I made a mistake on my friend's Ubuntu system when trying to get hard drive permissions right. I wanted to add a user to a certain group with usermod -G, but without realising I should also use -a, with the result that the user is now not longer in the sudo group. This is the only (regular) user on the system, which means I can not sudo usermod again to get it right. So what to do? The only solution I can think of is using a live disc to restore the group belongings, but I want to know if there's a quicker way. Also, I don't know what more groups the user was in. Is there a history? Or else, what are the default groups?
Twice today, and several times recently, I have had a sudo command rejected with the dreaded message "<user> is not in the sudoers file..." It's because my user -- which is the main user, the one you create on Ubuntu installation -- has "fallen out of" the admin group. I can fix it because there are other users defined which are still in the admin group and I can su to one of them and add myself back.But why is it happening? I'm doing software development, and use sudo mainly to do benign things like copying new versions of Perl programs into the application library: I'm not going anywhere near the security subsystem, for instance. I'm worried that one day whatever-it-is will choose to drop all the users out of admin and then I'll have to resort to live CD hacking to fix it.
I have a problem when I want to use su I get this error:Code:su: pam_start: error 26I have googled it so I found this topic (http://www.linuxquestions.org/questi...r-26-a-615024/) but it didn't really help me. There was a reply on that topic and his question was what the output of this was:
How can I create a user group that restricts Internet privileges to only members in the group, then I will assigns certain applications to join the group for access to the Internet.
For example, I want only group net to have access to the Internet. Group net is then connected to:
Code:
So far, I am using the gnome group policy manager that is standard with ubuntu but Its not working. It is possible that im misdirected and that I should use a firewall instead?
i added users to the group om PDC after it i shared folder on linux server and given permission for users from this group, the folder is showed correct. After it i removed users from group, but the folder is accessible. Where is mistake?
[global] workgroup = STSCOMPANY password server = *
Is there any way to find out what packages were removed by the last 'sudo apt-get autoremove' command? Is that info in a log somewhere? I am setting up a recently installed minimal install and my last autoremove seemed to remove some dependencies which has in turn killed my network connections, wired and wireless.
This netbook only has a user with non-administrative privs on it and root user but I do not have root's password.Is there a way that I can create a new administrative user of change the current user's group so that it can do sudo commands or have more privs?
I'm trying to allow a specific group on my machine to execute one command with sudo without requiring a password, so what I want to do is add something like this to sudoers:
%groupName ALL = (ALL) NOPASSWD: /bin/bash /path/to/shfile.sh argument1 argument2
argument1 needs to be a url : http://subdomain1.subdomain2.domain.com
argument2 needs to be a path of the form /var/www/demo/SomeFolder/application/config/config.php
How do I put in a regex form that sudoers will understand ? I tried reading the sudoers manual, but it didn't help a lot .
Is it possible to allow a group/user to execute a command, where one of the parameters of the command is a group as well? example that does not work as intended:
Code: Cmnd_alias SU=/bin/su -l %group1 This example works sortof, it treats the "%group1" literally. I know I can list out the "/bin/su -l <eachuser>", but as you can imagine that is impractical. In this example, I want people in group2(not shown for brevity sake) to be able to su to someone in group1
I have joined the domain (server 2003) and can log in consistently now. Now I would like to give all the windows users in on specific group (domain power users) SUDO rights on the machines in question. I have found one way to add users on a pr. user basis, but adding 30 users will take some time.
Original HOWTO can be found at: [URL]... So the other day I was in IRC and someone had brought up a problem where they created a new Administrative user, but didnt have rights to use sudo. Looked into the problem a little bit to figure out what was wrong, and it turns out that when you create a new user through the user manager (in kubuntu, anyways. Havent tested in Gnome.) the user gets added to the adm group, however, a quick look at the sudoers file shows that its looking for users in the admin group to allow the use of sudo. So, to solve the problem we do the following: If youre on the new admin user (which Im assuming you are) use the following commands:
Code: su [insert username of old account without brackets] sudo usermod -G admin [username of new admin account without brackets] exit
Then simply logout, and then log back in (not always necessary, but the easiest way to flush the permissions.)
Code: su [insert username of old account without brackets] Means were going to Switch User to the old admin account Code: sudo usermod -G admin [username of new admin account without brackets] This simply adds the admin group to the secondary group list for the new user Code: exit Pretty self explanatory
I have previously set up sudo via adding my name to the wheel group and then giving full privileges to the wheel group in the sudoers file. Now I choose to learn to limit that. Had noticed the most frequent use I have of sudo is to run yum update. This got me thinking, could I remove the wheel group privileges and add the following line in sudoers to limit the privilege to simply running yum, and furthermore, make it so I could run yum without a password:
## Allow root to run any commands anywhere rootALL=(ALL) ALL Troy ALL= NOPASSWD: /usr/bin/yum
I think that would in fact work (if I understood one of the pages here, it will work). However, upon further thinking I realized that in such a case then anyone sitting at my computer could then use yum, without a password, to install or remove any file on my system � probably not a good idea. As a result I have to ask, can I tighten the privilege even further such that the only privilege so given was to run �yum update� and nothing else? (for example if they ran �yum install� it would fail). If you can do it, how?
Last, I was going to limit the privilege, time wise and try wise, by adding the following to the sudoers file:
I managed without knowing to remove my user from the sudo users group. I did usermod -G fuse <username> and now I can't sudo anymore. How do I get back to the promised land?
I recently had a problem with one and only one user on an Ubuntu 9.10 desktop system.
[URL]
The user who installed Ubuntu eventually could not log into the desktop (Gnome) without getting a small X-term appearing in the upper left-hand corner of the screen. I have since fixed the problem by reinstalling and using frequent logouts and reboots to see if the original problem could be re-created.
Other users, most of whom were also admin who could use sudo and were created after the installing user, could log into Gnome just fine. The installing user was fully deleted and re-created (home directory) and not installed with its backed up information. This still did not fix the problem.
My question is this. What could be left behind and possibly in which files by the installing user that would still affect this user even after that user was completely removed and re-created?
The only thing I have not done on the re-installation, is I have not installed Konqueror. I have installed konsole, which installs some KDE components, and that was done the first time.
I don't want to install Konqueror and have the same problem occur again at least without a place to look, so I don't have to re-install. I did make the classic mistake of not looking in the logs, specifically xsession errors. I won't make that mistake again.
What would be the effect of setting ProFTPd's user and group to the same user and group that Apache use? Are there any security risks in doing this, or is this safe to do?
My user/group manager in the system>administration menu is missing.Is there a command to get to the user/group manage using alt+f2 in the desktop? Or can i download the user/group manager from Ubuntu Software Center? I searched the Software Center and all i could find was the KUser user manager program... can I download it? Will it work with ubuntu 10.04?
My main account 'dave' runs as admin etc This was the output of 'groups dave': dave adm dialout cdrom plugdev lpadmin sambashare admin I was trying to add dave to the user group 'media-www' and i ran this command: 'usermod -G media-www dave' Then after another 'groups dave': dave : dave media-www It seems to have removed all the other groups! How do I restore this?
I have four users in my red hat linux 9. I want that all these four users should add in a group i.e "Marketing". please guide me that using terminal which command may i write so that the users should added in the group.I does't want to use GUI interface to do it.
I'm running out of ideas (and of forum threads to try), so here is my problem: I want to create a web page using perl to configure a router. The router is going to be used to limit bandwidth to some IPs and also to block some IPs. I'm using Centos 5.3 which comes with httpd and suexec pre-installed. The command I want to use are "route add -host ..." and "tc filter ...", these commands can only be run as root.
I'm beginning to deal with more than one user on my system (it's a VPS serving some sites) and I need to make sure I understand how group permissions work. I have an account named "admin" .. it's basically the primary account that is used for serving most of the sites that I control myself. Now, I added a second account named "Ville" as one of my users wants to be able to administer that site. So, I can do this the easy way and just chown their domains folder under the ville user, they have permission to do whatever they need be and so forth. However, let's say I want to also give the admin user access to the files (modifying and all) .. how can I put both users into the same group and give them both permission?
I've tried doing: sudo usermod -a -G admin ville To add the ville into the admin group, but ville still cannot edit files by admin. Permissions for the primary directory for the ville user are read/write for both owner and group, and the current group for the files is admin:admin .. But ville still can't write into the directory. So, what should I be doing here to get this right and secure at the same time?
I'm trying to edit a "xl2tpd.conf" file but it always says I have no write permission tried to add my account to admin group but it says something about not able to lock on password try later.
I've decided to move this question into a new thread since i haven't received an answer for 3 days. This question was originaly posted here: [URL]... I've already searched in google, however i wasn't able to find an answer that solves my problem... How can i change the umask on a per user basis so that each user can have its own umask to fit his needs? For example: I have four accounts on my system ex.
-So now I want everything from the admin group to be by default set to 002 (so that every user that is in the admins group can have a full share (-rwx rwx r--) of everything that is created by the admins).
-Then the similar to the above managers shoud have 022 umask.
-And each of the regular users should have 002 or 022 or 077 it is up to the users choice.
I hope that i have provided enough info thorough the example.
cat /etc/group | grep www-data | grep chad chad:x:1000:www-data
the user www-data should have read access to my folder but i am still getting a 403 forbidden error i have done this before without issue anyone see what is wrong? i have a folder i use for file transfers over IM it is more reliable than the messengers file transfer abilities
I should perhaps add that the home directory is /mirror/cu (so that the users share the same account when mounted). Not sure if thats relevent though...
My /etc/exports file (on the server) looks like this
I am doing rhce course but i am very confused to answer these user and group permissions.the questions are like this...the owner of the /data must be user tom.primary group of /data must be the group sysadmins.the members of the group test must be able to write and create files in the /data.the members of the group web have no access to these directory.the user jack not belong to any of these gropus must have to edit files created in /data.the user tim can only list the contents.
the questions are always like these..i am okay with sgid and sticky bit.but i dnt know where to set default acl and other permissions.
i've got a regular user i want to turn into admin group so he can have same privileges as a root. should i just change the GID in /etc/passwd and /etc/group or should i use usermod/groupmod?
