When I'm logged into my account, I can't shut down the computer if someone else is also logged in unless I supply the root password. However, if I log out, I can shut down from GDM without being challenged, even though another person is logged in, which could cause problems if that person is in the middle of some work. Is there a way to password-protect the gdm shutdown function if people are logged in?
View 2 RepliesI am using Fedora 10 .Generally to update I open a virtual console by pressing Ctrl-Alt-F2,login as root and give the "yum update" command.Then I continue using my graphical terminal for other tasks from the 'non-root' account..Now my room-mate comes uses my 'non-root' account to browse web for few minutes and then opens a terminal types "halt", ENTER and viola...! My root account seems to be insulted by a 'non-root' user!.When I am doing updates or other important work as root any silly user can just 'halt' my computer. Can somebody tell me how to set up my computer so that when root is logged in no other user can simply halt the computer.
View 3 Replies View RelatedI installed a few media servers to stream something to my PS3 over the weekend, but now when trying to shutdown the computer, I'm asked to authenticate with a password since other users are still logged in. I installed quite a few programs over the weekend trying to get it to work, so I can't remove a specific one. Is there a way to see which daemons are logged in under a different session? Found it. It turned out to be mythtv.
View 3 Replies View RelatedIf there is a simple way to prevent accidental shutdown when the following situation occurs:
Sometimes, I log in on my father's computer to run some administrations' tasks (updates...). For that, I use SSH since I'm frequently far from my parents and what I want is to prevent a shutdown run by my father. Of course, he should be able to turn off by himself if nobody else is connected.
Molly-Guard allows to prevent distant shutdown, my request is a kind of complementary software.
Does anyone know a project which could fit with this request? Do you have simple ideas to write a short code I know bash, perl, python...
What methods exits to restrict which directories a user may browse on the filesystem. I want to prevent php scripts from being able to view system files. I've seen two solutions, but neither are satisfactory:Chrooting a directory that the script is in, but this requires that all the necessary php libraries/files are moved/copied into the right place relative to the chroot directory. I don't feel that I have the technical ability to achieve this.Putting php into safe mode and disabling *nasty* php functions. But this is ineffective if just one obscure *bad* php function is missed.
View 5 Replies View Relatedhow the file is generated or what it contains is not important at this point.The important question is how to prevent the file from being downloaded and its contents from being displayed in the browser window?Since it is not recognized by the web browser so it is downloaded on the system. That way, what the script does is exposed to the outside world.Okay, I usually keep such scripts in../cgi-bin/. But for files (text files, in the example) which are being uploaded by a user should not be downloaded by another user.
View 10 Replies View RelatedI have 2 servers, web server & mail server. they show 2 users in the summary area when I run w or top commands. But the actual list of users logged in (using either w or who) shows only 1 user.
ps -ef |grep username only shows my current login as a running sshd process.
So I can find no trace of this other user except in the summary line for w or top. I have no shells or other logins left running elsewhere or abruptly terminated, no gui sessions (these are servers), no tty logins. Do I have another user logged in? Has someone hacked me & covered up most of their trail? Why do these commands show 2 users when everything else points to 1 user?
I read the log
Code:
I found this print out:
Code:
The line in bold is the security issue. There is only 1 user account on the system. There should only be 1 user logged in, not 2 users logged in. The remainder of the log file lists 1 user logged in, for similar log output. 2 users logged in does not appear again in the log file.
Does the second line of bold indicate that an attempt was made to log in to the system using SSH?
There was an internet connection interruption (no service) around the time of the log file event. The service did return, later.
Does that line indicate that an unauthorized user logged in to the system?
Just noticed this, when I am logged into OpenSuse 11.3 under my default user (autologin) I have 3 of the same user logged in, eg when I run top it shows 3 users and when I run the users command it shows the same user 3 times. Is there any reason for this? Do I need to investigate this at all?
View 1 Replies View RelatedI have set up the sodoers file to allow everyone in "group1" full sudo permissions without needing to enter their password.
Is there any way to allow users to perform everything except the shutdown command?
My Fedora box is giving me an SELinux security error:
Code: Summary:
SELinux is preventing the samba daemon from reading users' home directories.
Detailed Description:
SELinux has denied the samba daemon access to users' home directories. Someone
is attempting to access your home directories via your samba daemon. If you only
setup samba to share non-home directories, this probably signals an intrusion
attempt. For more information on SELinux integration with samba, look at the
samba_selinux man page. (man samba_selinux)
Allowing Access: If you want samba to share home directories you need to turn on the
samba_enable_home_dirs boolean: "setsebool -P samba_enable_home_dirs=1"
Fix Command:
setsebool -P samba_enable_home_dirs=1
Additional Information:
Source Context system_u:system_r:smbd_t:s0
Target Context unconfined_u:object_r:user_home_dir_t:s0
Target Objects /home/micah [ dir ]
Source smbd
[code]....
is it possible to block an application from using the network? If yes, how? I read it's possible with iptables and with selinux... Also, what about creating a user who can't connect and run the application with that user?
View 7 Replies View RelatedHave recently setup Samba on a fresh install of Fedora 14 so that I can use it as a workstation in a Windows 2003 (win2k3) domain.
The install of Samba seems to have worked as I can connect to the Domain using ADS and kerberos. selinux and firewall have been disabled until I have it working 100%
The problem lies when i try to login to Gnome or TTY. It begins to create the home directory for the domain user logging in but after a certain process Fedora logs the user out of the system.
Have looked through several log files (/var/log/messages, log.winbindd, log.winbindd-dc-connect) but am unable to debug it any further.
Have posted the config files below which shows the Fedora machine is successfully connected to the domain as it lists its groups, users and validates logon credentials - it just won't logon!
Where i can go about debugging. Also if you need additional configs.
I went to print something and I get this message: Summary: SELinux is preventing access to files with the default label, default_t.
Detailed Description: SELinux permission checks on files labeled default_t are being denied. These files/directories have the default label on them. This can indicate a labeling problem, especially if the files being referred to are not top level directories. Any files/directories under standard system directories, /usr, /var. /dev, /tmp, ..., should not be labeled with the default label. The default label is for files/directories which do not have a label on a parent directory. So if you create a new directory in / you might legitimately get this label.
This is the "alert" I've received from SElinux Alert Browser after closing "rythmbox" application that opened my CreativeZen mediaplayer:
Code:
SELinux is preventing /usr/libexec/abrt-hook-ccpp from using the sys_ptrace capability
in dmesg it has:
[code]....
I just installed F12 (live cd version with gnome), fully updated & rebooted but my lastlog says that I never logged in...(I know the DVD Install would probably be better but I'm trying to save space)
View 2 Replies View RelatedI am pretty new to Linux, but this can't be the way the system is supposed to operate.
Fedora 12
KDE 4.4
kernel 2.6.32.9-70.fc12.i686
Toshiba satellite L305D
As of updating KDE to 4.4 and a kernel update from two weekends ago hibernate/resume works perfectly. The problem is I feel that all terminals should be locked/logged out automatically upon suspend/hibernate. Through bug reporting at KDE found that an additional setting is required in KDE to lock the desktop before suspend/hibernate. But any of my other terminals that are logged in remain logged in upon resume. Is there an additional setting that I have to flip to secure the terminals? Would this be considered a security hole? Is there anything short of me manually logging out that I can do to automate locking/logging my terminals?
i am using fedora 7. i want that, users other than root should not be able to shutdown the system, i had already changed the mode of /sbin/shutdown to -rwxr-w--(750)
View 1 Replies View Relatedas a normal user when I click logout from a KDE session nothing happens and I can't re-launch logout again, shutdown is doing the same.I have just upgraded to fc14 from fc13 yesterday tried to delete .kde folder and it has not been succesful tried to create another user and log to kde session and the new user also failed to logout or shutdown Root user is able to logout and shutdown I have no probs on GNOME for root or users.
View 1 Replies View Relatedon my netbook I've tried to make possible for my user to shutdown without needing a password. battery could run low when I'm not in front of it. Editing sudoers has allowed my user to shutdown the system, but Gnome still prompts me for the root password whenever root is logged in too. That's usually the case, because to avoid entering the root password multiple times whenever I need elevated privileges and not wanting to cache the root password, I keep a Root Terminal always open.
View 6 Replies View RelatedWhen I click logout or shut down I get a countdown saying I will be logged out or shut down in 60 seconds, then it counts down. I can click the "shut down now" button, but I find this behavior incredibly irritating. When I click logout I would like to logout NOW.
View 6 Replies View RelatedI run a linux file server for my office and we user SFTP for remote partners to login and download files. Is there a way to see if there are any active connections or logins so I can know when it is safe to perform maintenance on the machine?
Since the machine is almost constantly serving large files, scheduled maintenance is often bumped off due to someone either upload
Is there any gnome tool out there that will allow admins to talk with logged in users? Without it being amsn, skype, or gtalk... I'm looking for something like the 'talk' command but GUI based.
View 1 Replies View RelatedWhenever I want to shut down, I have to enter my password, because shutting down while other users are logged in is a privileged operation. Now, I couldn't download an update because the update lock was in use. I'd be surprised if someone had targeted my system, especially because I didn't install any obscure .debs or anything recently, but I'd really like to find out if it's been compromised somehow. Say, by obtaining an overview of all users currently logged into my system or something. Is that possible?
View 2 Replies View RelatedJust wondering is there a command that would show me the details of whose currently logged on and how their logged on i.e. ssh/samba etc?
View 5 Replies View RelatedI try to write a script which would kill processes of users who are not logged in. My approach is to find out what users are logged in and then kill processes of all nonsystem users who fail the test of being logged. I use `w` for finding all logged in users, but apparently there are users on the list which `w` gives me who own absolutely no process in the output of `ps aux`. How do I log off those users, since killing their processes wont work (since they own no processes)?
View 4 Replies View RelatedI have a problem as following: "using iptables to prevent IP spoofing".
View 4 Replies View RelatedOn Ubuntu 10.04 when there are more than just one user logged in, if one of users logs off system hangs with a black screen.
After I reboot the machine and log in again, just after GDM login screen I get a window with a message about PowerMeter crash, with suggestion to 'cancel' and 'log off'. Only 'Log off' works, i.e. I'm successfully logged in.
Last entries from system.log before system freeze are:
Code:
I can't seem to get last logged in dat/time for vsftpd users. They are linux users maintained within passwd groups ect ... i think this is because ftp doesn't actually give them a real session. That being true, how do i get the last logged in time for my ftp users?
View 1 Replies View RelatedI want to count the number of users who have logged in multiple terminals ? How will I get this ? I always get the total number of users. How will I get the uniq number of users with multiple logins ?
View 3 Replies View Related