i using policy kit to restrict removable mounting to prompt for root password, but on 11.2, I am unable to do so.i read out, ver 11.2 not longer using hal and policykit, rather sth like freedesktop.org policy.
View 9 RepliesI am using pam module to set password policy in my SuSE linux machine. This is my /etc/pam.d/common-password file:
Now if root user tries to change the password of a normal user, giving the same password, it is throwing an error saying "Password has been already used. Choose another".
Example:
> passwd user1
> password1 (set successfully)
> passwd user1
> password1 (Password has been already used. Choose another)
This should not happen with the root user.
I thought, that "Removable devices" module in KDE system settings supposed to automount removable devices. But when any removable media inserted, absolutely nothing happens.
View 6 Replies View RelatedI was wondering if there is a way to mount a network CIFS share manually to allow it to prompt for password. I've been Googling around and found a couple options. One was to store your credentials in a file and then add the fstab entry to look at the file. I'm not particularly fond of the idea of storing my credentials in a plain text file though, even if I put file permissions on it.Is there a way to mount the share so that it prompts for credentials. The share isn't always online so I want to mount it manually.
View 6 Replies View RelatedI have a requirement of mounting an external usb with NTFS filesystem and allowing restricting its access only to the console user(even restricting access to a single group is fine). I am able to mount the usb by using the attached fdi policy. However, I want the access to be restricted to a single user or a group. Is there anything that I'm missing here. I did search on the internet, but couldn't find anything in this regard
View 1 Replies View RelatedI have a requirement of mounting an external usb with NTFS filesystem and allowing restricting its access only to the console user(even restricting access to a single group is fine). I am able to mount the usb by using the fdi policy below. However, I want the access to be restricted to a single user or a group. Is there anything that I'm missing here. I did search on the internet, but couldn't find anything in this regard.
View 1 Replies View RelatedSo i have a fresh install of the server edition of Karmic, i'm running the Xfce desktop. When I attempt to manage users and groups through the GUI, I am prompted for what I think is the root password, the reason I say this is because the account I am currently logged in has sudo privileges and it does not accept that password at all, but I read that by default the root account is 'locked,' (to be honest it was so long ago since I last installed Ubuntu I completely forgot if it is or isn't, my current desktop installation has su access) is it asking for the root password? why doesn't my current user account password work if the root account is 'locked'? I can perform all other administrative tasks with sudo no problem.
the funny thing is, I have the exact same setup in a virtual machine, the same problem happens, except for some strange reason after changing the password on the only account (besides root), the password required to administer users and groups stayed the same after the change. (at the time of installation I just put both the user and root password the same and now that it is setup), i'm now ready to change the passwords. except now I read that the root account is locked by default, but this strange problem occurs.
I followed instructions to enter single user mode by adding single at the end of kernel line but after that it doesn't ask for root password but brings up the sh# prompt. Isn't that supposed to be insecure? I understand for this the grub password can be applied but even after adding "single" it should ask for root password..or it should not..??
View 3 Replies View RelatedWhen I installed the OS, I wasn't prompted to set the root password. Is this a bug, or did my install hose up?
View 4 Replies View RelatedI just started using openSUSE 11.1 with xfce and my problem is that I cannot mount my external USBs, I get the following message:
org.freedesktop.hal.storage.mount-removable auth_admin_keep_always <-- (action, result).
It seems hal does not give me permission to do this. Am I able to mount using the command line? If so, how?
I want the following behavior in kubuntu 9.04 when I plug a device (USB stick or CD disk):
1. It should be mounted automatically for me. Now it isn't, though it appears in fdisk -l output: Code: Disk /dev/sdd: 8006 MB, 8006926336 bytes
16 heads, 32 sectors/track, 30544 cylinders
Units = cylinders of 512 * 512 = 262144 bytes
Disk identifier: 0x9b12d290
Device Boot Start End Blocks Id System
/dev/sdd1 * 16 30544 7815232 b W95 FAT32 and if I mount it manually, all goes OK
2. If I mount manually my CD disk and then press the eject button on my drive nothing happens until I manually unmount the drive. But I want it to open immediately
All this worked for me in kubuntu 8.10, and broke with the upgrade.
My fstab entries Code: /dev/scd0 /media/cdrom0 udf,iso9660 user,noauto,exec,utf8 0 0
/dev/sdc1 /media/usb vfat noexec,codepage=866,utf8,nosuid,nodev,quiet,uid=1000,gid=1000,umask=077,user 0 0
I want to disable automounting of removable media such as anything on USB, memory cards, and even eSATA. I do want the device node to be set up, but that's it.
View 3 Replies View RelatedIs it possible to remove the "flush" flag when mounting removable disks in KDE4 without recompiling KDE4? Can it be done in some config file(s)? Thanks!
View 5 Replies View RelatedWhen I try and connect to a VNC session from KRDC; and I am prompted for a password, the keyboard just decides to stop working. I can't type anything into the password prompt... Then the keyboard stops working for all other open applications (Firefox etc.). If I close KRDC, it starts working again... Is this a bug? Has anyone else seen this?
View 4 Replies View RelatedI've got a removeable disk which I want to mount on startup automatically at mountpoint "/backupsystem". If' it's not there I would like to have no error message. Actually after upgrading to 10.4 I get the message: Continue to wait; or press S to skip mounting or M for manual recovery.". But I don't wand this if the disk is not there that's OK for me. How would I configure fstab to achieve this?
View 2 Replies View RelatedI've created a /tmp partition on a server that I would like to encrypt in a fashion that doesn't require a password to be entered on boot because this server is in a remote data center. Storing the password on the server so that it can automatically boot would obviously defeat the purpose of encrypting in the first place. Skipping automounting is another option but I'd really like to avoid that because there are a number of other services that would have to be suspended until the /tmp partition is online.
I found this article designed for centos (HowTos/EncryptTmpSwapHome - CentOS Wiki) which seems perfect since it generates a key randomly on boot and that key is destroyed and regenerated on each successive boot. However, the script doesn't seem to work on openSUSE - it throws errors saying . /etc/init.d/functions doesn't exist, restorecon command not found, action command not found, etc. Is there an openSUSE-ish way to achieve promptless partition encryption?
OpenSUSE 11.2 (i586) IBM x3250
Login is taking forever. Nothing is running, server is idle.
Finally get prompt.
Password:
Today i was going through some of security guides written on linux .Under shadow file security following points were mentioned.1)The encrypted password stored under /etc/shadow file should have more than 14-25 characters.2)Usernames in shadow file must satisfy to all the same rules as usernames in /etc/passwd.3)password for application Username should display * if username is not locked.4)If a user is locked it should be displayed as ! as the first character in second field of shadow file.
Confusion for point 1 and 2:Now i m confused as why the encrypted password should be more than 14-25 characters.Also what rules to satisfy How to check it?Confusion for point 3 and 4:There are lot of users with * as second field i guess they are not locked but according to 4th point there are lot of users with ! as first characters.How would i check whether they are actually locked or not.I m posting the output of /etc/shadow and /etc/passwd files for the account.
My organisation is running squirrelmail on a redhat server. When users are created , at that time the admin sets a password. Thereafter the user can login to his account using the password. But he can't change it as is the case with gmail or yahoo mail. Also the password for any account is known to the admin in addition to the user himself - a weak security arrangement !So what I wish to do is provide a way for users to change his password anytime he wants and also during the first login - as is normally done in banking sites, etc
View 14 Replies View RelatedUbuntu Documentation > Ubuntu 9.04 > Ubuntu Server Guide > Security > User Management states that there is a default minimum password length for Ubuntu:
Say the password is to be modified by the user using passwd. Is there a command for displaying the current password policies for a user (such as the chage command displays the password expiration information for a specific user)?
This is rather than examining various places that control the policy and interpreting them since the process could contain errors. A command that reports the composed policy would be used to check the policy setting steps.
I am working on a large program in C to run on Puppy Linux. I have multiple pthreads running. I want to be able to set the pthread SCHED_POLICY and priority in my program but I want a user to be able to run the program without root privilege.
Using a sticky bit and root ownership gives the user too much power because they will be able to write and compile their own scripts. Is there a way to use 'sudo' when I set the thread parameters from my program or something like this?
I am new to using Ubuntu 10.10 that was installed by a friend of mine, but he didn't give me a password for administrator and now when I try to install VLC I am blocked by a password prompt. To make things worse I can't use F1 key, esc key, tab key, 1key (I copy and paste 1 from other pages when I need it). I am at a loss here and all I want is to change the administrator password without validating the current password first.
View 2 Replies View RelatedJust the last day or so, I've noticed a long pause when I boot my laptop, with lots of disk activity. dmesg says:
[Code]...
Why would there be a 15-second pause (during which the disk is slammed) between mounting root and mounting swap? During this time I see nothing but a blank purple screen, there are no cycling dots or text scroll. Is this normal and I'm just freaking out over nothing because there's no indicator of progress? GRUB default boot options: quiet splash nomodeset video=uvesafb:mode_option=1920x1200-24,mtrr=3,scroll=ywrap vt.handoff=7
I'm having some problems with a hosted openSUSE 11.2 server. It was running fine until I did a "zypper up" to apply patches. This included a kernel update.
On reboot the root partition does not mount the / partition giving the following error:
Unrecognized mount option "defaults.noatime", or missing value mount: wrong fs type, bad option, bad superblock on /dev/md2.
Through an Ubuntu rescue disk (this is what Hetzner provides) the disk can be mounted without problems.
( I installed a fresh openSUSE 11.2 with a similar configuration and got the same results after the update)
The server is a hosted installation from Hetzner in Germany with just the basics for LAMP setup.
The disk setup is as follows using software raid1:
swap /dev/md0 (/dev/sda1 /dev/sdb1)
/boot /dev/md1 (/dev/sda2 /dev/sdb2)
/ /dev/md2 (/dev/sda3 /dev/sdb3)
there is a way to mount, encrypted partitions as a normal user and not as root so that i may copy files into it using the file manager itself? even in the case of normal partitions other than /home, i can't seem add any data in them. the mount points i used are seperate directories within the /home partition?? also, is there a way to create partitions in such a way that it can be accessed, just as how windows partitions are accessed in linux?
View 9 Replies View RelatedRecently set up root encryption with a couple of LVM volumes inside one LUKS volume, and I am just a little confused as to how I would go about getting it to automatically unlock using a keyfile stored on a USB flash drive, I presume I would have to put the drive in the fstab inside my initramfs (if there is one), and add a hook for USB device support.
But I digress, essentially, I want to know what I have to do to enable my LUKS volume (containing all of my partitions sans /boot) to unlock using a keyfile stored on a USB flash drive, rather than a manually entered passphrase.
how do i switch from root (#) to normal non-root prompt($). I'm new to linux
View 3 Replies View RelatedI have some users authenticated with AD and some locally, I want to allow only local users and root to change their password with passwd, not users authenticating over AD - so far I have this in my /etc/pam.d/passswd file
password sufficiant pam_unix.so shadow nullok audit
password required pam_echo.so
You CANNOT change your password using the Linux passwd command
[code]....
This works fine in allowing my normal users to change passwords and my AD users to be blocked, however, root cannot change passwords - the pam_rootok module seems only to work for auth - is there a way I can define root as a sufficiant check for password?
openSuSe 11.2/Pidgin 2.6.2/KDE4.3.1 Have seen various threads about this, but no real fix. Everytime I start Pidgin I get the annoying prompt to "Enter password for default keyring to unlock".
View 9 Replies View RelatedIf there is a general NFS share in the LAN and for example this share has three files - a, b, c is there any way to restrict file access to the root user of e particular host(falcon) in the same LAN environment while the normal users from the same host(falcon) should be able to access the NFS share & files a, b,
View 3 Replies View Related