I have a Web server issue for which I have hired a reputable local consultant (recommended by several people in our local Linux User Group).
For some of his tasks, he will need root access.
How do I build him an account, specifically for him that I can delete later, that will allow him both unprivileged and root access?
I am a user of a cluster. I don't want root to see/copy files from my user account(obviously). Is that possible to limit the access of root to users account?
View 14 Replies View RelatedI have Centos installed as part of Strongbolt on a Cobalt RAQ550 Machine. The Admin password and the root password is supposed to be identical. However, I can only login as admin. If I try to access using root, the SSH session shuts down. If I enter another passowrd it gives the correct response and says incorrect password. If I login as admin and then try SU Root - It displays a list of commmand options for SSH and does not allow me to login.
View 1 Replies View RelatedI'm setting up Ubuntu Karmic on my sister's old computer for my nephew, he's quite young so my sister asked to install some content filtering. I'll first setup an OpenDNS account and I've installed and managed to get dansguardian and squid working on a virtual machine to try it out. so far it's working pretty well, but I need to secure it form the inside out.
I was thinking of blocking specific outbound ports so he could not bypass the proxy. because by default the firefox configuration can be easily changed. so I have a couple of questions.
1. is it possible to block outgoing ports on Ubuntu?
2. is that the best method?
3. is there anything else I should be aware of to prevent subversion?
lastly, this question is probably unrelated to this board but I've set up a cron job to update a dynamic ip with OpenDNS, the problem is that the password is in clear text in the user's crontab, can I play with permissions? is it possible to run the job under a root account and deny read/write access to a normal user?
I am trying to log into a server with a particular account. Let's say I don't know the password for that account. Can I do this using ssh? I am wondering if it is possible to do it in one command, instead of logging in as root and running su.
View 4 Replies View RelatedI deleted the root line in passwd and shadow and then tried to copy the backup and was able to put it all back to normal from rescue mode. However when i get to my login screen i can not login as root anymore or even after logged in as another user i can not su - or su root, it tells me that root user does not exist......
View 14 Replies View RelatedI have set up my crontab and whilst Im logged in and it works (It runs my shell script), however when Im not logged in, the script does not run. Initially I set the time/date to 0 0 * * * (Midnight every day), as this did not work, I tested it with to 0 * * * * (every hour) whilst logged in and the script starts.
I use crontab -e to set it up under the root account..Im sure you dont have to be logged in for it to run?, but maybe im missing a step or just overdosing on Linux and need a holiday:-)
I want to add a new user. For that purposeI switch to su and give root passwd. There I gave a command " useradd ". [smith@localhost smith]#adduser when i press enter key by typing adduser command it say me "Command not found" .Then i log off from my own account and login again from root account. The command "useradd" is then accepted.is there any way that without logging off from normal user account I may enter my roor accout and work as a root account instead to log off from normal user account.
View 5 Replies View RelatedWhat is the user account number when you create a root user account for the system during the installation of any linux distribution? I'm not sure if its 0, 1, 10, or 100..
View 2 Replies View RelatedToday I faced a very strange issue while switching to root account in a bash shell.My OS : CentOS-5.1.4
I logged in my system with account name user1 and I open the terminal and below shell opens
[user1@localhost ]$
Now when I type su and want to switch to root account , it fails
[user1@localhost ~]$ su
Password:
su: incorrect password
[user1@localhost ~]$ exit
I know the password is 123 & I m 100% sure .
In the ubuntu series I find my hard disk description as this: /dev/sda. As we know in slackware (10.1) for partitioning we either use 'fdisk' or 'cfdisk' when I use fdisk, like mentioned: fdisk /dev/sda. It says disk cannot be found.... or something like that. I think I know why?
You see my hard disk has the D: E: F: as extended partitions comprising logical drives and only my C: drive is pure primary. Does this have any connection with my problem? As from my explanation you can find that I'm a total wreck with computers.. but I'm very thrilled to learn linux. The reason why I need slax is that I require a traditional root account.
i am having problems with privileges i have created a new user with my name, but i cant get root privileges on it. i need the same privileges as the root profile.
View 9 Replies View RelatedI've started to get emails that would typically come from [URL] as [URL]. These emails come from services that send out emails (backup programs) directly, or from cronjobs. I've logged in as the non-root account and either sudo su - or su - to root and the restart the service at one point or another. If I login directly as root and bounce the service or cron the emails come across as from root. I don't see anything in my environment variables after I su to indicate what would cause this. I'm not sure where else to look? A pam setting? This seems to have happened between Fedora 10 and 14 (did a bunch of overdue upgrades recently) I've only got Fedora so I don't have anything to compare to. In Fedora 10 I did not have this problem.
View 2 Replies View RelatedI have a startup script placed in /etc/init.d wherein I make the following call:
nohup sudo -u myuser $CATALINA_HOME/bin/startup.sh 2>&1
This causes Tomcat to be run as myuser, which is expected. However after issuing the reboot command the system starts up and root is now the owner of this process. How can I force the process to be started off as myuser on reboot?
On a Fedora Core box, I have a normal non-privileged user and I also have sole access to the root account. Because I am the only administrator of this box, I frequently su over to root for administrative tasks. The problem is that many of the user configuration I've become accustomed to are only configured on my day-to-day account (.vimrc, .bashrc, .screenrc, etc). Other than giving my day-to-day user account privileges to perform administration tasks, how would I go about sharing configuration between these two accounts?
View 1 Replies View RelatedOr would this sacrifice security in some way? I've been using root only, and am ready to have a seperate account now. It's the dotfiles for GUI apps that I'm concerned about:
Code:
-rw------- 1 root root 98 Feb 13 16:23 .Xauthority
-rw------- 1 root root 6392 Feb 12 18:13 .bash_history
drwx------ 5 root root 4096 Jan 13 17:47 .config
drwxr-xr-x 4 root root 4096 Dec 29 21:36 .fvwm
drwx------ 4 root root 4096 Nov 7 19:55 .mozilla
-rw------- 1 root root 218 Jan 26 10:04 .recently-used.xbel
-rw------- 1 root root 98 Feb 13 16:23 .serverauth.17096
drwxr-xr-x 2 root root 4096 Dec 25 12:42 .tuxcmd
drwxr-xr-x 2 root root 4096 Feb 12 17:25 .xine
Is there a non-root shell command that can tell me if a user's account is disabled or not? note that there is a fine distinction between LOCKING and DISABLED:
LOCKING is where you prepend ! or * or !! to the password field of the /etc/passwd file. On Linux systems that shadow the passwords, this marker flag may be placed in /etc/shadow instead of /etc/passwd. Password locking can be done (at a shell prompt) via password -l username (as root) to lock the account of username, and the use of the option -u will unlock it.
DISABLING an account is done by setting the expiration time of the user account to some point in the past. This can be done with chage -E 0 username, which sets the expiration date to 0 days after the Unix epoch. Setting it to -1 will disable the use of the expiration date.
The effect of locking to to prevent the login process from using a supplied password to hash correctly against the saved hash (by virtue of the fact that the pre-pended marker character(s) are not valid output character(s) for the hash, thus no possible input can ever be used to generate a hash that would match it). The effect of disabling is to prevent any process from using an account because the expiration date of the account has already passed.For my situation, the use of locking is not sufficient because a user might still be able to login, e.g. using ssh authentication tokens, and processes under that user can still spawn other processes. Thus, we have accounts that are enabled or disabled, not just locked. We already know how to disable and enable the account - it requires root access and the use of chage, as shown above.To repeat my question: is there a shell command which can be run without root privileges which can output the status of this account expiration info for a given user? this is intended for use on a Red Hat Enterprise 5.4 system.The output is being returned to a java process which can then parse the output as needed, or make use of the return code.
I just created new user account, but the new user is able to access all the directories structure (including other's home directories).I'd like to limit the user to access ONLY his home directory (and nothing "above"). How do I do this?
View 1 Replies View RelatedA friend of mine helped me set up a server which includes Squirrel Mail.It?s CentOS 5.3.I have a person who would like to access Squirrel Mail at remote sites.My questions is, I can create an account on the server which has KDE and the usual general applications and he would have the remote access Squirrel Mail but he doesn?t need nor does he want to access KDE or anything else on my server. He just want an account so he can use Squirrel Mail.
View 1 Replies View Relatedok so i ran into a problem, im using web min to access my server, and im setting up postfix and, dovecot first problem is i want to be able to access my email account from a web page, with log in, so my question is how can i do that?
View 1 Replies View RelatedI've heard that you shouldn't allow root access over ssh; what's the big deal?if a user account who has sudo privileges is cracked already, what's the difference?I allow root access over ssh, but I use a 30 character random password and disable all other accounts. Is this unsafe?
View 12 Replies View RelatedI'm trying to use my root account for the ftp. Now, he can connect but when i come in the map "home" its empty (in the ftp) but he can't get the information.
whats wrong whit my conf
vsftpd.conf:
Code:
anonymous_enable=NO
local_enable=YES
write_enable=YES
local_umask=022
[Code].....
I have a large ISO file on a server, and I need to access the file in it, without having root access. Thus, I can't simply mount it. What should I do to be able to extract an ISO on LInux without root access?
View 6 Replies View Relatedit possible to block root access to a particular directory.
View 7 Replies View RelatedRecently I have installed FEDORA 14 genome on my toshiba sat. L510 laptop.I am using windows 7 ultimate on the other end.My laptop in working fine with both OS.When I tried to install my mobile BB i.e. ZTE USB modem
We need 3 packages1. usb_modswitch2. usb_modswitch.data3. wvdialAfter that I tried to edit the /etc/wvdial.conf to put the[Dialer cdma] details........it asks for root access.I have tried to gain it from terminalused command
[localhost@arul]$su -l
login: root
password: arul315
[code]....
I am using RHEL 5, and I have configured VNCServer & XManager. can access through XMnanager using any username but not root. how can I grant permission to root ?
View 2 Replies View RelatedI came to debian from fedora so there I used ( su - ) to become root user. So my question is that in debian, is it same using ( su ) and ( su - ) or here also using ( su - ) is preferred with slash or without slash. What is the correct and secure way in debian with full root status.
One more question relating gedit sources.list
I use as root account : gedit /etc/apt/sources.list (and then enter and sources file in gedit open)
Is this correct method or any other way as when save after changing entries inside it says error.
I was changing my GUI settings in XFCE in my root user account on Xubuntu when suddenly I was logged out and the computer shut down.
(I have done this before with no such trouble...)
Now I can't log into my root account all I get is a blank screen for a few seconds then I'm back at the log-in screen, the other account works fine.
(This is on my Xubuntu 10.10 laptop BTW...)
I try to use FTP to put new files and catalogs on my server and I always run into problems that I have not the right to create catalogs and files in the named catalogs and so on, it is very annoying.Is there a way around this problem or do I have to activate root account to not run into these problems all the time? I have worked with different UNIX-versions and variants for the last 15 years at least and have always had access to root account, why is it so dangerous to have access to root account in ubuntu?
View 3 Replies View RelatedWhat file needs to be modified so that Pulseaudio starts automatically when in the root account? Currently, it is necessary to start Pulseaudio from the "Run" dialog when in the root account. I recall there was a file that prevents Pulseaudio from being run as root and that particular line had to be deleted in order for it to work.
I prefer to run my computer from the root account. If not, do not preach about the "dangers" of running as root.
