I have a CMS that has a brilliant backup option with one flaw, it can only create a full backup in a directory inside the web root. In this case /var/www/site/backups. This is not practical for security as the resulting tar.gz file contains a full mysql backup as well as other items that the general public shouldn't be downloading.What permissions do I need to set so that the directory /var/www/site/backups cannot be browsed to in a browser but can be read / written by the CMS when a PHP script calls it?
I have created directories in root. I am looking for the chmod command to allow all users read and write permissions to a specific directory. I have done chmod 775 for a file but I need this for a directory. This includes permissions on all files and sub directories.
root user won't be able to read the "active" xguest home directory (ll /home/xguest will only show an almost empty folder with content from /etc/skel). How can a root user list the folder of an the xguest home directory (while xguest is logged in)?
I'm struggling to understand an aspect of mounting and mountpoints with /etc/fstab. There is a large number of sites and threads that make recommendations using things like uid, gid, umask, and other options. These methods, however, which I've used, are file-system specific, useful only for filesystems such as (V)FAT and NTFS that allow them.My current situation is that I am mounting partition /dev/sdb5 in, let's call it /media/myMount. My goals:Mount this partition automatically upon boot using /etc/fstab...The partition should be fully accessible only to a specific user or group.What I've done is create the mount point in /media:
If user michapma were to carry out the mount, I believe it would work; however, I want the mount to happen automatically during boot. So, how can I achieve my user (or group) permission goals for this and any other such partitions using fstab?The manpage for mount has been helpful, but after reading many tutorials and forum threads, the only way I know how to do it is to have the user do the mounting or rely on the file-system specific options.
I want to simply mount an ext4 file-system onto a normal mount point in Ubuntu (/media/whereever), as read-writable for the current logged-in user, i.e. me.
I don't want to add anything into /etc/fstab, I just want to do it now, manually. I need super-user privileges to mount a device, but then only root can read-write that mount. I've tried various of the mount options, added it into fstab, but with no luck.
I am trying to setup 2 individual FTP users. They should both have access to the same directory. They both need to be able to read/write into the directory. But, I want them not to be able to write to each other's files (e.g. delete, remove, rename, etc.).
So let's say the shared directory is: /home/ftp/shared/
UserA needs read/write access to /home/ftp/shared/. UserA should only have write access to his own files. UserB also needs read/write access to /home/ftp/shared/. UserB should only have write access to his own files.
It would be a unix box of sorts, but that is the only restriction. I could use whatever software. I am currently thinking pure-ftpd or vsftp but I am open to all ideas.
I was unable to change the permissions for root node and for other users also. WE have tried all the possibilities like chmod and chmod -R 777 filenem. But we are unable to change that.
I am new to writing shell scripts. So, please bare with me. I am currently trying to write a shell script which will read the directory path as input from user and will traverse the Dir tree to find all available audio and video files. I have tried to write as much as I could but I don't know where I am making mistake as I get some files to be audio file which are actully tar balls. On the second note there are some files which video but script shows them to be audio. And, some video files are completely skipped. I am giving the shell script below so that you can see. I am using two external files as source which I am attaching.
Code:
#!/bin/bash #Let's load the extensions that we want to search for vdExt=$(cat vdExtList) adExt=$(cat adExtList)
For a user on a Linux host, I need to make everything inaccessible besides his home directory. I have heard that this is usually done by changing the root directory for the user (and setting it to the user's home directory), however I couldn't find the way to do it.
I thought about the chroot command, but it seems it just runs the specified command, considering the specified directory as the root directory. So it seems chroot is not what i need. So my question is: what is the command which changes the user's root directory?
I have a directory '/usr/local/games/quake4'. I want permissions for the directory, along with everything in it set to: Owner: Create and delete files Group: Access files Others: Access files What would I type in terminal to make this happen?
I wanna make a small web server for local use , I've installed apache, every thing works fine I'm the root
I wanna protect the folder that contain the htdocs files (www), i don't want any users that not in root group to access (not even read)
I changed the permission of the htdocs folder as next
Owner: www (apache user) per: creat , delete group: root per: creat , delete other: none
it only works on the main folder that i changed its permissions ! not all sub folders and files ! were my steps right ? and are their anyway to change all folders and files at once ?
When I log on a root and attempt to issue the command Freshclam to upgrade the virus definitions it attempts or create a new file with a definition name. I get a message stating that the directory isnt writable. The user and group access rights are as follows:
USER = read, write, execute Group = read, write, execute All= read, execute.
The only way I can get around this is by applying a 777 which would be read, write and execute for all. Now, I have a group define with several user ids in it including Root.How do I connect the group with the directory/file so I dont have to apply a 777 access right to group users could issue the Freshclam command.
I'd like to add essentially an anonymous user, which does not require a password. Second I think it's probably a good idea to only give this user very limited permissions, is there a way I can restrict the commands that they can run to a list (i.e. they should be able to run scp, ls, cd, maybe a few more, but not much)?
Or would this sacrifice security in some way? I've been using root only, and am ready to have a seperate account now. It's the dotfiles for GUI apps that I'm concerned about:
Code: -rw------- 1 root root 98 Feb 13 16:23 .Xauthority -rw------- 1 root root 6392 Feb 12 18:13 .bash_history drwx------ 5 root root 4096 Jan 13 17:47 .config drwxr-xr-x 4 root root 4096 Dec 29 21:36 .fvwm drwx------ 4 root root 4096 Nov 7 19:55 .mozilla -rw------- 1 root root 218 Jan 26 10:04 .recently-used.xbel -rw------- 1 root root 98 Feb 13 16:23 .serverauth.17096 drwxr-xr-x 2 root root 4096 Dec 25 12:42 .tuxcmd drwxr-xr-x 2 root root 4096 Feb 12 17:25 .xine
I tried to place a mono icon in usr/icons/etc but I didn't have the permission to do so. I tried to change my user profile to Admin, thinking I could go back to custom, but that hasn't and it isn't allowing me to go back to my previous setting.
Within minutes of being an Admin user I noticed I couldn't even unmount something. I really need to figure out how to change my profile back to default.
After that has been dealt with, I would like some guidance on how to gain root access to put my icon where it needs to be.
I am currently trying to replace my Windows Server with a CentOS 5.3 box running nfsd for file serving. I have it all up and running however I cant see anyway of securing user access rights to the shares as all you need to access them is just clone the User ID of a user authorized to access the share of any Linux system which seems a bit insecure to me? I was wondering if there was any advice on securing access to server shares in CentOS.
I have a problem with my external hdd, I mounted it manually and in the mount table it says ive got rw permissions. But when i try to change permissions it says:
chmod: changing permissions of `whatever': read-only filesystem.
This is my mount table:
[root@localhost ExtHDD]# mount /dev/mapper/VolGroup00-LogVol00 on / type ext3 (rw) none on /proc type proc (rw) none on /sys type sysfs (rw)
I no longer have access to my root desktop. On a session I attempted to change the root username but i apparently assigned it a wrong directory that does not exist. When I rebooted with my new root username, i was instead recognised as a simple user (no root privileges). I tried the console to change to "old" root but root password is not accepted and there is no way to access to sudoer files. it seems that inserting a new username requires root privileges and i am back to square one. Simply logging with old root username and password after restart gives me a blank screen with nothing on it and cannot even reboot.
I want full permissions for all computers in my house, without having to get up and go to the other room and change permissions for the file, then go back to the other room again.
I just created a partition, as THIS user, THIS machine, rebooted, and cannot create a folder on the partition I just created. UGH. No more of this stuff...
I want full permissions for all computers in my house, without having to get up and go to the other room and change permissions for the file, folder, drive, directory, computer, etc., then go back to the other room again.
I just created a partition, as THIS user, THIS machine, rebooted, and cannot create a folder on the partition I just created. UGH. No more of this stuff... I guess at the very least, I'll still have to log onto each machine for this?
I recently got a new external drive and backed all my files up on the new external: movies, music, docs, etc. Now all my files have permission rights to the root only. I was able to change this by open up nautilis from a terminal in root and change the permission on the whole drive to my current user so I can access the files, copy & delete the files. I wanted to change some music file information in Kynamo this morning and was not able to since all the individual files still belong to the root. How can I change this permission issue without having to change each individual file?
I want to have two kind of users in a work machine having ubuntu 10.04,
1) He is the admin, have sudo privilages and install, do all types of work, his username is abhilash
2) A user who is normally a IT administrator, who can just install or remove softwares, but cannot access files of abhilash.
I'm trying to do this and my head is going blank, The problem where i'm stuck is, if IT admin can install softwares, then he can become sudo as sudo su, then he can view my files
So here is a small test i did, first with abhilash.
Code:
Now others and group don't have any permissions! But when IT Administrator becomes root, he can see this file
I'm using an older redhat system (2.6.9-22.ELsmp) here which is running an older mysql (server version: 4.1.12). I don't think that's the source of the problems. I believe that have understood things rightly when I say that the mysql root user is unrelated to the linux root user ... in my case I believe the root user to be the unix user mysql. So when I connect to the server (local host from a local terminal) I use: Code: -bash-3.00$ mysql -u mysql -p and enter a blank password
This gets me on, however I seem unable to do anything like create database or alter privilege. I wonder if its related to my finding no database called mysql? -bash-3.00$ mysql -u mysql -p Enter password: Welcome to the MySQL monitor. Commands end with ; or g. Your MySQL connection id is 11 to server version: 4.1.12
Type 'help;' or 'h' for help. Type 'c' to clear the buffer. mysql> show databases; +----------+ | Database | +----------+ | test | +----------+ 1 row in set (0.00 sec) Although I understand that show databases will not show things I have no priv to see. Does this mean my settings for the users are all screwed? How do I rectify this situation? Some other (perhaps) useful information.
Code: [root ~]# cat /etc/my.cnf [mysqld] datadir=/var/lib/mysql socket=/var/lib/mysql/mysql.sock # Default to using old password format for compatibility with mysql 3.x # clients (those using the mysqlclient10 compatibility package). old_passwords=1 [mysql.server] user=mysql basedir=/var/lib [mysqld_safe] err-log=/var/log/mysqld.log pid-file=/var/run/mysqld/mysqld.pid
So my BASEDIR seems to be nothing like is suggested in the documentation at [URL].
I have no ACLs in place yet but want to use a user called ldap-auth-user to bind to the ldap servers directory from the client servers. However I keep on getting ldap_bind: Invalid credentials (49). Error. I know the UserPassword is correct because I can log into a server using that id and password through the LDAP directory. I am guessing it has something to do with the way I created the account.