Ubuntu Security :: Add Users Other Than Initial Account I Created?
Mar 10, 2011
I set up a linux 10.10 desktop to run as a "server" for me. I then loaded Xrdp so that we can remote connect to the machine. My issue now is, i need to add users other than the initial account i created, but when i log into the desktop remotely, it will not let me add a new user. I cant seem to use any of the boxes in the User Settings command box. Does anyone have any suggestions?
View 9 Replies
ADVERTISEMENT
Oct 19, 2010
Is there a possibility in openldap to allow a user to only create/manage specific LDAP users?For example user "mailadmin" may only create/manage mail accounts in LDAP that are named like "m1342895"? Or a specific list of user accounts that are in a specific group?
View 1 Replies
View Related
Dec 19, 2010
How to created users in pureftpd and the users are stored in mysql database. I tried when i try to connect i got like this error authentication failed error
View 1 Replies
View Related
May 28, 2010
I want to automaticly set the group ownership of user home directories to a group that the user is not part of. This is so that Apache can be part of this group and can access user public HTML directory, but other users are not able to access in any way the files in the users home directory. What I have seen that works manually is adding the user and then changing the group for the home directory. But I want to automatically set this when the user account is created. WHat I see happening is that when /etc/skel is copied, it automatically sets the group and ownership of everything to the users default group and ownership. I've seen some suggestions on setting permissions, but these don't seem to work because it seems that users are able to cd into a directory and not list it, but if they know the file name they can access the file.
View 1 Replies
View Related
Jul 22, 2010
Is there a command to list all of the users I, as an administrator have created? It is difficult to tell the users I created from those created by the system by reading /etc/passwd. I thought 'man 5 passwd' would shed some light on this but is wasn't so
View 3 Replies
View Related
Nov 30, 2010
I'd like to change the font characteristics (size, colour) on initial login screen (list of users) however I cannot find the configuration options.
View 6 Replies
View Related
May 28, 2011
I have problem with virtual users in vsftpd. When they create folder they cant make another in than folder, or for example they cant see files they upload in that directory...That write permision i try to change in their config file, with every combination of local_umask and file_open mode values. How can I handle that. I want that virtual user who creates directory (in their root directory) have all privilages to that folder and all content in that folder.
View 4 Replies
View Related
Aug 27, 2010
i've written a bash script to add new users to our system. the script works so I won't bother you all about that. when a new user is created with it, they can immediately login to our domain from any terminal, which is good. However, the newly created user is unable to login to debian at all, and so cannot access the server. when attempting to do so, they get a message like "the system administrator has disabled your account". This is a good thing really as normal users have no need for debian login, but I do need to add a few admin users who will need direct access to the server machine.
/usr/sbin/useradd -g smbusers -d /home/$username -s /bin/false -m $username
passwd $username
smbpasswd -a $username
This is the code I'm using to add the user. The rest of my script is just a wrapper and GUI. I figure the login shell may have something to do with it, so I tried changing the shell of a user to the default /bin/bash. This resulted in the user being able to login - sort of. Gnome doesn't load though, and there's a cascade of errors across the screen about things failing to save or load settings. mostly stuff like nautilus, X, and gnome. the desktop background is black and there's no interface. Logging in with a previously existing account works fine though. Clearly I have an issue somewhere.
View 1 Replies
View Related
Feb 20, 2011
Howto show all created users accounts on squeeze?
View 2 Replies
View Related
Jul 29, 2009
I have just installed tripwire. I have created a baseline db using the default policy file. Then I checked the output of the db to see what I did not have on my filesystem that db was searching for (according to the default policy when tripwire was installed), I then changed my default clear text policy file accordingly and used twadmin to generate a new tw.pol file.
Next I come grinding to a halt after this (assuming the next thing is to update the policy in tripwire right? )
Code:
View 2 Replies
View Related
Nov 1, 2010
We are trying to set up a classroom training environment where our SIG can hold classes for prospective converts from Microsoft/Mac. The ten machines will have /home/student01..10 and /home/linsig01..10 as users. We want /home/student01 to be able to explore and sudo so they can learn to administer their personal machines at home. We don't want them to be able to modify (sudo) /home/linsig01. I've seen the tutorial on Access Control Lists but I'd like other input so we get it right the first time.
View 3 Replies
View Related
Jul 3, 2009
I'm testing a Debian Lenny virtual machine to simulate my ideal setup for FTP server (with vsftpd): I want all internal users (corporation users with Active Directory accounts) to ftp into the same directory (i.e. /var/FTP/AD-DOMAIN/) and external users (customers) to ftp into their home directories (created manually on request).
I added user_config_dir=/etc/vsftpd_user_conf option in /etc/vsftpd.conf file and I've created /etc/vsftpd_user_conf/domain-user1 with local_root=/var/FTP/AD-DOMAIN
I have setup vsftp so I can ftp with every external and internal user chrooted and is working properly. AD validation for internal users and "normal" validation (via /etc/passwd) for external users work perfect.
I can FTP this server into /var/FTP/AD-DOMAIN with any AD user with its home directory created (i.e. /home/AD-DOMAIN/domain-user1/) but if I try to ftp with any AD user without its home directory created I get the error "500 OOPS: cannot change directory:/home/AD-DOMAIN/domain-user2"
I have found some references (http://wiki.flexion.org/FtpServer.html and http://howto.gumph.org/content/setup...ies-in-vsftpd/) about vsftp PAM authentication so I would supposedly get rid of the error message and the user would log into /var/FTP/AD-DOMAIN without problems, but I can't figure out how to setup my FTP server.
View 1 Replies
View Related
Jul 30, 2010
The question is, as far as I know Ubuntu distro adds a user created with useradd to supplementary groups automatically. For instance, I want to enable sudo for all newly created users on my LiveCD and want them to be added to the group 'wheel' on creation. I'm sure it is possible to do it in Fedora, but how?
View 10 Replies
View Related
Jan 29, 2010
CentOS 5.4 install, likewise open standard install (For active directory authentication).I have a license service which requires a license.txt be in the users home directory.The group owner for license.txt must be the same as the license service. Whenever a new domain user logs in, it creates the all the appropriate files but the group owner for license.txt is the users domain group. My current workaround seems like more effort than it's worth, is there another way to get this process solved easier/more secure?
- copy the license.txt into /etc/skel
- created a script to check for the presence of license.txt, check it's permissions and change them if necessary
- gave the domain's group sudo [nopasswd] access to the script (the script is not writable)
- execute the script in /etc/bashrc
View 1 Replies
View Related
Oct 20, 2010
Ive been running ssh to log into server for long time. Recently a x-win app reported that it suspects a man in the middle attack (MiMA), so I want to tighten this up, but it seems to me if there is a MiM, then the initial key exchange is vulnerable to a substitution. This is on solaris, but since its a basic concept I'm ot getting, it shouldnt matter,
Here's the gist of what I read:
- create users key pair,
- enable host authentication (ssh_config file on client and sshd_config file on remote host)
- start an ssh session and accept the remote hosts key (and I assume the remote host will take client users key and store some where)
Questions:
1. What's to stop the MIM from making a substitution of keys during the initial exchange?? Shouldn't the keys be initially transfered in a more secure fashion??
2. Does the server just accept new keys from any existing user who want to create an ssh session? So if some one knows a username and password (such as the owner of an application they know is running) couldn't they just create their own keypair and have the server accept them?
View 5 Replies
View Related
Jan 14, 2011
we know that /etc/passwd - is a replica of /etc/passwd file and acts as a backup in any damage done to /etc/passwd file..i have observed a strange thing in RHEL 5.4....for example... if /etc/passwd has 100 accounts.. then /etc/passwd - is having only 99 accounts....when i add 101 useraccount with "useradd" then /etc/passwd has 101 accounts and /etc/passwd is having the 100th account of /etc/passwd - ..when i delete /etc/passwd and recover it with /etc/passwd - from runlevel 1 the lastly created user is not having his account after recovery.. what is the solution? this is same case even with /etc/shadow and /etc/shadow -
View 2 Replies
View Related
Oct 15, 2010
To avoid having to input a password for the keyring each time I connect to the net via wireless, I enabled the 'Available to all users' option in Network Manager. Now, my question is this. Are the 'users' it refers to just those created on this machine? Would a drive-by be able to use my network without entering the password?
View 3 Replies
View Related
Feb 3, 2011
I am in the process of setting up a user account for an SFTP server that will possibly be used by multiple users. I am aware of the security risk involved, but it is a necessary evil.
I am trying to come up with an effective means of monitoring the user account. So far I have a script that runs the finger command, and emails me once an hour. Is there something else that I can do to keep a close eye on the account?
View 4 Replies
View Related
May 11, 2011
This is a simple question which hopefully has a simple answer. How do I set up a directory on my user account which is visible and accessible to other users on the *same machine*? For example I have certain files on my account which, if I want another user to be able to access I'd have to (a) copy them to my thumb drive (b) log out, (c) log in to the other account, (d) copy the files from the usb thumb drive
View 13 Replies
View Related
May 12, 2010
I have an environment with multiple projects that have a variety of government and commercial sponsors. We have been satisfied to this point with a netapp serving nfs/cifs and keeping a tight reign on nfs exports.Some of these projects have started asking us to provide access restricted sub-folders of the project space based on different groups that contain a user subset of the primary group.
We have a linux machine that serves as a version control front end to the netapp, mounting the project spaces via nfs. People are now mounting their project space via sshfs to this "front end" and sharing the root password of this sshfs client with everyone in their project, in turn creating a security hole to access the so called restricted sub-folders. I know all the obligatory responses referring to irresponsible user behavior but would like to see how others have addressed something like this where user behavior seems out of control.
View 12 Replies
View Related
Jan 11, 2010
I'm a newbie despite using Ubuntu most of the time for nearly 3 years. There are some files which are created automatically in one of my ntfs partition. The files are khq, khp, kht, an autorun inf file and others. They seem to have been created while I was using ubuntu and even though I delete them,they appear again later. I have googled and have found few information that the files are malware. I will like to know if there is a known issue and solution. This is the first time i'm posting a thread.I hope i have post it at the right place and if not,
View 3 Replies
View Related
Mar 10, 2011
I have a visichat site and 1and1 server.
i am having a problem of my firewall.
when i activate firewall from my server account users cant login to chat room. the error occured " Connection To Server Failed".
will anybody let me know how can i fix this problem so that i can active my firewall and also users can login.
View 2 Replies
View Related
Jan 1, 2011
My Linux is Fedora release 13. I found there are a few users created not by me. I am not sure if the system got hacked somehow. Then the hackers created these users, i.e. (1) oracle, (2) exim, (3) test, (4) cox. I tried to delete all of these four users by using "usrdel" command but the system said "I cannot delete these users as the users are logging in". If my system got hacked ?? or these users are created by the system itself?
View 8 Replies
View Related
Jan 26, 2010
I have a folder on my server i want to protect with http authentication but i have problem. i created a password htpasswd -c .htpasswd razzera
then i created a .htaccess file in the folder and added
AuthType Basic
AuthName "Restricted Files"
# (Following line optional)
AuthBasicProvider file
AuthUserFile /.htpasswd
Require user razzera
but when i go tho the folder it wont request any login details. why ??
View 6 Replies
View Related
Sep 6, 2010
Basically in addition to the first installation account on my system (my account) ive also set up another user alongside my own. Its not a admin account but 'desktop user' account but in the group id section this account comes as '1001'-what does this 1001 mean? Furthermore are there any risks i should know about arising from setting up another account on my pc?
View 9 Replies
View Related
Dec 27, 2010
i use ubuntu 10.04, is there a way to set two passwords for 1 user account
View 2 Replies
View Related
Mar 12, 2011
I started up my computer and suddenly, I saw that there was a new user account. I didn't create it and no one else uses my computer (let alone has access to user account creations). It was called dtc. It didn't seem to have any privileges and the only file in its home folder was called Examples. Should I worry that I might have some kind of malware? I deleted the user and the folder (and it came back after a while). It's main group is dtcgrp. The User ID is 1004.
View 2 Replies
View Related
Mar 31, 2010
here is the what i ran:
Code:
lastb | awk '{print $1}' | sort | uniq -c | sort -rn | head -5
5 fauz
1 btmp
1
what the bottom account is. no name?
View 2 Replies
View Related
Jan 2, 2010
I've written an article on my site which lays out steps for installing Wine and running it under its own, separate user account, so that Windows applications cannot access personal files (particularly those in your home directory).[URL}..i'm hoping that there are people on this forum who know Ubuntu inside-out, as I'd like to know how effective the described method is at trapping Windows applications so that they cannot read or write personal files or directories.
The way I understand it, once the process is running under user account wine, it's stuck with the access privileges of user wine. But are there ways in which a rogue application could break out of this prison and gain access to whatever it wishes? I'm guessing that such behaviour would mean someone customising Windows software to recognise Linux, and that such a thing is very unlikely, but I'm still interested to hear what gurus of the Ubuntu internals think of this method.
View 2 Replies
View Related
May 3, 2010
After reading everything that says you don't need an anti-virus for Linux. OR Linux doesn't get viruses. Guess what I have a Virus. I don't know which one, but it is sending out spam emails from my webmail, MSN, account. I do not have a local client installed. I am guessing it is linking into MSN through Pidgin, getting the addresses there, and sending the spam, somehow, through MSN. Actually one MSN and one Hotmail account. I also have not been able to find an anti-virus program for Ubuntu. There do not seem to be any listed in the software repositories that Ubuntu links into. How do I get rid of it? My contacts are starting to get upset.
View 9 Replies
View Related