I've a Linux box with few users (with shell). I would like to prevent normal users see all the processes running on the box. How can I implement this?
View 1 RepliesI'm looking for a command that will give me a list of users (unique, dont name my user account 60 times) that are running processes on a system.
View 5 Replies View RelatedI use the following method for preventing the users from changing their passwords , is there any other method other than this ?ls -l /usr/bin/passwd-rwsr-xr-x 1 root root 37140 2010-01-26 12:09 /usr/bin/passwdso we need to remove the suid for that command as follows :- chmod u-s /usr/bin/passwdnow normal users won't be able to change their own passwords - and only the root user will be able to do it for them.
View 9 Replies View RelatedI am administrating a system with about 40 or 50 users, and we recently jumped ship from windows to ubuntu. Most of my users are getting along fine, but it seems every few days, i have to help someone who accidentally changed something, and now their account (or more rarely, the machine) is unusable, and has to be reset.
I know configuring /etc/sudoers is a huge step toward fixing my problem, but that still will not completely solve it. What I would like to do is prevent users from making ANY changes to the system (aside from their work files and the like), including themes, icons, desktop, background, etc.
'readonly HISTFILE'
but the user could tamper with the histfile itself. Like:
rm -f $HISTFILE;
rm -f $HISTFILE; mkdir $HISTFILE;
rm -f $HISTFILE; ln -s /dev/null $HISTFILE;
I'm experimenting with PROMPT_COMMAND to execute a command each time the user executes a command and so log it somewhere else.This post was pruned from the 2009 Is there a way to prevent users from changing or unset their HISTFILE variable? thread. Please do not resurrect old threads but instead create your own (and maybe provide a link to the old one).
The title says it; I want to prevent users from viewing the wireless network password.
View 9 Replies View RelatedTo: The Cog >>>
Code:
The Cog, heres the reszults for ps -ef | grep tty:
yo mama@blah:~$ ps -ef | grep tty
[code]....
my computer is often very slow, to the point of stalling. I tty'd in and when I ran ps -ef I noticed about 10 /usr/sbin/apache2 -k start I dont even want 1 apache running. Any suggestions why these are running, or how to stop it? Well, I can stop it with a sudo killall, but how can I make sure it doesnt happen again?
View 5 Replies View RelatedI want to prevent users changing the wallpaper, as i couldn't found any direct method I thought of preventing the /usr/bin/gnome-appearance-properties being running,
I know that the user also can set the wallpaper without running that . But didn't found any other way .
I tried to use SELinux to it and I'm stuck at writing a own policy.
According to SELinux, it prevents everything ., but as i have mapped the user to a SElinux user ,even though he can use administrative tasks , he can run the appearance window. that means he has got the permission from a different policy , Currently I'm stuck at this place.
Suitable way to prevent the wallpaper being changed by the normal users.
On my crontab there is an entry to run a script I wrote that backs up my local files to my remote server. It was working great, running once a day. However, I now want to make the script run every hour.The problem is that if there are too manyfiles to transfer (Example:I ripped a DVD in the last hour) the actual backup may take longer than 60 minutes.So I want to modify the script to check if my backup script, based on rsync, is running. If rsync is still running then do nothing and exit the script. If it is not running, execute the script as normal.
View 5 Replies View RelatedI try to write a script which would kill processes of users who are not logged in. My approach is to find out what users are logged in and then kill processes of all nonsystem users who fail the test of being logged. I use `w` for finding all logged in users, but apparently there are users on the list which `w` gives me who own absolutely no process in the output of `ps aux`. How do I log off those users, since killing their processes wont work (since they own no processes)?
View 4 Replies View Relatedlove security/pentest tools. This script adds ALL the tools from the Security Spin, plus Metasploit. Feel free to modify it if need be.
View 12 Replies View RelatedIs it possible to install security lab menu on a normal Fedora 13 installation? I don't want to use security spin.
View 14 Replies View Relatedright now all of our users are able to log in to other user using su as root.Because root privilege is necessary for our work. we r using LDAP authentication(centralized)..
What we want to do to disable su usage to log in as other user?
We have just installed VNC. It seems to work fine. If we connect to a remote system using VNC, on say DISPLAY 5, it works and we can run our applications. If another person wants to view this session, they can also connect to DISPLAY 5, and it is fine.
However, if you are just sitting at your own system, without using VNC, and someone connects to your system using VNC to DISPLAY 0, so you can show them what you are doing, they do not see your session, they see a plain startup session, not the session in which you are running your applications... How do you let VNC users see your normal non-VNC session? Have I configured something wrongly? We are new to VNC!
i would like to prevent all users other than the user "parker" on my system from using the su or sudo commands. I have not attempted to modify the sudoers file so it just contains the standard root ALL = (ALL) ALL.
View 5 Replies View RelatedI use the following method for preventing the users from changing their passwords , is there any other method other than this ?
ls -l /usr/bin/passwd
-rwsr-xr-x 1 root root 37140 2010-01-26 12:09 /usr/bin/passwd
so we need to remove the suid for that command as follows :- chmod u-s /usr/bin/passwd now normal users won't be able to change their own passwords - and only the root user will be able to do it for them.
If there is a simple way to prevent accidental shutdown when the following situation occurs:
Sometimes, I log in on my father's computer to run some administrations' tasks (updates...). For that, I use SSH since I'm frequently far from my parents and what I want is to prevent a shutdown run by my father. Of course, he should be able to turn off by himself if nobody else is connected.
Molly-Guard allows to prevent distant shutdown, my request is a kind of complementary software.
Does anyone know a project which could fit with this request? Do you have simple ideas to write a short code I know bash, perl, python...
How can I prevent users from changing their own password? I was surprisingly unsuccessfull in finding a solution for this on google. Lots of stuff about hardening ssh access or dealing with password aging using "chage" but nowhere could I find an answer for my question.
View 5 Replies View RelatedI read one release goal for wheezy which I had read few days ago, dnssec for wheezy.
[url]
Now the only thing I understood is this will make it harder for the bad guys to give any fake packages while I'm updating from a debian mirror .
Am I correct in assuming that ?
Also do I just have to install the autotrust package and wait for the dnssec-conf to be packaged and installed, correct ?
As per subject, what's the best way to run a CRON job for something that "normal" users need to run as SUDO? There is a problem with the internal clock on my PC so at a regular time (every hour or day for example) I want to sync with my Network Time server. I use "sudo ntpdate time.bgr.local" as it is now and have to enter my user's password for it to work.I know root is disabled by default and would like to keep it that way if possible but if I have to enable it and then add it to root's cron list the so be it but would prefer not to.
View 5 Replies View RelatedI have created 2 users and changed their secondary group to grp1, then changed permission for a directory dir1 to 770(no permission for others) and group to grp1.
The both normal users are not able to access dir1. How is it possible to access that Dir using general permission (770).
I know of /etc/security/limits.conf and that can be used to limit all sorts of good things, but I haven't found anything that talks about using this when the users come from LDAP. Would I be able to do something like
@"Domain Users" soft nproc 25
@"Domain Users" hard nproc 40
where Domain Users is the group all users belong to in our system.
I have a box with multiple users on it and I want everyone to be able to have full access to their home folders, but not be able to see the contents of /home/ or another user's home folder (I.E. bob has full access to /home/bob but cannot access or even see the contents of /home/john)Right now users can see other user's home folders but can't modify what's inside. How do I prevent them from seeing the contents at all?
View 1 Replies View RelatedI have a box with about 30-40 users on it, and I need to prevent a certain group of users from using sudo at all. Is this even possible.
View 4 Replies View RelatedWhat is the best way to prevent some user run some command? For example every body can run at and batch command and 3 or 4 special users prevent run these command?
View 7 Replies View RelatedIs it possible to install Rawhide packages in F14 for normal users ? I see that Rawhide have F15 (as in Fedora 15) so it doesn't install. How can you bypass this? And what repo to use if you want to install rawhide?
View 9 Replies View RelatedI have shared two external harddrives via samba on ubuntu, but only I can access it. The reason being is because I have logged into linux, and become the owner of the external hdd's. On the permission properties, I can see that the group I have created every other user under has "No Folder Access", and if I change this it reverts back instantly. So frustrating, I've tried to chmod it which hasn't done a thing. The owner of the external hdd's seems to be the only person who can access it over samba.Is there anyway I can get normal users to just read and write to external hdd's?
View 9 Replies View RelatedI have install RHEL5 and created normal user as "test". When I login as root user, I can run crontab command but when I login as test user, I can't run crontab command and throws error as "cron/test: Permission denied". how to enable crontab command for test user as well?
View 3 Replies View RelatedIn Linux, how do i prevent users from executing chown, chgrp or chmod?
View 2 Replies View Related