I am having an issue with a Chrooted SFTP User not being able to write files.
The permissions are setup correctly as if I remove the Chroot the user can write files correctly.
User has a transfer folder which they should be able to write files to and read from, this works correctly until I apply the snippet from sshd_config file below then the user can only read files. I have tried tweaking the permissions but this doesn't seem to have helped at all.code...
I can SSH to my own box using "ssh -X arancaytar@localhost" and run graphical applications. When I try the same using "ssh -X chris@localhost", I get an error message saying
Code: chris@enki:~$ gedit X11 connection rejected because of wrong authentication.
I'm attempting to give a few buddies encrypted storage space through sftp using truecrypt.I have it worked out to the point where the truecrypt volume is automatically mounted when the user logs on, and dismounted when they log off.I would like to restrict each person to their individual home folders. This way, I can control exactly how much space each user is able to use (through the size of the truecrypt volume), while maintaining security through the network due to using SFTP.
I've been looking around, and the only thing I can see is restricting a large group of users to a single directory, this won't work, I need each person to be locked down to their personal home directory.My end goal is to have these volumes "mountable" in Windows through the use of Windows network drives (on a wide network, not through samba on local), or by using expandrive or a similar program. how I can lock these users to their respective home folders?
Is there a way where i can chroot their user home directory, lets say the user login on linux box /home/user, what i wanted to do is to chroot /home/user where user won't be able to browse the filesystem which is /. Tnx
Its been two days over, after my search started . But I didn't find answer any where ?. I need to call chroot as part of normal user, but to my surprise it can only be called by SUper user with CAP_SYS_CHROOT capabilities. I am not sure how to add this capability to my user .
I have a question that i want to make a normal user to execute the commands which the root user is able to execute, say if i have a user named siru and when i logged in using siru i cannot run commands like tracert,nmap@loccalhost and all but i can run when i have logged into root account so my question is how to make siru to run the command tracert,nmap@localhost.I have even edited the .bash_profile of siru's home directory from
# .bash_profile # Get the aliases and functions if [ -f ~/.bashrc ]; then
Apache is run as www as is all the files/folders. People are uploading via FTP, scp, so the problem is if I chmod so everyone can read, then rsync as a user it works until new files are added which then my ; if rsync fails with a permission denied. Now I can add a chmod in the script so everyone can read, but since www can already read, I figured I would just change my script to use www. I added the ssh key to his authorized_keys file, but when I try to just ssh in I see this in the secure file;
server sshd[29539]: User www not allowed because account is locked sshd[29539]: Failed none for invalid user www from ip port 54983 ssh2
Now I read a few places already saying I need to add a password to the account, etc. but before I jump and try all I read, 1st major one, will this now break apache? Will this affect any startup things, etc. and .... will that unlock that user for ssh in or is there another preferred method?
-memory usage (mb/user) -cpu usage -processes (amount and no same process multiply) -connections (amount of connections (to specific host)) -bandwidth (kbps/user and even owerall for regular users) -disk usage -available commands
I have set up a debian 5 server with ISPConfig and PostFix using Perfect Server toturial [url].
Now i have huge problem i'm getting eather "No such user here" message from SMTP server hosted at hosting provider or Unknow User: name from my ISP's SMTP server (free mails they provide)...
I just setup a debian OS(in emulator) and trying to use apt-get update. When I log in as root and do:
export http_proxy=http://proxy.com:9090 apt-get update works
If I use another user and ssh to this debian, sudo apt-get update will fail to work because it don't use the proxy. I try to do the export http_proxy stuff again but still not working. echo $http_proxy showing it already set correctly...
p/s: I have a workaround by adding this lines in the apt.conf ACQUIRE { http::proxy "http://proxy.com:9090" }
but I really don't want this solutions because I want to easily disable the http_proxy in command prompt (by unset it).
On a PC with 4 users (Karmic), I have installed a webcam. Everything (cam and mic) works for the default user. Cam works in cheese. For the 3 other users, there only are a "testpicture" in cheese and no mic . ???
I'm new to Ubuntu and I'm pretty sure I'm just missing something simple. I want to use Samba to share my raid array to all of my machines, so I have...Installed Ubuntu and created a single user: mattMounted my ext4 raid set with fstab:
Code: UUID=78d85398-d179-4640-bb1b-f770ba90abb1 /media/Data ext4 defaults 0 0 Installed Samba (real Samba, I haven't touched the Nautilus-Share right-click thing):
I can't get a program (wbar) to run directly from my user account, it fails saying "Image not found -> maybe using a relative path?". But if I run su -c "wbar", it shows up and manages to load the image. I think it has something to do with ImLib2 or whatever loads the image. I checked permissions on libImlib2.so.1 and it's world-readable and executable. Can libImlib2.a be causing this problem, set to 644? What else should I be checking?
A regular (non admin) user can create a Truecrypt 7.0a file, but it can't be mounted. The admin password is refused. If you try the regular user password, the error is that you are not on the sudo list.
I have a very strange problem.ometimes, yes sometimes not all the time, I get a Destination Host Unreachable when I ping a computer on my network. If I switch to root using su I can ping that same computer. Here is a screen shot:
joseph@laptop:~$ ping 192.168.1.14 PING 192.168.1.14 (192.168.1.14) 56(84) bytes of data. From 192.168.1.9 icmp_seq=2 Destination Host Unreachable
I cannot find a post that matches this scenario...the id created during the install (from CD) of Karmic has fully usable sound. However, users created from the Users and Groups app do not.
I have made sure that all users are defined to the audio, pulse, pulse-audio, and pulse-rt groups. No luck.
I have followed every step I have read having to do with the alsamixer. No luck.
I have verified that alsa and linux itself are at the latest versions.
I'm using fedora 12 and modified the user login options(normal and super user login). I've been using the accounts for a while but i've bumped into a problem - audio not working as a normal user but works when logged in as root. Also, i'm not able to use VLC as a root user.
Kuser no longer works for 'rob' but still works for 'robert' & 'root'. It launches (i.e. the cursor bounces up & down and a Kuser box appears in the task bar) but the Kuser screen never opens. Finally, the bouncing cursor disappears as well as the Kuser box in the task bar.
I've run into a strange problem with GDM that I haven't managed to find a solution for yet, either by trying myself or googling, and I have run out of good ideas. I'll just infodump here about the problem and what I've tried etc;
I installed Ubuntu on a new PC a few weeks ago, setting it up with autologin for my mom and a separate user for myself, using the on/off-icon menu in the top-right corner to switch to my own user and back as needed, and logging the user out when done. This worked quite well.
However, a few days ago, this stopped working; logging out or trying to switch now leaves me with a blank black screen, without even a mouse pointer (but not off, the backlight is on).
EDIT: To clarify, this is an issue that only affects the GDM login screen, but that affects it whenever it is used, wether it is on boot (when not set to autologin), after logging out, or when trying to switch user.
At this point, I can usually use Ctrl-Alt-F1 to get a textmode login, and Ctrl-Alt-F7 to get back to the auto-logged in session (assuming I tried to switch, not logout).
I can't think of anything specific I did or installed around then that should be related in any way...
I tried disabling autologin and restarting gdm, which left me with the same black screen (which is still there after rebooting), instead of the expected login window. I managed to re-enable autologin by manually editing the /etc/gdm/custom.conf file, so that it would at least work for mom.
I've also tried to change which user is auto-logged in, thinking it might be a problem with my user account, but both users get an automatic session just fine when I restart gdm.
I thought it might be a problem with the video driver, but that's not the case - if I run zenity --info as root with DISPLAY set correctly, the dialog box appears on the screen just fine. It has no borders or titlebar (there's no windowmanager), and is apparently without keyboard focus, so since there's no visible mouse pointer I can't click the OK button... But since it appears, X is apparently up and running just fine, just has nothing to display other than a black background.
I tried purging and reinstalling gdm and gnome-session(-bin|-common), but that didn't help any.
Running ck-list-sessions after trying to switch indicates that there's a new session there, with session-type = 'LoginWindow', so it appears to think everything's fine.
Enabling debug output in the /etc/gdm/custom.conf file did get me some more debug output in the gdm logs, but it didn't really tell me anything, there weren't any obvious problems that I could see.
After some looking around, I've guessed that it's supposed to be running gdm-simple-greeter, which I assume would display a login box; trying to run it manually doesn't work though (it's missing some environment variables, and trying to add them based on the abovementioned debug output doesn't really help).
i am relatively new to ubuntu. Just recenty i have not been able to access certain files(for example the history and bookmarks in the firefox folder), download files individually from the internet(music,fonts,etc), recieving an error message
i have sudo priveleges and can install via update manager. i read somewhere that compizfusion might affect access permissions and i do use compiz and emerald at the same time.
I have a few multi-user servers in an academic laboratory. I am having a problem with some users maxing out the available RAM, causing such sever slowdowns the machine essentially crashes. My servers are Dell Power Edge's running Ubuntu 8.10 Server Edition (Not my choice). I would like to set a maximum limit on the amount of ram a user can utilize. This morning I experimented with setting limits via /etc/security/limits.conf and using ulimit. Neither of them prevented my test program, a simple infinite loop of mallocs, from crashing the server.
I found that if any usual user is logged into a NDS-tree, then _local_ root has full access to user's network shares, including the user's home directory located on remote Netware-server. Is it by design or have I missed something? Nevertheless in windows local admin has no access to network resources mounted of any other user. If you runas shell (as admin) then admin in principle can't "see" network shares which were mounted (connected) by other users - they are accessible ("visible") per session.