Fedora Networking :: Modify The Script To Allow Non-root Users Similar Features?
Mar 28, 2011
I spent some time programming a useful script which presents the user with a UI of all the samba/W2K8 servers and shares on the domain and they check off the shares and the script maps them. The script can only be run as root because mount doesn't allow users to execute. I was asked to modify the script to allow non-root users similar features. I was able to get this working by running the commands:
Code:
# chmod +s /sbin/mount.cifs
# chmod +s /sbin/umount.cifs
Can someone please explain to me what the 's' option means? The man pages only go as far as to say that it allows for setting suid but I don't really know understand that means or what the implications are by doing this. In a perfect world I would like to create a security group and add users into that group and then grant that group permission to run mount.cifs/umount.cifs rather than making such a drastic global change to a core binary. how I might go about granting members of a group permission to run hand-selected commands like mount.cifs?
Post added at 07:07 PM Previous post was at 04:40 PM Ok, I read up on the /etc/sudoers man page and I think I have a more elegant solution to this problem of user mountable samba shares. I restored my mount.cifs back (chmod -s /sbin/mount.cifs) and I used visudo to grant the access.
Code:
%smbusers ALL=NOPASSWD:NOEXEC:/sbin/mount.cifs,/sbin/umount.cifs
This allows any users in the smbusers group to run mount.cifs/umount.cifs with sudo but without being prompted for a password.
View 2 Replies
ADVERTISEMENT
Mar 18, 2010
I am used to a certain root menu. I want to be able to modify the root menu. how do I do it. I mean the menu that come up when I right click on the desktop..
I am on x86_64 FC12 - Gnome.
currently it has "create folder, create launcher etc.. "
View 3 Replies
View Related
Jan 18, 2011
How can i see history of all sudo users and all root users in fedora 13 ? history command only shows one users history ?
View 5 Replies
View Related
Dec 21, 2010
My linux distro is CentOS 5.3. Today I edited /etc/sysconfig/readonly-root and set "READONLY" to yes, now my /etc/sysconfig/readonly-root file is like this:
# Set to 'yes' to mount the system filesystems read-only.
READONLY=yes
# Set to 'yes' to mount various temporary state as either tmpfs
[code]...
View 3 Replies
View Related
Jul 11, 2011
I'm very new to Linux, i'm running Ubuntu and i'm trying to install a program. In the instructions it says "Check that you ARE NOT root, never run similar tools as root! just change file permissions". How do i check if i'm root or what am I supposed to do here?
View 7 Replies
View Related
Feb 3, 2010
modify the panel for all users?
View 2 Replies
View Related
Jun 14, 2010
I have an Openldap server and many 9.10 servers using it to check for possible ssh users. No problems there. Just brought up my first 10.04 server and went through the same procedure to allow ldap users to ssh in, works great. The problem is that ldap users cannot su to root on the 10.04 server. Only locally defined users can su to root, though they cannot su to ldap users. The local root user can su to anyone. Quick overview of how I installed ldap login:
Code:
# apt-get install libnss-ldap
# echo "session required pam_mkhomedir.so skel=/etc/skel/" >> /etc/pam.d/common-session
And added ldap to the end of these lines in /etc/nsswitch.conf:
Code:
passwd: compat ldap
group: compat ldap
shadow: compat ldap
This process has worked without a hitch on 9.10 dozens of times. So my question is, why are ldap and local users now incapable of using su across authentication mechanisms? For reference these are the error messages in /var/log/auth.log when trying to su to root from an ldap user:
Code:
Jun 14 16:17:07 server unix_chkpwd[6560]: check pass; user unknownJun 14 16:17:07 server unix_chkpwd[6560]: password check failed for user (root)
Jun 14 16:17:07 server su[6559]: pam_unix(su:auth): authentication failure; logname=ldapuser uid=2000 euid=2000 tty=/dev/pts/5 ruser=ldapuser rhost= user=root
Jun 14 16:17:09 server su[6559]: pam_authenticate: Authentication failure
Jun 14 16:17:09 server su[6559]: FAILED su for root by ldapuser
And the auth.log for trying to su to an ldap user from a local one:
Code:
Jun 14 17:18:18 server su[8473]: pam_unix(su:auth): authentication failure; logname=localuser uid=1000 euid=1000 tty=/dev/pts/0 ruser=localuser rhost= user=ldapuser
Jun 14 17:18:18 server su[8473]: Successful su for ldapuser by localuserJun 14 17:18:18 server su[8473]: + /dev/pts/0 localuser:ldapuser
Jun 14 17:18:18 server su[8473]: bad group ID `2000' for user `ldapuser': Operation not permitted
View 2 Replies
View Related
May 18, 2009
If a root user set an environment variable for users, how to let users not modify or unset the variable?
View 4 Replies
View Related
Sep 29, 2010
Samba up and running on my pc. pc runs FC12 with kde. A laptop has win vista. The pc can access the shares on the laptop but the laptop has authentication issues to access the pc. Note that windows doesnt enforce authentication forincoming network connections.Using the system-config-samba util i tried to map a windows user to the unix user "feduser". The laptop (named LAPPY) has a user (lapuser) which has on windows no password.What should I tell samba config what the windows username should be? lapuser or LAPPYlapuser doesnt work because when accessing the pc via the laptop, the authentication fails. The only auth that is successful is when choosing the same winusername as the unix username.
Secondary, id like to setup the laptop so that the user doesnt have to provide a name and password, or at least not more then once in the lifetime of the laptop. Note that you cant provide an empty password to system-config-samba. How is that possible?
Strange but not really on issue imho:the samba - KDE control module(kcmshall4) (and the smb.conf) shows 2 shares: the homedirs and the data dir the samba server configurator (system-config-samba) shows only the datadir.
View 3 Replies
View Related
Jul 24, 2011
I find FTP server software confusing in Linux. Using ServU for Windows for an example, all I need to do is to create users via the ServU interface and choose a folder I want that user to have access to and their permissions, and viola, they can connect to that directory, and that directory only.
But in the the land of Linux, it apparently can't be managed this easy. I have a web server with multiple domains, and therefore multiple users need access to their own web root. So with that in mind, what FTP server software should I use (there are plenty out there) and how would I go about to create a user per domain, so that they can log in using FTP to manage their site, and only have access to their own web root, and nothing else?
View 2 Replies
View Related
Oct 25, 2010
i've been wondering how do i know if some users create/modify/delete file/directory in linux, i've been using pyinotify in python script.this script like the example from the manual:
Code:
#!/usr/bin/python
import pyinotify, os, time
[code]...
View 10 Replies
View Related
Jan 16, 2010
I recently switched from ubuntu to fedora and had a script to mount and umount sshfs when the network changed states. I placed the scripts in /etc/network/if-up.d/ and /etc/network/if-down.d/ and they were run any time the network went up or down. The closest thing I've been able to find is editing the ifup and ifdown scripts in /etc/sysconfig/network-scripting/, but that looks like it would be broken after an update. I'd also rather not use a script with ping because that wouldn't work well when the network goes up and down several times.I've been looking for a while and haven't been able to find a method similar to debian on fedora. Is there something I overlooked?
View 3 Replies
View Related
Feb 20, 2010
i do need to create 1 user who has similar to root privileges but the username will not be root.
View 13 Replies
View Related
Dec 12, 2008
I need to login as root , when linux starts to show login window
But it shudnt be as
1) spawning a new terminal and do commands lik startx -- :3
2) without going in recovery mode
I need to login through login window as normal process
View 7 Replies
View Related
Sep 9, 2009
i am using fedora 7. i want that, users other than root should not be able to shutdown the system, i had already changed the mode of /sbin/shutdown to -rwxr-w--(750)
View 1 Replies
View Related
Jul 1, 2010
When I try to start MySQL and httpd as a non-root user, I get error messagesstating that the user does not have permissions to start the services.I have checked the permissions of mysqld and httpd in /etc/init.d .. both of the files have rwxr-xr-x permissions.When I add the line%groupname ALL=(ALL) ALL in /etc/sudoers, I am able to run the services using sudo.How do I allow non-root users to install/uninstall/configure softwares and start/stop services ?I have tried with
SUI=/usr/bin/sudo -i, /bin/su
SOFTWARE=yum
%groupname ALL=(ALL) SOFTWARE, !SUI
[code]...
View 1 Replies
View Related
Apr 7, 2010
I created 3 partitions on my usb stick, one is vfat, one ist ntfs and one is ext4.And i formated them like this:
Code:
mkfs.vfat -F32 /dev/sdg1
mkfs.ext4 /dev/sdg2
[code]....
View 2 Replies
View Related
Nov 18, 2010
I have developed an application, in C language, that should received the EPOCH time (6 bytes) at about every 30 min. What function should I use as a non root user to modify the System Time.? The idea is that the same application could update the System Time. I am using Ubuntu.
View 1 Replies
View Related
Jul 4, 2010
The normal user is now in the sudoers group. How can i allow it to install programs using it's own password rather than having to know the super-secret Root-Users password?
View 5 Replies
View Related
Aug 22, 2010
I'm connected to the internet using a wireless router. Each time I boot, I have to grant root privileges and type in a shell: iwconfig wlan0 essid linksys key dhclient wlan0 Isn't there a file(or location) that I can modify to automatically grant root privileges and execute these commands when debian starts? Something like autoexec.bat in windows.
Something else I'd like to mention is when I execute iwconfig.... for the first time, I get this incomplete result:
IEEE 802.11bg ESSID:"linksys"
Mode:Managed Access Point: Not-Associated Tx-Power=27 dBm
Retry long limit:7 RTS thr:off Fragment thr:off
Encryption key***********
Power Management:off
[Code]...
View 4 Replies
View Related
May 23, 2010
My squid server works fine in fedora 11 system . Is there any web like interface for admins to create,change,modify users of squid and to view their logs.
View 1 Replies
View Related
Apr 26, 2010
I am encountering problems to configure my firewall (through iptables) to allow apt-get features, like update and install.I have the latest debian server running in a virtual machine in my windows xp and therefore I have two interfaces in this debian server:- NAT Interfaceinet: 10.0.2.15- Host Only Interfaceinet: 192.168.56.101So far my iptable rules drop all packets for default, in exception icmp and ssh that I allow to ping and connect from my windows xp. Both of them I use only the Host interface (192...) to connect to another 192... interface on my windows.
Those are working fine, but apt is not. I know, in this very moment it shouldn't. But I made a lot of attempts trying to configure the iptables allow connections through the 80 and 21 ports from/to NAT and Host. I think I made all possible combination (or not, because it didnt work). But I'm wondering if someone more experient can help me solve this problem.
View 11 Replies
View Related
Jul 22, 2009
i want to use the ubuntu package manager, because it is much easier to find programs, and it has sortable lists and the popularity of all the different programs, i've installed synaptic package manager, but its not the same as on ubuntu, how i can get a package manager with all the features of the ubuntu one?
View 14 Replies
View Related
Aug 20, 2011
I am having some problems installing Fedora 15 64-bit. I use the install DVD. I have an AMD Phenom and a NVidia 8600GTS. When I install using the normal method, my screen freezes somewhere in the settings screen for choosing the computer name. If I use the basic video driver for installing I have no problem. However after everything is installed, and Fedora starts, Gnome says that it failed to start and some features are not available.
I found some information at [URL] that I tried. However after installing kmod-nvidia and rebooting I no longer see any graphical display. A lot of text is on the screen without any error, but no x-windows appears. What can I do to install Fedora correctly and have a good working system? Is the 32-bit version easier to get it working? How can you recover from a system that does not start? What I could do to recover from it.
View 13 Replies
View Related
Apr 4, 2011
i have a Domain Cotroller installed on Windows & DHCP Server installed on Ubuntu. i want to give access only authenticated Users(Active Directory Users) can get IP from DHCP. No one else canis there any option available here in DHCP ???
View 2 Replies
View Related
May 31, 2010
Just replaced Ubuntu with Fedora, as 10.04 went berserk with my old tpad t42. f13 seems nice.I want to enable the Dynamicclocks feature (graphics chips frequency scaling). I know how to do it with x.org.conf, but now i is gone, and i am not sure. How to make use of Graphics Chips Power Management features
View 2 Replies
View Related
Mar 3, 2011
I have downloaded a package when i have logged in with a user that is not root. I download the package and it is under the folder "Downloads". When i try to unzip the package it sägs that the user does not have the priveliges to run the command. When i change to the root with the command "su -" i cannot see the package to unzip it from the root user prompt. What shuold i do?
View 7 Replies
View Related
Apr 1, 2010
I am having trouble with flash player. Well first I had some trouble with my router and rebooted linux. Then, flash wouldn't play sound anymore. I updated flash etc but still no sound. Then I tried as root administrator and flash sound works fine there.
So I checked the sound preferences from the Control Center and found out, all output devices are set to autodetect instead to one of the output devices I have. But when I switched to the user account to change the preferences accordingly, no sound was played at all.. Also, when I want to use the loudspeaker icon at the bottom to reach the volume control in the user account, I get an error message stating there was some connection refused.
Deneck
View 9 Replies
View Related
Dec 30, 2010
I'm running 10.10 64-bit and have configured it for root graphical login for administration of the system. When I log in as root, I can run all menu items in System -> Administration with the exception of Users and Groups. When I try running this, the application starts, but I only get an animated spinning disk that doesn't stop, can't modify the users properties and I can't close the application unless I go to System -> Administration -> System Monitor -> Processes tab , highlight users-admin and click End Process.
View 6 Replies
View Related
Feb 10, 2011
Feb 10 (today) user qt4 extracts from cd /var/log/secure grep -i 'feb 10' secure Something wrong with pam or selinux? I have not fooled with pam or selinux in decades The secure file seems to report problems I do regular yum update s from secure: above
secure:Feb 10 08:00:20 localhost pam: gdm-password[2396]: pam_unix(gdm-passwordession): session opened for user qt4 by (uid=0)
secure:Feb 10 08:00:48 localhost polkitd(authority=local): Unregistered Authentication Agent for unix-session:/org/freedesktop/ConsoleKit/Session1 (system bus name :1.37, object path /org/gnome/PolicyKit1/AuthenticationAgent, locale en_US.UTF-8) (disconnected from bus)
[code]....
I can login to qt4 from another user via "su - qt4" I would be shot if I inserted the inserted secure file
View 3 Replies
View Related
