OpenSUSE :: Setup Private Git Repository With Restricted Rights On Server Without Root Access?
May 15, 2011
a friend of mine is doing a small website-project in school (group of ~6 people). They want to use git as VCS and need acces to a server. I have an account on the server from university, but - of course - no root access.
I could create private/public keys for them, to SSH into my account, but I don't want them to have this power I found 'git-shell', which seems to be used for restricted access with git (although I'm not sure whether I understood the functionality).
My question is: Is it possible to configure SSH keys in that way, that the server runs them (and only them) in git-shell in a specified directory (using ~/.ssh/{config,authorized_keys})?
So that they can
- log in with their SSH key
- use git, execute scripts etc.
- use git push/pull from their private+school PC
- work only in a specific directory (like chroot) eg. ~/web-project/
[Code]...
View 2 Replies
ADVERTISEMENT
Jun 1, 2010
When I insert some homemade DVDs of a friend, I can't view its contents. DVD works fine on windows XP, but not on opensuse. Dolphin gives an error: access denied to /media/071114_1638.I can't do a chown command because dvd is read-only...And when I do an ls -l I get:
Code:
ls -la /media/071114_1638/
ls: can't access /media/071114_1638/.: Permission denied
ls: can't access /media/071114_1638/..: Permission denied
[code]...
View 9 Replies
View Related
Nov 19, 2010
I want to setup samba on Maverick. This is the case. I have 2 folders want to be shared, freeaccess and restrictedaccess. The freeaccess folder can be accessed by everyone on network. The restritedaccess folder can only be accessed with account named someone. What I want to ask is, how to setup samba that can solve that case...??
View 9 Replies
View Related
Aug 24, 2010
I configure named and stumble upon the following problem: named is serious about user rights, every config file named uses should be named:named. I set rights to named:named as follows, but they get changed to root:named when I restart named as root. The same thing happens with SELinux context. This results in access denied type errors.
View 1 Replies
View Related
Apr 2, 2011
I can't seem to remove rights for a remote root connection. Below you can see that the rights are present before and after the successful revoke command. I am using the correct command.
[Code]...
View 1 Replies
View Related
Mar 26, 2010
I set up a servber on my local machine, & also PHp - Both working fine.I'm trying to load up MYSQL i have installed it, & *can* start/stop the server. however if I do anything else with it, I get this error :-
Quote:
root@gordon-desktop:~# sudo mysqladmin -u root -h localhost password MYPASSWORD
mysqladmin: connect to server at 'localhost' failed
error: 'Access denied for user 'root'@'localhost' (using password: NO)'
Query :-
1) How do I know MYSQL is actually active ? (apart from the message it says that its statrted (or stopped).
2) Is there a way to
a) Find out the usernames that are recorded on the MYSQL server ?
b) set / RESET the 'root' username (I know MYSQL root user is different to PC root user)
c) anything else I can do on the PHP / website code to see if MYSQL is working
(as yet, no tables / databases etc have been set up - as I can't get past this error message - I get the same error when setting up a database.)
Ps I did allow my usermname (when logged in to ubuntu) to edit / create files in the /usr/www/ directory (but it is still OWNED by 'root' - that directory)
View 4 Replies
View Related
Aug 31, 2011
I've got a problem with my usb pen drives. If I put some data inside, from the 2nd time I insert the pendrive in the computer I can't write on the usb pen, I can't change my files, and also they are hidden. I've formatted them with the format/partitioner tool in yast, but I can't solve my problem. This happens with all my usb pendrives and also with the sd of my camera. Is there something that I can do to solve this inconvenient?
View 3 Replies
View Related
Dec 13, 2010
In CGI scripts, there are certain files that are getting "permission denied" when it seems they should be accessible by the apache user. I am running the default package install of apache under fedora. Here is an example:The following is /var/www/cgi-bin/test.pl
Code:
#!/usr/bin/perl
use strict;
[code]...
View 9 Replies
View Related
Nov 4, 2010
system is RedHat v4. I removed root: admin-name@domain from /etc/aliases then ran /usr/bin/newaliases.
The admin does not get the emails but now the email generated by the cronjobs is being sent to my-name@domain outlook email from "root@localhost.localddomain". No other changes were made. Where should I start looking for the definition of sent crontab email to my-name@domain?
View 3 Replies
View Related
Feb 21, 2011
I have a mercurial repository on a secure server, to which I want to grant secure access to an external user.
I added for him a user account and publickey ssh authentication so that now he could push/pull changesets via ssh.
My question is: how can I make this new user account completely disabled from doing anything or accessing any data on the server other than accessing the repository? E.g. he shouldn't even have the possibility to enter an interactive shell session.
View 1 Replies
View Related
May 27, 2011
Problems with launching data files of the nas and saving to them is a kde problem. The dot desktop files have to contain access rights for smb/http etc and even when given these it still will not work. I have mainly concentrated on getting the VLC video player to work as it is capable of playing from just about any source, comes with codecs etc etc. Amazing package really.
Pure K apps such as kwrite at least work fine. I tried setting up samba but to no avail.
As dropping a file into VLC's focus didn't do anything I created a vlc desktop icon and dragged the nas file onto that. It plays and a kde error message pops up from plasma shell - can't find file!
I enable kde automount. The content of that when it starts is disturbing. It shows my system disks a detachable and not attached! No need to worry though. I selected mount on log in and attachment where the server was shown. VLC still wouldn't work.
Next I enable NFS file transfers on the NAS. This has allowed me to use open with directly onto an avi file on the nas. I can also click launch them. Remaining problem is opening files on the nas from within VLC. Up pops the kde message "you can only select local files". The file manager here seems to be an instance of dolphin. This suggest that there is going to be a problem saving files to the nas as well. Looks to be the case. VLC can convert formats and all sorts of things. If I select a file locally and try and convert it and save to the nas up pops the "you can only select local files" as soon as I select ok having set the path and file name.
Strange thing is that working transfers seem to be using CIF even though it took an NFS enable to get it partly working via KDE's automount. Dolphin only allows a CIF set up which has a distinct advantage as a direct ip address can be entered. The automount has introduced a very very long delay before kde is up and running following a log in. Samba is even worse in this respect and both seem to lack a method of direct ip input which means they have to find the server.
One other aspect. As far as NFS is concerned from a very recent post elsewhere nautilus works. Pass on CIF. And of course it's all instantaneous and ok on windows even on vista. Enabling the TV protocol on the nas has confused Vista as it only wants to connect like that and needs drivers. Might also be down to having NFS enabled though. MS might not like that.
I have filed all of this on bugzilla if anyone would like to vote - bug number 695648. Seems to me that the CIFs route should be the default for ease with many users on home networks. I'm also sure that the problem is basically KDE preventing aps from accessing the nas.
View 2 Replies
View Related
Aug 9, 2010
I installed the latest version...Everything works like a charm. I have Windows Home Server 2003 running and would like to access all of my folders. How can i setup OPENSUSE to find/access my Windows Home Server 2003. Can you help me with this. Just to let you know. Am i missing something so i can access them locally.
View 1 Replies
View Related
Feb 12, 2011
Is it possible to give user only FTP access / browsing rights for certain directory within /srv/www/htdocs and prevent same user to browse all other directories, even user's /home directory on that server?
View 8 Replies
View Related
Apr 6, 2010
I need to install Trac on a server that's on a private development VLAN (no internet access). Obviously Trac needs to go out over the internet to download/install various things. Does anyone know of an RPM or tarball out there that I can use to install Trac without being connected to the net?
View 2 Replies
View Related
Jun 5, 2011
I would like to find out if any of the packages installed on my system are from the restricted repository. I would like to get rid of all of them if possible. Does anyone know how I could find out? I am running Ubuntu 11.04
View 1 Replies
View Related
Mar 30, 2010
We are looking to distribute an internal product as .deb files in a private repository and I am looking for a comprehensive guide for doing this.
We are already building the .deb files and now would like to create a (couple ?) of environments to separate out development/testing/staging and production work.
Can I get pointed to:
1. The right place to post this question (if this is incorrect).
2. Assuming this is the right place to ask and a guide exists, a link to the guide to set this up correctly.
3. If there exists no guide, a place where I can start/put a guide.
View 1 Replies
View Related
Sep 16, 2010
I have a LAMP server running. Currently there are not vhosts, just the basic single site apache2 running a web app. I want to set up ftp access to the www root, but my attempts have failed. When I try to ftp using the user I created, I get dumped in the users home directory. I can also browse the entire file system. What I can't do is upload content to the www root. I get permission errors. How can I set ftp up to allow a user to access the www root only?
View 9 Replies
View Related
Oct 20, 2010
I would like to configure an access to folder
/fileserver
for two services : Samba and VSFTPD
How to do it ? How to create folder rights that samba and ftp user will have an access (read/write/delete) to all directories in /fileserver.
My system is CentOS. I`m starting samba and vsftpd like a root (/etc/init.d/vsftpd start etc.)
View 1 Replies
View Related
Feb 25, 2010
I installed git and gitosis as described here in this guide Here are the steps I took:
Server: Gentoo
Client: MAC OS X
1) git install emerge dev-util/git
2) gitosis install
cd ~/src
git clone git://eagain.net/gitosis.git
cd gitosis
python setup.py install
[Code]....
SSH asked password for user git. Why ssh should allow me to login as user git? The git user doesn't have a password. The ssh key I created is for the user expert. How this should work?
Do I have to add some params to sshd_config?
View 3 Replies
View Related
Mar 9, 2011
When I run the command << kiwi-ltsp-setup -n >> the process gets to the point where it starts "Retrieving repository 'http:__download.opensuse.org_update_11.3' metadata" What do I change so that it will read from my local update repository. The local update repository is already listed in my yast repositories while the ttp:__download.opensuse.org_update_11.3 is not.
View 1 Replies
View Related
May 22, 2010
I am running an updated Lenny. Just discovered that as user I am able to add new users via gui:
System > Administration > Users and Groups.
I was under the impression adding new users was restricted to root. Is this is a bug, and if so who do I report this to?
View 1 Replies
View Related
Sep 9, 2010
I backed up my information from 10.4 to an external hard drive before I switched to pinguy using sbackup. Once I installed pinguy, I made sure to download sbackup and hit restore. So far, all fine and dandy, except when it restored my information, it extracted all the information to a new folder in /home, which is root-restricted, so I can't even access it normally. I got annoyed, and just manually extracted the music and documents (which were the only things I really cared about anyway), and now I'd like to delete the 15 or so gigabytes just sitting on my computer, taking up space. The folder being root, I couldn't just drag it to the wastebasket. so I started terminal, entered root, typed rm /home/tmpuWiQlI (the folder in question), only to be told it's a directory and can't delete it! What gives?
View 5 Replies
View Related
Apr 14, 2010
I'm trying to lock down SSH for a particular user who wants to use my server for some development, so I'm making him a little play area.
Problem is I'm having difficulties locking the account down.
I've implemented bashrc which appears to be what I wanted at first, restricting the user to a user directory of my choice, but I now find that firstly the user can't use cd at all, not even cd to directories within the users home directory.
But also I've found bashrc to be pretty pointless security wise because I can just type sh and then do what ever the hell I want? Such as cd / and then ls and see everything on the server.
So I'm wondering if anyone has a solution to this for me?
I want the user to be able to make directories and cd into them in their own user area but not cd .. or / out of their user area.
View 3 Replies
View Related
May 22, 2011
When I do "sudo zypper up" than it gives me error like this:
Code:
Retrieving repository 'openSUSE-11.4-Non-Oss' metadata []
File '/repodata/repomd.xml' not found on medium 'http://download.opensuse.org/distribution/11.4/repo/non-oss/'
Abort, retry, ignore? [a/r/i/?] (a):
But I can access Index of /distribution/11.4/repo/non-oss from firefox browser.(This is old problem from Opensuse version 11.0 when I first tested it.)
See screenshot here:
View 1 Replies
View Related
Jan 12, 2010
i followed this guide, [URL] a few days ago and set up an sftp server no problem. The user can only see what is in there home folder which is only the examples file which is empty. Today i went to set up a 2nd ftp account for my own private use. I have it set up and all, followed exactly what he said the 2nd time around and my 2nd user is not chroot'd. I can explor the contents of the whole drive.
My fist user that works fine is "ftpuser" and the group is "sftponly" just like in the guide. My 2nd user is named "ftptaylor". Now i did have an ftp server set up with vsftpd where i had the same ftpuser account in a different group, but it was jailed to /home/ftpuser. I cant tell you how i did it, i followed a number of guides untill one worked. But could it be that the guide above does not in face jail the users, but just that my user was already jail'd?
View 2 Replies
View Related
May 7, 2010
After years with Linux and using ssh on a daily basis I have to admit I've never setup public/private key authentication and I've never run passwordless logon to ssh. It's not that I've never tried, I have - I've just never got it working. That to me is an almost alien concept as I am a tinkerer at heart and rarely stop until something is working the way I'd like it to. I get the principle of what's going on but I've always had a mental block about it.
View 3 Replies
View Related
Feb 8, 2010
set up a redhat nat router for a classroom we have out main network is 192.168.110.0/24 and we ran out of ip address for all the school computers so i added a nat router to a large classroom with a network address of 192.168.116.0/24 almost everything is working fine except a connection to the ads server with a program called medisoft im guessing my nat is blocking it how can i open up all ports to and from my 192.168.116.0/24 network as it doesnt need any protection
View 2 Replies
View Related
Jul 18, 2011
I have my own 16GB sandisk cruzer flash drive, I've already mounted him and can read on my own user, but I can write on it only using root. how can I give my user Chmod +x on the folder /media/XXX ?
View 7 Replies
View Related
Oct 21, 2010
Quote: The open-source Linux operating system contains a serious security flaw that can be exploited to gain superuser rights on a target system. The vulnerability, in the Linux implementation of the Reliable Datagram Sockets (RDS) protocol, affects unpatched versions of the Linux kernel, starting from 2.6.30, where the RDS protocol was first included.
According to VSR Security, the research outfit that discovered the security hole, Linux installations are only vulnerable if the CONFIG_RDS kernel configuration option is set, and if there are no restrictions on unprivileged users loading packet family modules, as is the case on most stock distributions.
View 3 Replies
View Related
Jun 13, 2010
Having never used it, I did an apt-get remove --purge exim4this morning. Deborphan doesn't show any orphaned packages. But, I see a 44K file lingers as per below.
rooster@royrogers:~$ su
Password:rooster@royrogers:~$ su
Password:
[code]....
View 7 Replies
View Related
