Fedora Security :: User Access To Start And Stop Tomcat But Also Gives User Access To Start And Stop Other Services "/etc/sudoers"
Mar 13, 2009
I am trying to give access to ONE single user to start and shutdown tomcat server. The problem being, when I enter syntax: username ALL= /etc/init.d/tomcat5, /usr/local/tomcat/webapps, PASSWD:ALL This gives the user access to start and stop tomcat but also gives user access to start and stop other services within /etc/init.d - such as httpd etc... What is the proper way to give user access to start and stop service, and limiting that power to only one service....
View 2 Replies
ADVERTISEMENT
May 7, 2009
I have several services set to start in init 3 on a cloud provider. The init scripts appear to be in the correct folder but the services are never started after a reboot. I finally watched the console and all the services start correctly then shutdown after a few moments.
View 9 Replies
View Related
Jan 7, 2010
is it possible to restart /start/stop all services at the same time without rebooting?
View 3 Replies
View Related
Aug 25, 2011
I am using debian squeeze server with asterisk 1.6 installed and configured.my problem is non root users need to access the server using ssh and restart asterisk server after making changes in asterisk configuration files.As of now i am giving root username/password for this process (i know it is not at all a good idea) .now how can i create a username and configure it which can only access and modify asterisk configuration files and restart asterisk server without any other privileges.
View 1 Replies
View Related
Jun 27, 2010
I thought it was in the System>administration menu somewhere, but I just can't see it. What is it called, and where do I find it please?
View 9 Replies
View Related
Aug 25, 2010
With the advent of Ubuntu 10.04 Lucid Lynx LTS People are migrating servers to the latest LTS. One fundamental thing that has changed is the move to Upstart. In the old days to stop multidaemon service such as Samba, one would simply type /etc/init.d/samba stop and to disable it from starting on boot one would simply type update-rcd samba disable.
Now its the year 2010 and in 10.04 it seems on has to edit a bunch of files, etc. Is there not an easy tool to correctly and properly disable services on startup in 10.04 consistently? in Redhat/Mandrake 10 years ago it was simply
Code:
service smb off
In Ubuntu 10.04 its
1) edit /etc/init/smbd.conf and modify the line that says
Code:
stop on runlevel [!2345]
and change it to
[Code]...
And one has to remember all these changes when the get ready to enable the samba service in the future? This can't be right.I know I must be missing something here. or maybe overlooked something in the upstart documentation.Which seems quite sparse by the way. So the question remains. How does one simply disable a multidaemon service starting on boot such as samba. Any tool to do this ? Is the above the correct method recommended by Canonical to disable services? and enable them?
View 2 Replies
View Related
Jan 22, 2011
I installed MySQL and Apache2 to develop & test out the site I'm writing. However since I'll be using them purely for internal use (not exposed to the Net), I don't want them to start with every boot-up, but would like to start them manually when I desire, and stop them after use.With previous Ubuntu (Jaunty) I'd used chkconfig to configure services, but since the current version (Maverick) uses Upstart, is chkconfig still applicable?
I also installed 'bum' (Boot-Up Manager), but strangely, it displays the MySQL server as "unchecked" even though it's running (and starts at boot-up), so I cant see how I can prevent it from starting at boot-up through bum. chkconfig also displays MySQL as not active at runlevel 5, when in fact, it is.
I'd like to know what's the recommended (official) way to configure boot-up services with the Upstart system? I don't suppose directly editing the *.conf files in /etc/init is the best (or even correct) way?
View 3 Replies
View Related
Jun 8, 2010
How do I give permission to a logged in user to stop/start a specific service without entering a root/sudo password? So they can do a simple "service SomeService stop|start" It is for a headless Ubuntu server.
View 5 Replies
View Related
Jul 23, 2010
I'm using debian 5 x64 with xfce.Is there a way to configure (start/stop/restart) services (especially Apache2, mySQL and PHP) using a graphical or cli tool? I tried to use sysv-rc, sysv-rc-conf, rcconf and rc-conf in the terminal but Bash didn't find them (Although Synaptic show that sysv-rc is installed).
View 9 Replies
View Related
Oct 4, 2010
I installed Centos 5.5 on a home PC to be used remotely.
All server daemons work fine but only start if the user is logged in.
How do I set the SSH server to start whenever the PC is turned on, rather than when the user is logged in? I read the chkconfig man page online but couldn't find anything.
Plus I put a script in my startup services to be run whenever the computer boots (I'm guessing when the users logs in). How do I go about setting that to run too whenever the system boots instead?
View 1 Replies
View Related
Jul 25, 2011
Vmware tells me it cannot start services.I believe the issue is tied to permissions because the message indicated the log with the full details was located in /tmp/vmware-root/setup-4772.log but when I go there I receive a message telling me I do not have permission to the directory and there's a lock symbol on the directory from the File Browser utility.What do I need to do to unlock the folder and get vmware working again ?
View 2 Replies
View Related
Mar 15, 2010
I had 2 accounts on a single system. Other users are able to see my data. how to stop other users to access my personal data.
View 8 Replies
View Related
Dec 10, 2009
I have 3 script BASH. I want start this script when the system start,stop and reeboot.
View 4 Replies
View Related
Feb 25, 2010
Fedora 12 64bit KVM
How to stop KVM start at booting?
Then how to start it after booting?
View 4 Replies
View Related
Feb 1, 2010
How to start or stop telnet service in red hat Linux 5
View 2 Replies
View Related
May 26, 2009
I would like to start and stop rtorrent based on my screensaver. I used to do this awhile ago with ubuntu and still have my script. However now I am using Fedora with KDE and the script no longer seems to work.
#!/usr/bin/perl
#gnome
my $cmd = "dbus-monitor --session "type='signal',interface='org.gnome.ScreenSaver',member='SessionIdleChanged'"";
open (IN, "$cmd |");
while (<IN>) {
if (m/^s+boolean true/) {
#when screensaver activates, run the following commands
#system("/home/eric/compiled/scripts/rtorrentstart");
system("touch /home/asoukenka/rtorrenthasstarted");
} elsif (m/^s+boolean false/) {
#when screensaver deactivates, run the following commands
#system("kill `pgrep rtorrent`");
system("touch /home/asoukenka/rtorrenthasbeenkilled"); } }
Old Post [URL].
View 6 Replies
View Related
Aug 28, 2010
i finished installing oracle 11g r2 with EM but i cant find any good script that will close the database completely before rebooting they all start it correctly but for the shutdown they don't wait and the database restart in recovery mode
View 3 Replies
View Related
Jan 18, 2011
I am trying to get a non-root account on one of our servers to run a script with sudo capability. To that end, I went into the /etc/sudoers file, and added the following syntax:
Code:
## Enable the nagios user to run the check_iptables.sh script as root
nagios ALL=NOPASSWD: /usr/local/nrpe/libexec/check_iptables.sh, /sbin/iptables
I restarted the nagios service, and tested the results. The results were the user account still could not run the script due to the user, nagios, not having permission to run the iptables binary.
Is there another step(s) that I need to take in order to get the sudo access available to the user account?
View 1 Replies
View Related
Sep 24, 2010
I heard we can set security in /etc/hosts.allow and /etc/hosts.deny on user base also like something user@domain or something if so how can I restrict a user to access particular service by his/her user name in a particular host via /etc/hosts.allow or /etc/hosts.deny
View 3 Replies
View Related
Feb 21, 2011
I have a mercurial repository on a secure server, to which I want to grant secure access to an external user.
I added for him a user account and publickey ssh authentication so that now he could push/pull changesets via ssh.
My question is: how can I make this new user account completely disabled from doing anything or accessing any data on the server other than accessing the repository? E.g. he shouldn't even have the possibility to enter an interactive shell session.
View 1 Replies
View Related
Sep 19, 2010
is there any way to make user with command text, just with accessbility to change network IP Address ?
View 4 Replies
View Related
May 11, 2011
I managed to make an old parallel port scanner work in ubuntu 11.04 with SANE. Everything's perfect but one thing: scanner applications work only if they are executed as a root.After further researching, I've found the cause is that only the root has read and write permissions on the device /dev/parport0 which is my parallel port. If I set the right permissions giving sudo chmod a+rw /dev/parport0 I solve my problem, but just untill next reboot... the system resets root only permissions at each restart. I would like to make that change permanent... what can I do?
View 6 Replies
View Related
Mar 15, 2011
Im am working on a system which runs on RedHat Enterprise I have been asked by superiors to see if the following is possible. (sudoers file config change i guess)
Example
User1 has root access
user2 has root access, but must not be able to access ctmag (user account)
I know the obvious here is that if user2 can switch to root then it won't work. But i just need to prevent user2 from su - ctmag. A password is set on the account ctmag, but as user2 has root access it switches without a password prompt
Is there anyway i can prevent user2 from switching to ctmag but still have access to root?
View 6 Replies
View Related
Mar 15, 2011
Suddenly I am not in the sudoers file. I am not sure how to recover from this. I have no grub screen at bootup, so I can't boot into single user. I think I am going to have to boot a live version of ubuntu to start with. Is that right? What's next after that? Also, how could this happen, I haven't touched the sudoers file or added users or anything like that (well not that I am aware of) I am a little concerned that this may be the result of someone breaking in? Would this be a likely symptom?
View 3 Replies
View Related
Nov 26, 2009
I get the problem to acess root password when i am in user login, means wahen i am in user login and want to install software from terminal then he asked root password, when i supplied root password but he give me login incorrect.
View 2 Replies
View Related
Sep 2, 2010
I'd like to add a user to my server that will only have access to a mount point over sshfs. Is there any way I can provide them this access without actually giving them permission to open a terminal on my server? I tried /bin/false and /sbin/nologin already, but /bin/false didn't allow the mount point to be made and /sbin/nologin prevented a login completely (also stopped the mount point from working).
View 6 Replies
View Related
May 3, 2011
How to create a user account on a Linux desktop machine with restrictions on connecting to the LAN, WAN, PCMCIA ports, Firewire, CDROM and generally any user controllable output options?
I have the task to set up a machine for users working with sensitive data that should not be leaving the machine where it is processed. This means disabling access to the ethernet device, lan, all other ports as mentioned earlier, and any other way of leaking the data.
In Mac OSX this was achieved using "Parental controls" from the System preferences; this even allows a selection of the applications that can be used. Under XP, Device Manager offers the option to click various devices and "Disable" them, which worked so far just fine. Some will point out that the latter mentioned OS may be easy to circumvent the security of in other ways, but that has been mitigated with other measures and it's not the point anyway. For the operator users in question, the aforementioned measure proved successful and worked.Using OSX and XP to do this was a 10-15 minutes job with testing included.
So far all guides and tutorials pointed to useradd, groups an facl, but in actual practical terms did not help at all, in fact most of the research did not render any practical results so far. I surely don't expect to point and click, and would gladly run a set of commands from CLI. If I had them. I would really would like to achieve the same restricted user account configuration in a concise, comprehensive and practical manner under Linux too. Preferably tested on humans before, and known to be workign, of course.
The machines that need to be set up are two laptops running Ubuntu. So how can this be accomplished in Linux?
View 6 Replies
View Related
Dec 18, 2010
I have tried to not allow root access and have created a wheel user.
Now I can not logged in as root.
Its okay but when am logging as wheel user and trying to access root then it says:
Code:
View 14 Replies
View Related
Jan 21, 2010
Prelude: OpenSUSE 11.2 (2.6.31.8-0.1-desktop), installed Novell client 2.0 SP2 (novell-client-2.0-sp2-sle11-i586.iso).
I found that if any usual user is logged into a NDS-tree, then _local_ root has full access to user's network shares, including the user's home directory located on remote Netware-server. Is it by design or
have I missed something? Nevertheless in windows local admin has no access to network resources mounted of any other user. If you runas shell (as admin) then admin in principle can't "see" network shares which were mounted (connected) by other users - they are accessible ("visible") per session.
View 3 Replies
View Related
May 30, 2011
Take a physical user FRED. FRED is a linux user ( known by linux on his laptop ) FRED is a Samba user ( Known by samba on the samba pdc server ) When he logs locally (with username/password) on its standalone laptop (with no network), he is known as FRED:user. He access his data in /home/FRED/. When he logs through samba (with username/password) on the domain MY_DOM, he is known as MY_DOMFRED:MY_DOMdomain user. He access his data in /home/MY_DOM/FRED/. ) Is it possible that the human FRED has only one repository and have full access to its repository regardless of how it was connected. If yes, how to do it
2) If not, Is it possible that the human FRED has full access to /home/FRED/.............. and /home/MY_DOM/FRED/.
View 4 Replies
View Related
