General :: Block A Specific User To Run SSH And Leave Him The Access To FTP?

Jun 19, 2010

I run the openssh daemon on port 22 and have the proftp running on port 21. I would like to block SSH for a specific user.I use proftpd.I would like to prevent the SSH access for this user and leave the FTP working for this user specific.Into /etc/passwd, I tried to change the /bin/bash to /bin/false, but this blocks both SSH and FTP access for this account.

View 3 Replies


ADVERTISEMENT

General :: Providing Permission To Specific User To Access NFS Share?

Oct 11, 2010

I have two machines between which I need to share a folder.On server1, I have the user 'appuser' that needs to access (read/write/delete) on this share.On server2, 'root' accesses this share and writes to it.I have the following in /etc/exports on server1:/home/app-share 999.999.99.99/28(rw,insecure,sync,no_root_squash)where the number is the IP address. How can I change this to allow 'appuser' access?

View 1 Replies View Related

General :: Administration - Managing SAMBA Shares And Giving User Specific Access For The Shares

Jul 28, 2010

I am working as a Linux administrator in a very small data centre with 5 servers with following routine tasks.

1. Managing SAMBA shares and giving user specific access for the shares.
2. Scheduling backup of some mount points with rsycn to store data in remote hard disk
3. User and group administration, with sudo access.
4. Creating and Managing Xen Virtual machines and giving access to other project teams.
5. Automating some tasks with Shell Scripting.
6. Managing FTP server for user uploads.

I have practiced a lot in my home laptop without RHEL training, Cleared RHCE and LPIC1. I want to do some advanced system admin tasks, but do not have option in my current data centre. With Above skills is it possible to get a job ?

View 9 Replies View Related

Server :: Sendmail: Block Specific Sender To Specific Recipient?

Oct 1, 2009

I'm trying to configure our mail server to block email from a specific sender reaching a specific recipient. In other words, if one of our employees is getting harassed by a 'stalker', how would one go about blocking, at the MTA (Sendmail) level, a specific sender email address from reaching a particular users inbox? We do not want to capture the email - simply block it before it consumes server resources.The Sendmail server (MTA) is a front end to our Exchange server so no user accounts exist on the Linux server. We simply use it as a SPAM and Virus scanner then forward clean email to the Exchange server.

View 6 Replies View Related

General :: Block A Specific MAC Address?

Feb 5, 2011

how to block a specific MAC address

View 2 Replies View Related

General :: Any Way To Block Specific Websites?

Jul 28, 2011

How to block unwanted sites.

View 1 Replies View Related

General :: Block A Specific Content Using Squid?

Aug 24, 2010

In Iran there is a famous "access denied page" that redirects you to a strange page with a lot of HTML errors and lol, telling you RTFM about ridiculous Internet laws.I want to filter the contents of the page, because the page IP, URL, ... are all unknown.I don't know much about squid configuration scripts.I can read but cannot write

View 1 Replies View Related

General :: Display Specific Block Of Contents Or Lines In Output?

Apr 23, 2010

Consider a situation in which you want to display only specific lines of contents from a file or of a command's output. Yes, we have head and tail commands. But, how to view all the lines of a file except the last one or vise versa when we don't know the count of lines in advance?

Consider this output:

Code:

[root@localhost ~]# ps au | grep bash
root 6316 0.0 0.0 4672 1440 tty1 Ss+ Apr22 0:02 -bash
root 20847 0.2 0.0 4672 1432 pts/0 Ss Apr23 0:12 -bash
root 21167 0.0 0.0 3920 660 pts/0 S+ 01:00 0:00 grep bash

Here, I don't want the last line (in italic) to be included in the result since the last line is due to "grep bash" in the devised command "ps au | grep bash". Well, we can rewrite the devised command:

Quote:

"ps au | grep bash | head -n 2"

But, again, here we are specifying the count of lines to be included. But, in the presented problem we don't know any count in advance!

View 6 Replies View Related

Ubuntu :: Giving A Specific User Permission To Start/stop A Specific Service?

Jun 8, 2010

How do I give permission to a logged in user to stop/start a specific service without entering a root/sudo password? So they can do a simple "service SomeService stop|start" It is for a headless Ubuntu server.

View 5 Replies View Related

Ubuntu :: Allow A Specific User To Mount Or Remount A Specific Partition?

Jun 9, 2010

my system I want user1 and only user1 to be able to mount and unmount a specific partition, this partition contains backups and is usually mounted read only, needs to be temporarily mounted read/write by user1 while doing the backup.user1 is an unprivileged user. I've read that the user option will let any user mount the file-system (and only that user can then subsequently unmount it) and that the users option allows any user to mount or unmount the file-system.I also found this in mount's man pageQuote:The owner option is similar to the user option, with the restriction that the user must be the owner of the special file. This may be useful e.g. for /dev/fd if a login script makes the console user owner of this device. The group option is similar, with the restriction that the user must be member of the group of the special file.So it looks like I'd need a login script for that user to make the user owner of the device file (/dev/voiceserv/backup in this case)

View 7 Replies View Related

General :: Block Access To Web Sites ?

Apr 8, 2010

How to add parental control like { block web site access, restricting login access for particular time, restrict web access} for particular user accounts in Linux.

View 5 Replies View Related

General :: Possible To Block Root Access?

Mar 17, 2011

it possible to block root access to a particular directory.

View 7 Replies View Related

General :: Block Outlook User To Send Mail?

Jun 19, 2010

I am using Qmail mailing system. Now I want to block the outlook users to send mail(SMTP). I think it can be done through qmail smtp relay option.Is it the right way to block SMTP for outlook users??

View 3 Replies View Related

General :: Block Access To A Website On Lucid?

Sep 1, 2010

I am trying to block a few websites on a lucid lynx, I tried editing /etc/hosts and that blocks access via url but the site still open if I enter the ip on the browser, how can I block ip access also? (without using any extra software besides what linux 10.04 have by default)

View 1 Replies View Related

Ubuntu :: Block IPs When Hitting Specific URL?

Feb 11, 2011

I've noticed in my Apache logs a lot of hits to a specific URL on my server. The thing is, the URL is invalid and returns a 404. Every hit has a different Agent ID (things like Windows NT 4 and IE 8, Mac OS and Safari, Windows 7 and Mozilla, etc) and usually a slightly different IP address. If you browse the URL with Chrome/Firefox, it gets reported as potential phishing activity - despite it only returning a 404 error.

I blocked a range of IPs with IPTables which worked for a while, but I can see the IP address has changed again (outside of the range I set) and is generating logs again.

Is it possible to automatically block any IP attempting to access this specific URL?

View 1 Replies View Related

General :: Run Application Or Boot As Specific User

Apr 18, 2010

I have a need to run a specific app as a specific user when the machine boots into init 3. I can not run this as root so I need to specify a user. Can someone tell me how to accomplish this?I usually have to log in and start this application by typing check -D which starts this app and daemonizes it. I want to be able to run that at boot with my normal user not root.I hope I explained this correctly.I have added it to rc.local but it runs as root.

View 3 Replies View Related

General :: Disable Telnet And Ssh For A Specific User?

Nov 12, 2010

I am looking for a way to deny telnet and ssh to one specific user. So far I've only tested with telnet and my attempts have been limited to various hosts.deny entries:

in.telnetd : user@server
in.telnetd : user@server.domain.com
in.telnetd : user@IP_address
in.telnetd : user@.domain.com

None of these work. The only thing I've found that does work is:in.telnetd : IP_addressBut this is only a semi-viable solution because we will soon have multiple logins for the one username from different servers and sub-nets. Ideally, I'd like to be able to deny telnet and ssh access to this username regardless of where the login originates. I suppose it would be possible to specify each server IP, but that'll be a bear to maintain

View 7 Replies View Related

General :: File Permission To Specific User?

Jan 13, 2011

i have created a file (by root user) called test.txt. Then i created a user bob. Now i want only bob to read/write/execute this file and no other user shall have any permission on it.

View 3 Replies View Related

General :: Starting VNC Upon Boot-up Using Specific User

Oct 27, 2010

So right now VNC is starting a session using :1. When I connect to that session, the terminal is logged in as root. I'd like for the terminal to be logged in as a different user as some of my end users are going to be using this and don't require such privileges. I found that I can "su" to a different user and start a new VNC daemon on :2 and when I connect to that session, the terminal is logged in as that user. What I want to do is get that to run at boot-up.

View 4 Replies View Related

Networking :: Generic Way To Block Specific Port?

Jul 9, 2011

Recently I discovered that we were accidentally running a POP server (port 110), when we only should have been running the encrypted version thereof (port 995). This wouldn't have been a problem if the port was blocked in the first place. I had wrongly assumed that any port NOT specifically listed in one's firewall rules (CentOS 5 with default iptables installation) would be blocked. I thought you had to add a rule to /etc/sysconfig/iptables in order to open up a port. Apparently this is NOT the case. So is it true that if I install some random software that starts listening on any number of ports that I have not specifically mentioned in /etc/sysconfig/iptables that it will not be blocked - it will work right away?

Anyway, I guess two questions:
1) What's a generic way to block a specific port? I use rules like this to "open" ports (although is this not needed if they're open anyway?)
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 995 -j ACCEPT
What's the analog of this kind of rule to *block* a port?
2) Is there a better way to configure iptables to block all ports that are not mentioned in its configuration? Is that dangerous? (will it block things that I don't want to block?)

View 3 Replies View Related

General :: Setup A Proxy Server To Block Access To Some Websites?

May 22, 2011

i was tasked to setup a proxy server to block access to some websites. i'm using centOS 5 and Squid 7:2.6 STABLE21-6.e15...i appended the following and tested the configuration with the supposed server i am using and the it does seem to work but now i'm wondering how i can test it with a client computer..i have 2 LAN cards and i just connected the other to one PC (can a direct connection work or does it need to pass thru a switch or hub)...i just can't figure out how it should be... how do i configure the 2nd LAN card to use this computer as its proxy server?

View 8 Replies View Related

General :: Setting Permissions For Specific User And Groups?

May 25, 2010

i wonder, why nobody has written about it ...

How can i grant permission for files to specific user or specific group ??

Updated:

We have 3 groups: "g12" ("u1" and "u2), "g34" and "g56".

"g12" should only read the file.

"g34" should write and read it.

"g56" should have all permissions (rwx).

And others should not access the file at all.

View 3 Replies View Related

General :: Create Unix User With Specific Requirements?

Aug 1, 2011

It should not have any /home/. It only can access a folder and that folder is home default for this account.

Details about my usage: We have a simple folder which contains demo code and we want to create a user to read this folder only

View 2 Replies View Related

General :: Add User With Specific Home Directory That Already Exists

Apr 9, 2010

Im trying to add users to my nfs server with a specific home directory that already exists. Can this be done? I've done some research on google and other forums but cant seem to find the answer.

View 7 Replies View Related

General :: Setting Up User To Use Sudo For Specific Commands?

Jan 17, 2011

I did some digging on the sudo command and I do know the config file is /etc/sudoers Read the manual for sudoers and found out that I must use visudo to edit the file I read some of the examples at the bottom of the file and tried entering my own account in following the example. one of the commands I was trying to allow my account to perform without root login is the mount command So I tried adding this in (kreid8 /bin/mount ALL) I then saved & exited the file and logged out of root and tried sudo mount -t vfat /dev/sdc1 /media. I got an error saying I had to be root in order to do that But when I use the visudo -l option it shows that I have that privellege. Did I edit the file incorrectly?

View 6 Replies View Related

OpenSUSE :: Can Apparmor Block Execute Any Program In A Specific Dir

Jun 10, 2010

prohibit execution of any program include shell command, only be profiled program could be executed, can apparmor do that?

View 5 Replies View Related

Networking :: Block Specific Websites - Preferred Method ?

May 19, 2010

I'm trying to block specific websites, preferably using a portion of the url.

For example, if blocking [url], [url] would also be blocked. This implies that simply blocking a single IP using iptables would not work well.

The names to block will be somewhat dynamic, so a list specification would be ideal.

In my case, the LAN has a mix of linux and ms machines, and they all use a linux gateway currently running dnsmasq.

I find suggestions from using /etc/hosts (might work with yp, but not ideal) on the gateway machine, through to using squid on the gateway machine.

View 9 Replies View Related

Security :: Block Computer From Connecting To A Specific IP Address?

Feb 13, 2010

I was taking a peek at the active connections shown by the Firestarter GUI and noticed the following (the source is my computer):

SourceDestinationPortServiceProgram
192.168.0.11266.235.133.4280HTTP

I closed all Internet related apps and the connection persisted. After a reboot it did not reconnect (yet).The IP address appears to belong to esomniture.com - some sort of web analytics company. How do I prevent my computer from connecting to these rascals. I have found a lot of documentation regarding stopping inbound connections to services on my computer but not the other way. I have various filtering addons installed in Firefox however, this connection seems to be at a lower level as no program is specified as being responsible for the connection.

View 8 Replies View Related

Programming :: Count Specific Entries Inside A Block?

Jul 15, 2011

What I want to do is from a file having block like

<event>
8 3 0.2685416E-02
2 -1 0
21 -1 0

[code]...

The first line after the "<event>" is its process-id, so I would like to have at the end a summary of how many "event" block I have for each type, ie how many

6 1 0.2685416E-02

or how many

7 2 0.2685416E-02

etc etc

I do not know in advance how many different-kind of block I will have, so it has to be a bit smart to scan the file, and make an new "summary" info for each unique type I was using something like

awk '/<event>/,/</event>/{if ($3 -eq 0.2685416E-02 ) { print $1" "$2" "$3}}' file > out

and then

grep -c "$1" "$2" "$3" but with no success since my awk commands prints all lines of each block

Suppose, that in advance I do know the $3, ie the 0.2685416E-02 which is a kind of weight

View 8 Replies View Related

General :: Give User Access To Directory In Another User's Home

Mar 8, 2010

I'm developing an application in which one user must run java software that I'm compiling as another user. I wanted to give user A permission to see the bin direcory of my workspace, which is in the home directory of user B. I was wondering how can this be done? I gave the bin direcotry full read/execute premissions, but since it's in my home directory user A can't navigate to it.

I know there are a few ways I could get around the problem but they arn't very elegant. I was wondering if there is a simple method for giving a user access to a specific directory without giving access to all the parent directories. I tried symbolic link but user A still can't access it, and a hard link to a directory isn't allowed in Linux. I don't feel like making a hard link to every single file in the bin directory, and I'm not sure that would work anyways, since every recompile overwrites them.

View 7 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved