For a user on a Linux host, I need to make everything inaccessible besides his home directory. I have heard that this is usually done by changing the root directory for the user (and setting it to the user's home directory), however I couldn't find the way to do it.
I thought about the chroot command, but it seems it just runs the specified command, considering the specified directory as the root directory. So it seems chroot is not what i need. So my question is: what is the command which changes the user's root directory?
I am using mint 8 for a 2 weeks, I am noob to linux but I like Mint than any other linux distro which is great alternative to windows. I have a problem regarding password reseting.
1. My laptop automatically get logged in without asking user name and password.
2. I tried to change password for newly created user and root user using graphical way but it does not work.
2. I can perform administrator task using only OEM user which is default inbuilt user of mint.
How can make my laptop to ask password when mint get booted? How to change password for other users?
Is It possible to change a process running in root-user to non-root-user by setting suid / uid / euid / gid etc... I so please instruct how, when and wat to set in order to change a process running in root-user to non-root user
Im trying to run this program and they say I should not run it as root but as a diff user. how to change from root to dif.user. I am using linux CentOS 5.5. Is it a terminal command? How do i create a diff user and log in as it?
When I log on a root and attempt to issue the command Freshclam to upgrade the virus definitions it attempts or create a new file with a definition name. I get a message stating that the directory isnt writable. The user and group access rights are as follows:
USER = read, write, execute Group = read, write, execute All= read, execute.
The only way I can get around this is by applying a 777 which would be read, write and execute for all. Now, I have a group define with several user ids in it including Root.How do I connect the group with the directory/file so I dont have to apply a 777 access right to group users could issue the Freshclam command.
How do I change user's home directory, because right now everything saves into File System and it's almost full(I got windows and Ubuntu installed in the same partition), while the other 120Gb filesystem is unused..
Or would this sacrifice security in some way? I've been using root only, and am ready to have a seperate account now. It's the dotfiles for GUI apps that I'm concerned about:
Code: -rw------- 1 root root 98 Feb 13 16:23 .Xauthority -rw------- 1 root root 6392 Feb 12 18:13 .bash_history drwx------ 5 root root 4096 Jan 13 17:47 .config drwxr-xr-x 4 root root 4096 Dec 29 21:36 .fvwm drwx------ 4 root root 4096 Nov 7 19:55 .mozilla -rw------- 1 root root 218 Jan 26 10:04 .recently-used.xbel -rw------- 1 root root 98 Feb 13 16:23 .serverauth.17096 drwxr-xr-x 2 root root 4096 Dec 25 12:42 .tuxcmd drwxr-xr-x 2 root root 4096 Feb 12 17:25 .xine
I was unable to change the permissions for root node and for other users also. WE have tried all the possibilities like chmod and chmod -R 777 filenem. But we are unable to change that.
I no longer have access to my root desktop. On a session I attempted to change the root username but i apparently assigned it a wrong directory that does not exist. When I rebooted with my new root username, i was instead recognised as a simple user (no root privileges). I tried the console to change to "old" root but root password is not accepted and there is no way to access to sudoer files. it seems that inserting a new username requires root privileges and i am back to square one. Simply logging with old root username and password after restart gives me a blank screen with nothing on it and cannot even reboot.
I need to edit the system time as a not-root user. I am carrying out the following actions in my program.
1. Read the User Id of the process. User_ID= getuid() 2. Printing Capabilities(Permitted, Efffective, Inheritable)of the process 3. Setting UID = 0, using setuid(0) 4. Calling the prctl(), function to keep capabilities 5.Switching the UID from root to User_ID of the process 6. What we have now is a process with root capabilities as a non root user 7. On printing Permitted, Effective, Inheritable capabilities, I get the following --> Permitted = 0xfffffeff = Effective Inheritable = 0x0; with UID = 1001; 8. I then try and set the system time with --> system("date -s 10:00"); 9. I get an error: date: cannot set date: Operation not permitted 10. I am unable to understand as to why I cannot set the time even thought the capability bit CAP_SYS_TIME in the Permitted and Effective sets are SET.
I am trying to create a jailed shell for a user Don($UID '500') using my own method(I don't want to use any ready-made "jailkit"). The user don should get a home directory /jail/don instead of /home/don when he login via SSH (So that he will not able to see any other files/directories on the system)
This is what I have done.
Quote:
Code:
It works without any issue ....Home directory changes to /jail/don when I ssh to the system as user don. ie: #ssh don@192.168.0.66
Then I added a chroot command to this code.
Code:
Unfortunately , now I am getting an error message saying that "chroot: cannot change root directory to /jail: Operation not permitted" .. I am not sure how to rectify this error... Is my approach correct to get a jailed shell using /etc/profile file ?
Today I found something really interesting (at least to me) on one of our test servers:
I can change into an existing directory from my actual working directory using a relative path, but that very same directory is not listed when using ls -a.
Here is the shell session (as root):
$ pwd /you/are/here $ ls -a . .. <-- Note: "somedir" is not shown to root $ echo $CDPATH
[Code]....
I had checked the automount thing mentioned by Gilles, but as I had changed to somewhere and issued a mount|grep somewhere there were no output.
Here is the lsattr and strace output as suggested: [URL]
I did a fresh fedora install and have overwritten the root user directory ( /root) with a backup of a previous install. Now I cannot log on through the login screen with the root user password. I can login su - as root on the command line with the password OK.
I need to create an SSH user that can only access the directory I would specify for them. For example, I've been able to execute the following: useradd -d /home/me/directory_for_this_user someuser
So when someuser logs in they get into this directory. Problem is that once they log in they can simply execute: cd / and navigate through all other directories which is a security risk.
How I could limit someuser's access to only /home/me/directory_for_this_user and its subdirectories and nowhere else in the system?
I often put together complete computers from spare parts. When I do, I put Linux on them and put my name as the root user. However, I don't build these to keep them for myself.....I usually end up giving them away to someone who needs one and can't afford to buy one. What I would like to do before givi9ng them away is to change the root user name to their name. How can I do that? CAN I do that?
I have newly installed Ubuntu server 9.10 in my server machine.And it has tomcat6 in itself.My friend have built a Java software in Fedora ,and he wants to move it to the new server.But problem is the directory structure is different between two systems.He has to either change his directory setting in his software or change the default tomcat6 ROOT directory. But I have not find any configuration file can do this job(change the tomcat default ROOT directory ).
I've been using Ubuntu for over 5 years. This time I decided to upgrade UNR to the latest 10.10. I am now running it from USB to try it before installing. Excuse my ignorance, but whatever happened to the Terminal? I cannot find it anywhere! I think this release is not going in the right direction if one of the most important tools in Ubuntu is hidden from an average user.
Also, how do I change to the root directory in the files and folders? or at least to the higher directory structure.I won't be installing UNR 10.10 unless I figure out these BASIC things.
I am running Fedora 12 as Guest OS in VMware Player. I installed Fedora 12 by using a Prepackage VM . The root user name and p/w was supplied by the person who made this appliance. Is there way for me to change root user name and pw
I updated my lucid alpha testing (64 bit)install after which I am unable to boot into any of my Ubuntu installs(sda11 has a dedicated Burg partition and sda10 has the stable karmic (32 bit)install and sda9 has the testing lucid install) Now I am trying to recover (rewrite Burg or at least grub2 on the MBR) my installs
This is what happens custom@custom:~$ sudo mount /dev/sda10 /mnt custom@custom:~$ sudo mount -o bind /dev /mnt/dev custom@custom:~$ chroot/mnt
[code]....
i tried a slightly different code with little success
custom@custom:~$ sudo mount /dev/sda10 /mnt mount: /dev/sda10 already mounted or /mnt busy mount: according to mtab, /dev/sda10 is already mounted on /mnt
[code]....
I also ran a whereis for bash and it also is there
I followed these steps to add a client to my active directory domain, everything is working as expected except that when a username has whitespace it creates a directory in /home with whitespace and gconf fail to access his config dir in the user's home. KDE also fails to start but I don't know what's failing yet. I found that the easiest way to fix these issues is to replace whitespaces by underline in homepaths so I changed the pam_mkhomedir source to replace the whitespaces and save it using the usermod command. It should work but is not... the reason is that I can't change the user data using the usermod because domain users are not in /etc/passwd.
I'm trying to make it so that when a user logs in they are forced to stay within a certain directory structure. For some reason what I am doing is not working properly.Here are the relevant file informations:sshd_config:
I have Slackware 12.2 installed on my computer, as well as a Windows Xp. I have a hard drive named '/fat-d', which is formatted to be 'fat' and is normally used under XP. This drive can also be accessed under Slackware, both as root and the normal user.I can not write to the directory '/fat-d' when I am not root, it is normal since 'ls -l' shows that its owner is root and other users have no permission to write. The problem is that, when I tried (as root) to change the owner to the normal user:# chown [normal_user_name] /fat-dI got an error: chown: changing ownership of '/fat-d/':Operation not permittedBut how can the root have no permission to change the owner?
This is my 6th install of Fedora, begining with Fedora 4 I have had very good luck with all until 9 and I lost all data on drive by my bad clicks in a frustrated session. Now I have a great install of Fedora 10 with the exception that I fouled up and typed in a user (myself-'andybill') and am finding out that the work I need to do cannot be maximized by operating in user - andybill, I need to be super user. I have just moved and have not done any collaboration with our senior partner in a data development start up that he is the intellectual property in deed and law. For me to get back on track my using this OS I have to be master of all libraries, drivers etc. I am a nu-b (only 2 1/2 years, with no computer science background. This explains why I need step by step commands without abbriviated lingo-So if I can remove myself as andybill, make all root
I just tried ubuntu 9.10 in recovery mode i came to know that i can change root passwd without knowing the password then i can change password of every user by logging in as root
I have a machine which has only /opt with some decent amount of space where I can install a software. /opt belongs to root:root. The software I want to install cannot be installed as root user.
So lets say I create a directory called /opt/install1 and then chown -R install1 to belong to user1. And now I install the software under /opt/install1 with user as user1.
Is this a best practice violation? There could potentially be just /opt/install1 belong to user1 and in future everything else created under /opt belonging to root..