Is there any way to user can increase or lower his privileges? I tried by "semanage login" but it works only for admin i think. I would like for example change range form s0:c0 to s0:c0.c10 and vice versa.
View 6 RepliesI have searched somewhat this forum but haven't yet found a similar post using the keywords I entered but perhaps there is already a similar post then please refer me to it.I am trying to add a user account "Guest" to allow people on my laptop without giving them access to vital parts of the computer. Basically, I want them to only be able to view their own home directory and access internet. Nothing more.I have set the group to "guest" and changed the other home directories of other users to owner access only.
Guest still has access to root and is still allowed to perform actions in various critical areas (deleting files from for example my Windows 7 partition). This I also want to prevent. I was thinking to set each directory's permissions to Owner and Group only and remove Others access.My questions:
1. Will this have any undesirable impact (programs of main user accounts not able to access certain directories)? For guest user I don't care as long as internet works.
2. When I start User Manager and disable for Guest all options except "access internet" (so I also disable access to CDROM), the guest can still access the CDROM. Does this mean the User Settings menu has no effect or is overruled by something?
I'm running 10.04 running daily updates. A couple days back, I saw an update related to mounting volumes. Not sure if this is what broke my system, but might be. When attempting to mount a partition from nautilus, I get a message saying I do not have authorization. It does not even ask for my password, just fails. I tried running updates and this asks for my password and accepts it fine. I opened disk utility from the menus and tried to mount the volume from there but also got the same permission denied, not authorized without even being asked for my password.
I then ran gksu palimpsest. I was asked for my password and was able to mount and unmount partitions from there. However, when mounted, my applications and nautilus cannot access the data in the partitions mounted using gksu palimpsest. In nautilus, I can navigate to /media/Data (the partition in question) but I get "THE FOLDER CONTENTS CANNOT BE DISPLAYED You do not have the permissions necessary to view the contents of "Data"." When I open nautilus via gksu in the terminal, I do have full access to the partitions.
How do I get my privileges back for my user account. I am the only user on the computer, and I have never set up a root account since my upgrade to 10.04 months ago. I tried of course the Administration->Users and Groups menu, but I am not permitted to change the account type or open advanced settings. I click the button, but nothing happens, not even a password request. Running gksu admin-settings on the terminal allows me access. My current settings are attached.
i am relatively new to ubuntu. Just recenty i have not been able to access certain files(for example the history and bookmarks in the firefox folder), download files individually from the internet(music,fonts,etc), recieving an error message
Quote: Originally Posted by firefox error console
Error: [Exception... "Component returned failure code: 0x80520015 (NS_ERROR_FILE_ACCESS_DENIED) [nsIFileOutputStream.init]" nsresult: "0x80520015 (NS_ERROR_FILE_ACCESS_DENIED)" location: "JS frame :: file:///usr/lib/firefox-3.6.13/components/nsSessionStore.js :: sss_writeFile :: line 2944" data: no][code]...
i have sudo priveleges and can install via update manager. i read somewhere that compizfusion might affect access permissions and i do use compiz and emerald at the same time.
In our group we use NIS and have a group set up called netadmin which is given root privileges on each machine. Each machine also has a localuser called localuser created and used during installation. When logged in as a member of netadmin, attempting any action that requires root privileges (e.g. installing software in Ubuntu Software Center) results in a prompt asking for localuser's password, not the current user's password.
Does anyone know the cause? Configuration issue or Ubuntu issue? We can get around it.
I tried to add my wife , and when I put in a password for her, this error comes up."Please set a valid user name consisting of a lower case letter followed by lower case letters and numbers." I did all that and I still can't set a password for her.
View 3 Replies View RelatedEDIT: I finally figured out how to do it - xbacklight -dec 10 lowers, xbacklight +inc 10 increaces. I'll use ubuntu tweak to get the shortcuts. I got my self a new lappy, and Acer Aspire One 751h-1948. After that, I installed Ubuntu Karmic on that, while leaving a 20GB XP partition. I configured it's Intel GMA500 Poulsbo video card, so now I can use it at the native 1366x768 res. Most of my fn keys work, other than one very important one, and here lies my problem; The brightness keys dont work(fn+left/right arrow). I've searched the net for a long time, but I still can't find a solution that works with karmic - perhaps i should downgrade?
View 1 Replies View RelatedAnyone else notice this. You can't increase the view area for the lower section where the project islisted.I could also only burn one data dvd. It wouldn't see the next blank dvd. I had to shut k3b and start again.reported to packman and packager
View 9 Replies View RelatedI often get responses from people who first say: "Are you sure? You want your network to be exposed to the outside world?" I am not experimenting on a Production Server of NASA or any Security Concern Department. Friends, there is no harm in experimenting on your personal computer or on a test computer which is isolated from the production environment. Look at hackers! What do they do? If they don't know how security is breached then how would they come up with security measures?
If my question reads... "How to let any user perform Administrative Tasks on a Linux System irrespective of his/her privileges on that particular system?" then I would not get the right answers in the first place. They will say... "You are letting everyone destroy your system... are you sure you want to do that?" My question is: Why should we restrict ourselves from experimenting even if it sounds weird to other people?
I give you an example where it is desirable to let an unprivileged user perform certain tasks. You want to know if there are any employees in your office who are storing videos in their home directory and filling up the disk space to a great amount. You have a department called "Command Center or Data Center Operations or Help Desk" call it whatever you would, whose work is to monitor such activities, and you create an account "monitor" for them to monitor such activities but they are not able to do them:
[Code]..
One user in my company wants to run some flush cache queries on a MySql database, it needs "reload" privileges of Administration, how secure is to give this rights to a normal user ?
View 2 Replies View RelatedI configured a FTP Server on Fedora Now I want to create a user for FTP Server which has no privileges to access any things outside his home directory .
Username is "Test1"
Home directory is /var/ftp/Test1
chmod 700 /var/ftp/Test1
chown Test1 /var/ftp/Test1
I need to create a special linux user account that has a very limited set of permissions on the system. Essentially to have read-only permissions for his home dir (and sub dirs) and nothing else - i.e. this user has no write or execute permissions and should not be able to read/access other user dirs or indeed anything outside of his home directory, irrespective of rwx permissions.
View 5 Replies View RelatedFigured out a straight shot at connecting to the Internet in Fedora 15. Follow these commands.
1.)****** SWITCH TO ROOT USER if you don't have privileges*******
2.) cd /etc/sysconfig/network-scripts
3.) rm ifcfg-XXXXX (DO NOT REMOVE THE IFCFG-LO)
4.) system-config-network
-> Once in this screen, press the enter key on "Device configuration"
-> Configure your network statically. ( I did the following.) Name: leave as default Device: Leave as default DESELECT "Use DHCP" Set Static IP as 192.168.2.117 (or 192.168.1.117) Set NetMask as 255.255.255.0 Set "Default Gateway IP" AND "Primary DNS Server" to 192.168.2.1 (or 192.168.1.1)
[Code]..
I have previously set up sudo via adding my name to the wheel group and then giving full privileges to the wheel group in the sudoers file. Now I choose to learn to limit that. Had noticed the most frequent use I have of sudo is to run yum update. This got me thinking, could I remove the wheel group privileges and add the following line in sudoers to limit the privilege to simply running yum, and furthermore, make it so I could run yum without a password:
## Allow root to run any commands anywhere
rootALL=(ALL) ALL
Troy ALL= NOPASSWD: /usr/bin/yum
I think that would in fact work (if I understood one of the pages here, it will work). However, upon further thinking I realized that in such a case then anyone sitting at my computer could then use yum, without a password, to install or remove any file on my system � probably not a good idea. As a result I have to ask, can I tighten the privilege even further such that the only privilege so given was to run �yum update� and nothing else? (for example if they ran �yum install� it would fail). If you can do it, how?
Last, I was going to limit the privilege, time wise and try wise, by adding the following to the sudoers file:
# Defaults specification
Defaults:Troy timestamp_timeout=0, passwd_tries=3
Will that really work to limit the elevated privilege so I don't have elevated privileges lingering about, or is there a better way to do so?
Having read on the forums about some of the dangers of running Wireshark as root, I would like to know if anyone can suggest some alternative packet sniffers/network analyzers which will offer similar results but without the security issues. I am using Karmic Koala on a Fujitsu Siemens laptop with wireless router (firewall enabled)
View 7 Replies View RelatedThis applies to users of 10.04 (64 bit), but I would like to hear from those running 10.04 (32 bit) and 9.10 (64 or 32 bit).Would you be good enough to answer this question: Do you have an �enable scanner option� (or a variation of that phrase) in (GOTO) System-Administration-Users & Groups- [Your Admin Account]- Advanced Settings- User Privileges?It would be immensely helpful of you if you could do this and post me your answer.
View 2 Replies View RelatedI was able to install and start tftp.I can tftp localhost and get a file, even from a non-administrator login.I can connect from a remote host, but the *get* times out.I suspect there is a security issue. Can you tell me how to lower the security on tftp so that a remote host can do gets?
View 4 Replies View RelatedI have a small problem on ubuntu 10.04, of which i know it can be solved. However, i'm not sure how to. The problem is; I need one user to be able to install updates, but not give it any other privileges. I have been messing around with the "sudoers" file in /etc a bit, and thought i needed to use the "NOPASSWD" But i'm not sure what to do after that.
View 4 Replies View RelatedI followed this how to to make a NFS server: [url]
So it means: exports looks like this:
Quote:
Here are some quick examples of what you could add to your /etc/exports
For Full Read Write Permissions allowing any computer from 192.168.1.1 through 192.168.1.255
It means that if sbdy arrives with a linux machine, puts the ethernet cable into the router, then logs as root on his machine, and mount the exports. He can do almost everythg, with permissions chmod'ing ...
Is that LAMP, or i am wrong for nfs kernel servers, the ultimate users/password servers against that to prevent those physical approches /logins?is there good how to ?
I need to create a user in Fedora Linux(15) which only has privileges to print documents.Our college issues a printer to each lab and I need to create a new user on my Fedora which only has privileges to print.Network sharing is not an option, so is there any way by which I can a restrict a user from executing any commands except the necessary printing commands?
View 2 Replies View RelatedI accidentally promoted my initial account to admin and now I want to revert it but I don't remember the specific initial user privileges.So there are 2 questions:
1) First, is it safe to "downgrade" the account, logging in with another one? In general what's the best way to do it?
2) Could someone enter Administration->Users and Groups->[select initial account]->
Advanced Settings->User Privileges and list the privileges that are on by default?
I repeat I want the privileges of the initial account, which I suspect are above those of basic users (that are added later) and below admin...
I'm using ubuntu 10.04. Apache server is associated with www-data.I frequently run into problems editing or deleting files created by a cgi script, as they have ownership of www-data:www-data.How can I safely modify my system so that the output files are editable or deletable by user tim?
View 2 Replies View RelatedI want to create a user who has all the privileges that root user has.I know how to create a user but i don't know how to grant root privileges to him.
View 10 Replies View RelatedHow to add user with root privileges and SSH access.
View 6 Replies View RelatedI create a user in CentOS 5.5 for using with my email account.
useradd ralf
passwd ralf
use "ralf user" only for my email account. How can I remove others privileges/permissions? Also, I want to use "ralf user" without root privileges/permissions.
i have centos5.3 i want to create user with non admin privileges he is unable to see contents of server only he will able to login nothing else
View 12 Replies View RelatedMight this is silly question but I am not much familiar to database.I am doing master slave Mysql replication for load balancing. On master server different database has different user privileges. I create backup using mysqldump command and restore on slave server instead of using load data from master; command.When i replicate database from master to slave will i require to set user privileges same as master ?One more question: How to lock all database in mysql?
View 2 Replies View RelatedI am on the admin account of my computer and am trying to remove all privileges from CWD i have tried
chmod go-rwx ~
sudo chmod go-rwx ~
but when i pull up
ls -l ~
It is still showing permission in the g and o column.
Is there a way to grant 'root' privileges to my user account? My account name ... I'll call it 'masterskop' as it is my forum name here, but not on my computer.Would it look like this in the sudoers' file?My purpose is to get access to all the folders and files in the 'File System'. The root and lost+found folders have 'Xs' on them...No access! And for example, under properties of the 'var' folder it states that 'you are not the owner, so you cannot change these permissions.' How can I get access to all of it everytime I login as the main user of my computer? I do not have anyone else using this computer.I did edit this file and used my real user name ... logged out and logged back in and still I do not have access/edit these folders and files.
View 4 Replies View Relatedi know the subject is hard to understand but i did my best with it. the problem: i have 2 HDs on my Ubuntu OS, the first is 1TB and the other is 500GB, i want to do a backup with rsync from my 1TB HDs (in with the Ubuntu is on it) to the 500GB.
on the 500GB i have a partition called Backup. what i did: i have created a user crontab that dose two things: 1. mount the Backup partition from the 500GB to a folder called /~/Backup on my home directory which is on the 1TB HD.
2. i wrote the proper rsync command for the backup to go.
[Code]...