren't right though, so I'll just try to explain what I WANT rather than trying to resolve what is HAPPENING since I think that'll be easier. Currently the entire company directory and all subdirectories and files are user-owned by "administrator" (an active directory domain admin). I'd like new folders and files created anywhere in that directory or any subdirectory to maintain that ownership by administrator, regardless of who creates them.
Likewise, the entire directory and all subdirectories/files are group-owned by "domain users" (a builtin active directory group which is pulled in via winbind) which gives everyone write access to everything. I'd like that ownership to be maintained as well on any new files or folders created in /company or any subdirectory therein. I think this is working for the most part as I've set the setgid bit on company. I'd like any files or folders created in /company or any subdirectory therein to have 770 permissions (rwxrwx---).
So, what I want is regardless of who creates a file or folder anywhere in "company" - it should be owned by user "administrator" and group "domain users" and have 770 permissions. I'd like to make a little tweak to this post. Above I said I wanted anything created under Company to be created with group owner "domain users" - that actually only goes for anything that will be public. On the folders I have locked down via group membership and ACLs the new files/folders created within should maintain ownership of whatever group owns that directory. I should be able to do this by setting rwxrws--- permissions on secured directories.
View 2 Replies
View Related
Feb 24, 2016
How do I do this?... I'm sick of running into this... permission denied :
I'm sudo and admin.
View 14 Replies
View Related
Feb 3, 2010
I'm having an issue that I've seen before on other OS's (Solaris), but I'm coming up blank on solving for an NFS mount shared from RedHat I've googled this, and looked through all the FAQs and mail lists I can find.
The issue is this:
Whenever a new file is created from an NFS client to an NFS mounted file system, the group and world permissions are being stripped such that any new file created ends up with 0600 as the file permissions. On the server, I have tried various sharing options (all_squash, anonuid, anongid, no_acl) with no luck. I've looked at the underlying mount point ownership and permissions, checked the file system acl's (getfacl...they match the visible file system), and set the custom SELinux (not mine) config to permissive. The file system is on an LVM partition, and has an SELinux group assigned in /etc/fstab. I've unmounted it, and performed a vanilla mount (no options). No amount of trial and error is working. Any file created by any user on an nfs client machine creates files with 0600 permissions, and local users on the nfs server create files with permissions based off their umask settings. I originally thought it was due to mismatches in permissions from Windows to Linux (The server also NFS shares to Windows 2K boxes using hclnfsd (PC/NFS)), but I confirmed the same issue between RedHat systems.
One thing I'm wondering from my reading. It's mentioned in many places that ownership should be root in most cases and not some other user. This entire file structure is owned by a user that is ONLY local to the server box (long story, but the box is isolated....no DNS and only local users and settings).
View 3 Replies
View Related
Jul 1, 2010
I am using RHEL 5 on my server. The client machines are windows XP.File sharing is through samba server which is working okay. On this file server there is a shared directory for users. This directory contains files which are used by various users through oracle APP. and DB server.
At present the folders under the "shared" folder are having all permissions i.e. 777. To restrict certain things, I want that users may read and modify the files but may not be in a position to move or delete the files. How to set the permissions on the folders/files in this scenario?
View 1 Replies
View Related
May 11, 2010
How can i find all of the files on the server with permissions 777?
View 2 Replies
View Related
Mar 31, 2010
just thought i would throw this out there as a google search doesnt even come back with what i need. I have setup proftp with a mysql auth on a debian box. When i save files or try to modify them i get an error. Ie i dont have permission. When i look at the permissions for the files, it has a 2001 user permission and a ftpgroup as the group permission.
I want it to be ftpuser and ftpgroup with readable and writable permissions for the user and group. This is my second proftp box and i basiclly copied the config files over from the old box.
View 12 Replies
View Related
Apr 13, 2016
I got Whonix set up, and everything in place to be running correctly and I was on cloud nine. The only problem I'm having is that whenever I try to go in and change my index.html files in /var/www/, or really do anything (add new file/folder, save or delete a file) I get the message that I don't have the right permission to do anything other than open and close the folders and files.
View 10 Replies
View Related
Nov 20, 2010
Currently have access to a VPS where we are running a small game server on ubuntu - the problem is that it is a multi-user environment, so when one person restarts the server process, all files it creates are owned by that users name and group. I have created a group called 'game' and added both users to it, but I need to know how to make all files in the game server's directory to be r/w/x for the group 'game'. Currently, I have a script that chowns and chmods all files recursively on startup, but I'd prefer not having to do this.
View 4 Replies
View Related
Jan 19, 2011
I'm new to Debian. I've read the documentation on this but it is too heavy for a new user to understand. I would like to change the default permissions for newly created files/directories.
I want all newly created files by 'user1' to have the default permissions of:
1. "owner can read and write"
2. "group can read and write"
3. "other can read only"
Permission 1 and 3 are already default. But I would like number 2 to be default as well. (the current default for group is read only).
View 9 Replies
View Related
Feb 10, 2010
After what feels like weeks have tinkering around trying to get a Samba file server set up, I've finally given up! I have 4 drives and 2 groups:
1) Dev - Available to all users in both groups (normal and admin)
2) Misc - Available to users in admin group only
3) Admin - Available to users in admin group only
4) Accounts - Available to users in admin group only
Drives 1 and 2 are working fine, with the correct access rights. Drives 3 and 4 can be browsed by admins only, but no changes can be made at all - files & directories can't be renamed/moved/deleted. What is most confusing is that Drive 2 is set up exactly the same as Drives 3 and 4. The process I went through to get them working:
[Code]...
View 2 Replies
View Related
Feb 12, 2011
Being new to Linux, i've just about got used to the Debian setup procedure now, but had a quick question on the default ownership of files and folders. On my default Debian installation, almost all the folders and files are owned by root:root. Is this the correct advised configuration or should the folders and files be owned by a user without root permissions - eg user:user?
View 12 Replies
View Related
Jul 30, 2011
I just installed LAMP server and it works. Anyway, I have problems with permissions to www/. I can't access it! Its located in /srv/www.
What do you suggest? I need to be able to freely add/modify/remove files under www/ as 'dagrevis' (not 'root').
View 1 Replies
View Related
Feb 10, 2011
I'm trying to mount a remove filesystem onto my own server. I am able to do this, however I can only access it as root, or if I chmod 777 the lot. Obviously I want to be as secure as possible, so I'd like to avoid either one of those options. Another option is to mount it directly into my home directory, but previously when I was trying out Ubuntu this caused Samba problems - and I was advised mounting in my home dir was a workaround rather than a proper fix.
I have root access with sudo on my own server. I've not set a root pasword, and until I need to I'll avoid it. I have a user account with full control over my own home directory on the remote server. I am mounting using fstab - sshfs#username@remoteserver:/media/sdk/home/username/ /media//remote/ fuse user,idmap=user 0 0
What I would like to do is without changing the permissions on the remote server change the permissions when they are mounted on my own server. I would like them to be in the group sambausers for example. Instead they are owned by root and in the group of 1024 (which I have not set). Additionally for this to work they would have to have 770 on my home server and 700 on the remote server....
View 1 Replies
View Related
Feb 28, 2010
I am trying to write .pgm images using the O_DIRECT flag in open().I have a char* buffer which has the image data. I know that I have to align the buffers and have done that using posix_memalign() yet only a part of the image gets written.Has someone used O_DIRECT for writing files successfully?
View 1 Replies
View Related
Feb 6, 2011
I want to perform an action with a shell script and then log the event in a file in /var/log. However, I keep getting permission denied error messages.
View 5 Replies
View Related
Jul 26, 2011
how to match to find matches in two different files when comparing timestamps. The fields I'm wanting to match up are in the format:
Jul 26 09:33:02
I have tried reading the file line by line and using awk '{print $1,$2,$3}' which only gets and stores the timestamp in one of the files. I've been looking around and saw this example:
awk 'FNR==NR{!a[$3]++;next }{ b[$3]++ }
END{
for(i in a){
for(k in b){
if (a[i]==1 && i ~ k ) { print i }
}
}
}' $FILE $FILE2
Which sorta works but its way over my head at the moment. The two files can be found in your /var/log/syslog and /var/log/auth.log (using Ubuntu 11.04)
View 9 Replies
View Related
Jan 1, 2011
Reading and writing text files in C?
View 9 Replies
View Related
Aug 11, 2010
How do I change folder permissions without changing the permissions of the files within the folder?
View 6 Replies
View Related
May 22, 2011
Does anyone have some material about statistics using ubuntu / linux server, or a text which generally describes the ubuntu server?I need urgent, i'm writing specialization work about administration apache and ftp server on ubuntu 10:10 server, so I need something for the conclusion.
View 7 Replies
View Related
Feb 3, 2010
I have just installed 9.10 netbook remix onto my Eeepc 901. I was previously using 9.4 Rather than clicking on shutdown icons, or going through shutdown menus, I added a keyboard shortcut to run a shell script containing the following code:
Code:
#!/bin/bash
init 0
because init needs to be run as root to have the correct permissions, I set the owner and group to be root , ran chmod 711, then chmod u+s to prevent anyone altering the script, and to allow anyone to execute it with root privelidges Since updateing to 9.10 netbook remix, I have been unable to get this to work. have applied the above changes but get a "/bin/bash: /usr/bin/shutdownscript: permission denied" error when I try to run my shutdown script from the terminal (nothing happens when I press the key combination asigned to the keyboard shortcut). If I run the shutdown script with sudo then it neatly shuts down. ls reveals the following permissions:-rws--s--x 1 root root
So it appears as if SUID and SGID are both set, and the owner/group are correct, and the script works, and yet it doesn't have the permissions to work. I installed 9.4 long ago enough that I can't remember if I had to do anything else to get it working, or has something changed between 9.4 and 9.10?
View 3 Replies
View Related
Jan 1, 2010
How do you send files, save or other wise write to CD using Mandriva Linux? On windows you get a helper menu. Linux does not offer this option in it's helper file and you can't click and drag a file in the CD folder. The dialog box reads "you do not have permission to write to this folder" when I try to drag it in and I can't change the permission signed in as Root.I don't have a clue. I wish Linux Questions would add a emotioncon that has the expression " what the hell buddy? are you on ten hits of acid?
View 8 Replies
View Related
Nov 25, 2010
the permissions for my home directory were accidentally changed from 'access files' to 'create and delete files', and I changed them back, but ever since then I am not able to change any preferences/settings at all. power management, themes, panels, emerald, anything. my user account is supposed to be the administrator, and all the user privliges are checked. how to get control of my computer back?
View 9 Replies
View Related
Jun 8, 2010
i was wondering if it is possible to run a program such as firefox or any other internet program as its own user (ie user firefox), but still in my desktop session, this way the program would have its own home folder and store all the data there, while i use it normally, i was trying to set the suid on the firefox binaries but then it doesn't starts at all.
View 6 Replies
View Related
