Senario is we have a system where root has authorised keys set up so that it can do a passwordless ssh to $WORKSTATION. I then need to run a script on $WORKSTATION as user "bob" and NOT as user "root". I do not want to set up user "bob" to be allowed passwordless ssh so any ideas how I can do this?I have tried variations of (as user "root"):ssh $WORKSTATION "su - bob; ./my_script"
View 5 RepliesI need to launch a bash file in Linux from an unprivileged user session, file that will run bash commands as root. But I do not want to create an user with root privileges to do that also the process must be silent (no password asked).
How can I do this without adding a user in sudoers and without giving rights to all users to execute the commands from that bash file?
I have tried SUID option witch would had been good as functionality but I understand that SUID doesn't work for script bash files.
I want to get a of log all the commands executed by the root user with the following details :
incoming ip
username (thru which su was executed)
time and date
all the commands executed as mentioned above.
Also if user has managed to login as root, he should not be able to disable / delete the above info. Can this info be collected at some other physical server ?
After a few hours work I have managed to set up pptd so that my daughter can log into her account at Imperial College. My problem now is that I need to have a script that she can run if she wants to log in. She will have to invoke a couple of root commands and I do not want to give her the root password What she needs to do to set up networking is:
Quote:
pppd call imperial dump debug logfd 2 nodetach require-mppe
/sbin/ip route add default dev ppp0
How can I enable things so that she can run this script as user?
I need to launch a bash file in Linux from an unprivileged user session, file that will run bash commands as root. But I do not want to create an user with root privileges to do that.
View 10 Replies View RelatedHow to allow access to some commands having root privleges to be run by non root user. I am new to unix/linux and I have a major assignment. I have to find ways to run particular commands which can be run only by root from a non root user. I know sudo is one of the way but i need some different approach.
View 8 Replies View RelatedHaving trouble adding a regular user with ssh access on Hardy 8.04. I can ssh into root, but not into the newly created regular user with the same ~/.ssh/authorized_keys
Code:
sshd_config has:
AllowGroups sshlogin
AllowUsers user root
[code]....
what could be preventing ssh login to ~user? And yes I would like to disable root ssh access, but it would be nice to be able to ssh into user first
How do I add root permissions to my user account?
I want full permissions for all computers in my house, without having to get up and go to the other room and change permissions for the file, folder, drive, directory, computer, etc., then go back to the other room again.
I just created a partition, as THIS user, THIS machine, rebooted, and cannot create a folder on the partition I just created. UGH. No more of this stuff... I guess at the very least, I'll still have to log onto each machine for this?
I am trying to run su as a non privileged user to log in as root. However, this only works when I make /etc/shadow world readable. I have /lib/security/unix_chkpwd as a setuid root executable
I use the following pam-file for su:
Code:
# Begin /etc/pam.d/su
auth sufficient pam_rootok.so
auth required pam_unix.so
account required pam_unix.so
session optional pam_mail.so
[Code]...
I have a problem, I have installed Fedora 11. And i need to login as root user.
How to do so?
Can the audit daemon (auditd) be run by a non-root user? I'd like to create a special user who only run the audit daemon. Is that possible?
View 1 Replies View RelatedStumped on this one. I'm trying to set up limited sudo authority on a desktop with some sensitive user data, and as an extra precaution I wanted to configure sudo to use a password other than the user's or the root's. I'm not sure how to do this. From the manual, we have a few options, such as "runaspw" or "targetpw", but none seem quite what I'm looking for.For instance, "runaspw" could be used if I created a user for nothing other than sudo(ing) purposes, but it requires you set "runas_default", which means that said user would have to have authority to execute said commands in the first place. This is workable, but seems like a lot of extra configuration for each specific command that I want to run, as well as creating some issues with simply commands such as "shutdown" or "reboot". Also, "targetpw" can be used in conjunction with a sudo(ing)-only user if I set an alias, but, again, this isn't quite what I am looking for.
Ultimately, what I am really concerned about in this situation are keystroke loggers, so I would prefer to avoid repeated entering the user or root password when performing administrative tasks. Also, I would prefer not having to create a sudo(ing)-only user as mentioned above to prevent a comprimised password resulting in an attacker being able to log into my system.
It seem like unix abit annoying every time you log in you need to password can I disable it
View 10 Replies View RelatedAny Linux machine (except PCLOS) that I log into as root user seems to not start networking. I haven't tried sudo /etc/init.d/networking restart , to see if it does start, because anytime I DO this, it's for 'local' work. How about default root user configuration settings???
View 2 Replies View Relatedi want to know the risk with auto mounting flash drive as a root user,if for example there is a Usb Flash drive inserted into the system and we login into root unknowingly, and this flash drive contains an autorun script which calls a new script that can place viruses in your system, since you are in the root it will not even prompt for password and if the script is fast enough you will not even see it executing.
View 7 Replies View RelatedI get the problem to acess root password when i am in user login, means wahen i am in user login and want to install software from terminal then he asked root password, when i supplied root password but he give me login incorrect.
View 2 Replies View RelatedMy understanding is SELinux adds type enforcement to standard Linux. This means that both the standard Linux and enhanced SELinux access controls must be satisfied to access an object. Which means that thing that is prevented to do in the normal standard Linux will be also prevented in the SELinux System? Does SELinux make it possible to run a non-root software to bind to a port < 1024? something that standard Linux won't allow? If not, what other suggestions do you have for allowing a program to run as non-root but able to bind to privileged ports? I know all about using the port re-direction such as ipchains, iptables.
View 4 Replies View RelatedI'm using Gnome and I'd like to still have the ability to reboot/shutdown from one particular account as well as root. How would I modify the chmod command to add this ability?Also, I have a few users who just will hold the power button in to shutdown the machine. How can I keep them from doing this?// Pruned from the vintage 2007 Prevent a non-root user from shutting down, rebooting or suspend the system thread. Please create new threads instead of resurrecting ancient ones.
View 2 Replies View RelatedI have a problem with sshd daemon on a target linux system:The system has only one user (root) without password.The sshd_config looks like:
Code:
Port 22
Protocol 2
[code]...
I have tried to not allow root access and have created a wheel user.
Now I can not logged in as root.
Its okay but when am logging as wheel user and trying to access root then it says:
Code:
In our group we use NIS and have a group set up called netadmin which is given root privileges on each machine. Each machine also has a localuser called localuser created and used during installation. When logged in as a member of netadmin, attempting any action that requires root privileges (e.g. installing software in Ubuntu Software Center) results in a prompt asking for localuser's password, not the current user's password.
Does anyone know the cause? Configuration issue or Ubuntu issue? We can get around it.
When I go to single user mode for resetting root password, It ask root pawssword for login.The message displayed on prompt is "Give root password for login.On the boot prompt, I select kernel and press 'e' and after one space type 1 for single User mode and then press 'b' for booting.It shows message entering in single user mode but ask root password. Even I tried into rescue mode, but I couldn't ser root password.In rescue mode on prompt, It shows rescue login: I typed root, But when typed 'passwd' foe resetting root pawssword,It shows message unknown user and not authetication.
View 1 Replies View RelatedIs It possible to change a process running in root-user to non-root-user by setting suid / uid / euid / gid etc... I so please instruct how, when and wat to set in order to change a process running in root-user to non-root user
View 4 Replies View Relatednetwork in my lab is running NIS and NFS. one of our workstations (say, workstation A) died, so we replaced it with a new computer. A user emailed me saying that he can't login to the new workstation A. I instructed him to do:
mv ~/.ssh/known_hosts ~/.ssh/known_hosts_old
He did it, and then got back to me with the following message:
===========starting user's email=====================
Starting from my login to Workstation B, this is what I get:
% mv ~/.ssh/known_hosts ~/.ssh/known_host_old
% WORKSTATIONA
The authenticity of host 'WORKSTATIONA)' can't be established.
RSA key fingerprint is c2:b9:d9:64:b3:03:f2:bc:2d:4f:7c:4f:c7:cb:2f:b6.
[code]....
I have a question that i want to make a normal user to execute the commands which the root user is able to execute, say if i have a user named siru and when i logged in using siru i cannot run commands like tracert,nmap@loccalhost and all but i can run when i have logged into root account so my question is how to make siru to run the command tracert,nmap@localhost.I have even edited the .bash_profile of siru's home directory from
# .bash_profile
# Get the aliases and functions
if [ -f ~/.bashrc ]; then
[code]...
Let's say I have a Linux workstation at work, behind a firewall. So even though I may have a remote access server set up on it (such as the most excellent NoMachine NX Server), I can't access it from home.
My home network happens to have a Linux server. Is it possible to ssh from work to the home Linux machine and set up a tunnel so that once I'm at home, I can run the NX client, point it to my home Linux box on some port like 9000, and have that forward through the tunnel to port 22 on my work Linux box? How would I set this up?
i am having problems with privileges i have created a new user with my name, but i cant get root privileges on it. i need the same privileges as the root profile.
View 9 Replies View RelatedI no longer have access to my root desktop. On a session I attempted to change the root username but i apparently assigned it a wrong directory that does not exist. When I rebooted with my new root username, i was instead recognised as a simple user (no root privileges). I tried the console to change to "old" root but root password is not accepted and there is no way to access to sudoer files. it seems that inserting a new username requires root privileges and i am back to square one. Simply logging with old root username and password after restart gives me a blank screen with nothing on it and cannot even reboot.
View 9 Replies View Relatedi used opensuse 11.1 ...there is option for root user to create password for root...but for ubuntu i did not find anything like that...so how can i create root password....or how can i use root
View 1 Replies View Relatedi just installed linux mandriva 2009. i set password for root and created a user account. when i try to login as root, after logging out as user, it does not allow me and gives the error "root logins are not allowed". even it does not show the root account. if i try to go to root from konsole terminal using su root, it allows to enter as a root but when i try to start the GUI with startx it gives error.not sure what to do and why i can't see my account in GUI mode
View 5 Replies View Related