I read somewhere that 'sync' and 'who' commands in linux should be disabled. While i can understand that for the 'who' command, why so for 'sync'?
I can find sync and who as one of shell commands, whereas also in /bin/sync and /usr/bin/who. Are the shell commands and those in bin directory meant to serve the same purpose?
Finally, how can i disable these commands?
I live in Egypt and we used to have Daylight Saving Time in this time of the year. But due to some political conditions, this decision was revoked and we are not using DST this year. The problem is that my Redhat 5.6 machines, configured to the timezone Africa/Cairo has already set the DST (UTC+3). The current time in Egypt is UTC+2. Of course I can manually set the time but the servers are set to sync automatically with an NTP time server so that time gets synced automatically whenever I try to change it. I want a way or another to disable DST switching.
View 4 Replies View RelatedI am learning SELinux from LinuxCBT and I'm stuck at one place. Now video is on RHEL 4 (so tell me if things has changed since, cause I can't find anything related) shows how to disable SELinux security on httpd.first I don't know diff between initrc_t and uncofined_t; and second I don't know if something is wrong is everything is all right.
View 1 Replies View RelatedI want to restrict some of my Operating System users running unwanted commands. I just want them to run specified commands only. How can i achieve this?
View 9 Replies View RelatedI need to launch a bash file in Linux from an unprivileged user session, file that will run bash commands as root. But I do not want to create an user with root privileges to do that also the process must be silent (no password asked).
How can I do this without adding a user in sudoers and without giving rights to all users to execute the commands from that bash file?
I have tried SUID option witch would had been good as functionality but I understand that SUID doesn't work for script bash files.
is there a way to monitor use of rm, cp and mv commands? (other than in history)... i would prefer if it were logged in /var/log directory with time and command (with its arguments).
View 5 Replies View RelatedI want to get a of log all the commands executed by the root user with the following details :
incoming ip
username (thru which su was executed)
time and date
all the commands executed as mentioned above.
Also if user has managed to login as root, he should not be able to disable / delete the above info. Can this info be collected at some other physical server ?
I've firewall machine customers connect on it then connect to one of another 3 machines as root through ssh key , is there any way to know which user connect to which machine and what command that he has executed without using script command ?
View 1 Replies View Relatedtrying to devise a new sudoers configuration while building a new SOE and would like to force everyone (including system administrators) to use rootsh in favour of doing things like sudo -s, sudo bash, sudo tcsh and so forth. Effectively, use sudo to use any shell other than rootsh. Is there a way to allow users to run anything they want except shells. I realise this is a default permit which inherently is defective, but I'm not convinced that going through the 1559 executable commands of my (as yet incomplete) built system to decided on the likely 1000+ commands I would want to be genuinely allowed. As I said this is for system administrators first, and I'd like to forcibly instil the habit of sudo <command> or using rootsh to get an audited shell. But I know people are already not doing enough sudo <command> as it stands, rather they switch to bash.
View 7 Replies View RelatedI need to launch a bash file in Linux from an unprivileged user session, file that will run bash commands as root. But I do not want to create an user with root privileges to do that.
View 10 Replies View RelatedI am trying to set up an automatic backup using rsync and a publickey SSH, which requires using an empty password on the private key. I would like to lock down the key on the server so that it can only run rsync, but my attempts to use a forced command (or any other option such as no-port-forwarding) do not appear to have any effect when I run ssh -v.
I am currently debugging using the following line in ~/.ssh/authorized_keys
Code:
But when I connect, it opens up an interactive command prompt and does not display the "goodbye world" that I expect.
I am running an OpenSSH server on Ubuntu 10.04
I followed this thread:[URL]...When I get to this part:sudo genprof firefox it does not work in the terminal. Is this still supported for Ubuntu 11?
Also, I installed the profiles. Is something supposed to happen now or do I need to configure them?
sudo apt-get install apparmor-profiles
how to prevent the execution of the following commands or how to set a policy or rule that prevents the execution of the following malicious commands
dd if=/dev/zero of=/dev/sda
rm -rf /
Senario is we have a system where root has authorised keys set up so that it can do a passwordless ssh to $WORKSTATION. I then need to run a script on $WORKSTATION as user "bob" and NOT as user "root". I do not want to set up user "bob" to be allowed passwordless ssh so any ideas how I can do this?I have tried variations of (as user "root"):ssh $WORKSTATION "su - bob; ./my_script"
View 5 Replies View RelatedI am using Fedora 14, I need to change the directory of a folder(myweb) from "homeuserdesktop" to "varwwwhtml" . Please give the Fedora commands to do this.
View 2 Replies View RelatedOk, so I have a few web apps that need to run shell commands. Heres a great example of one:
Code:
This is a PHP script getting my system volume. Herein lies the problem... www-data doesn't have permission to do this!
I changed my apache config to use MY account as the web user, and it does in fact work the way I want it to.
Obviously, I dont want to leave apache running as me, and want it to keep using www-data.... heres my question... how can I give permission for www-data to execute certain programs?
I am running karmic koala with a recent install of snort 2.4.8.1(build 3 and i am at a loss for useful commands in solving an internal problem(within the network).All i have is `"sudo snort -v -i wlan0" on my very short list of useful commands regarding ids.It is doing little to no good in resolving my problem with a network snoop besides showing that it is running;i need some more weight (knowledge) in order to rectify the problem?
View 4 Replies View RelatedIs there a way to modify the ssh_config and sshd_config files so that a user can scp but will not be allowed to ssh. I have done a search and found a tool name scponly but I really do not want to install anything. Most of the books I have only discuss how to use ssh.
View 3 Replies View RelatedI use jpilot on opensuse 11.3 64bit to sync pim data with my Palm Treo 680 via bluetooth. This worked fine until today. Now I get the following error message when I try to sync: Syncing on device bt: Press the HotSync button now dlp_ReadSysInfo error Exiting with status YNC_ERROR_PI_CONNECT Finished.
The last successfull sync was on the 20th October and today is the 24th October. I did not change any settings in jpilot or on my palm device. So I guess there must have been an update of opensuse which causes this error. But I do not now how to look up the updates during this period or how to undo them. Was there an update between the 20th and the 24th Oktober, which might affect either jpilot or bluetooth functionality?
I've discovered Firefox Sync a while ago, and it's absolutely awesome. Now of course I'd like most of my software to work this way! So is there a way to get the same behavior with Thunderbird?
View 1 Replies View RelatedI've got Ubuntu One syncing a single 25MB folder on 4 computers. On one of these computers, the ubuntuone-syncdaemon process constantly pegs the CPU, using from 50-80% long after any sync-able files have been modified and successfully synced. The process is only using 8.9MB of RAM.
Specs:
Ubuntu 10.04 (lucid)
Kernel 2.6.32-24-generic
1000.8 MB RAM
Pentium 4 2.53GHz
Free disk space: 280.9 GB
System monitor shows 56.8% total RAM usage, 15.4% swap file usage.
Audio sync method. "Stretches/squeezes" the audio stream to match the timestamps, the parameter is the maximum samples per second by which the audio is changed. -async 1 is a special case where only the start of the audio stream is corrected without any later correction.Searching the net makes one believe that this command is just some sort of magic.People just put it in the line and it just works. Isn't that nice?
It says nothing about how to change the TIME the audio starts syncing. Like do I want it to start 5 seconds delayed? Or what about 5 seconds sooner?What if the audio gets more out of sync as the video goes on? Can I slip it a little at a time? What? No magic?No one mentions a file that already has badly synced audio.So what -async 1 really does is simply start the audio at the beginning of the file. LIKE AS IF THAT ISN'T STANDARD PROCEDURE?So what is the exact solution to syncing a messed up video? And why can't it just do the proper "timestamp" sync in the first place?No docs, no info and you are left out in the cold.
I need disable usb port access in ubuntu9.10. how to disable usb port in ubuntu9.10
View 9 Replies View RelatedI currently have a user on my Ubuntu server that I want to block completely from login. I know right now they login with SSH keys so they don't need to enter their SSH password. Can anyone tell me how to remove the SSH key login for their username and root user which I believe they use too and block SSH access alltogether.I will then just change the root SSH password.I'm terrified they will do some harm so I need them blocked out ASAP.
View 7 Replies View RelatedAnyone know how to disable IPv6 but still use IPv4?
View 6 Replies View RelatedI've made an SSH server using OpenSSH on my desktop Ubuntu (10.4) for tunneling. However, I'm noticing that the public account I made for my SSH (one to give to friends to use proxy) has SFTP access to crucial system files. I'm okay with SFTP being enabled on my account, but not on this public account. Does anyone know of anyway to either disable SFTP to that user, or restrict access to important files?
View 4 Replies View RelatedSet up a few machines yesterday to test out some parallel code. Just for fun, I selected the "encrypt users files" option when setting up Ubuntu (10.10). I had never used the option in years past. Now I'm finding it a pain. EG., ssh requires me to already have a login to the machine before it will let me log in w/o a password (eg., using id_rsa.pub and authorized_keys).
Similarly, I have no reason to encrypt files on these machines. They're just crunching numbers. Is there an easy way to disable this? Or do I need to delete my original user and make another one (with all the su privelages, etc...) w/o an encrypted file system / home directory.
I use Ubuntu on my netbook, which I uses for browsing and email. It's way faster than the Windows which came on the machine. That's a nice feature, as is the price.
I like it except for the constant, perpetual, ever-present, super-annoying need to be entering passwords and "becoming root user" and so on. I am the only one using this appliance. I don't even care if someone steals it, really. There must be some way (I hope) of disabling this idea that I am a CIA agent with TopSecret materials.
I just want a simple, easy to use appliance. If not Ubuntu, is there any distro that is aimed at normal people?
I just want to disable rm command for an user..Root only need to use that
View 14 Replies View RelatedI'm concerning about my web server, I use nikto to see where should I improve my configurations, then I just know my web server is enable directory indexing. I have searched and found that I should just put
Code:
Options -Indexes to disable directory indexing. I have already restart apache but directory indexing still enable here is my httpd.conf Where did I wrong ?
Code:
ServerTokens OS
ServerRoot "/etc/httpd"
PidFile run/httpd.pid
[code]....
