Ubuntu Security :: Disable Listing Of User Accounts In 'Switch From'
May 12, 2010
Once again, nobody seems to understand security properly when they decide to add nifty new features. After upgrading to 10.04 from 9.10, I now have a listing of all the user accounts under "Switch from" when I go the the logout menu at the upper right side of the task bar. This is a terrible security hole that should never have been allowed in the first place, and is just as annoying as the default behavior of listing all the user accounts on the login screen.
View 5 Replies
ADVERTISEMENT
Apr 8, 2009
I have a windows 2003 active directory and dansguardian transparent web filter. I want that dansguardian filters according by whom is logged on the workstation. Can this be possible?
View 2 Replies
View Related
Feb 21, 2011
I am looking at creating two user accounts for "contract system admins"..These guys will be performing sys admin duties for a sever -- however, I am still concerned about security of data. For example, the server contains password information for our database, etc.Besides making them sign an NDA, etc. what other security mechanisms could I put in place to ensure that they don't just go buck wild. For example, when someone makes a sudo command, is this logged?
what are some recommendations for general security practices?
View 1 Replies
View Related
Sep 25, 2009
way to automate adding and removing users from 10 different Fedora 7 servers. We use them as print servers and our users have a user name and password to authenticate with when printing. We also use Samba to talk to a W2k3 server that tracks and charges the users for what they print. The set up was done by a vendor and after 6 months of being in production the scripts they created has flaws.
I need a way for a script to run as often as possible that will remove, change, or delete user accounts from the servers and from Samba. how to most effectively achieve this?
It would be ideal to have a file that gets written to when a change needs to be made then a script to make these changes?
View 1 Replies
View Related
Jan 1, 2011
My Linux is Fedora release 13. I found there are a few users created not by me. I am not sure if the system got hacked somehow. Then the hackers created these users, i.e. (1) oracle, (2) exim, (3) test, (4) cox. I tried to delete all of these four users by using "usrdel" command but the system said "I cannot delete these users as the users are logging in". If my system got hacked ?? or these users are created by the system itself?
View 8 Replies
View Related
Jun 8, 2010
I am trying to disable accounts after 5 unsuccessful login attempts. I am following the guidelines in this article:
[URL]
This is on an Oracle Enterprise 5.4 box, which is essentially RHEL 5.4 Here is what my /etc/pam.d/system-auth looks like:
--------
#%PAM-1.0
# This file is auto-generated.
# User changes will be destroyed the next time authconfig is run.
[code]....
Unfortunately, the account does not seem to be locked or disabled. As root, runninng 'su test2 -c <some-command>' always sucessfully runs <some-command>, and leaves the failed attempt count at 6. /etc/shadow does not have an * or ! anywhere in the encrypted password for the 'test1' user.
What am I doing wrong? I thought that with the max attempts set to 0 in faillog, that the deny= parameter would be used. I thought I should be using su <user> -c <command> from the root account to test if the disable feature is working.
View 1 Replies
View Related
Mar 1, 2011
We have 4 servers having rhel 5.2. We have several users logged in on one of them. We have nis server/client running on them and have common home area mounted on all of them. Now we want to disable/block the accounts of the users who have not accessed our servers in last 2 months from today.What logic should we apply to do so? We were checking stat of .bashrc of each user but is not correct logic. We are going to write shell script for the same. We dont want to do anything in users home area or their files.
View 11 Replies
View Related
Apr 7, 2010
I just want to disable rm command for an user..Root only need to use that
View 14 Replies
View Related
Feb 25, 2011
I want to disable the remote login for particular user id in linux server.
View 11 Replies
View Related
Jan 12, 2009
It seem like unix abit annoying every time you log in you need to password can I disable it
View 10 Replies
View Related
Oct 5, 2010
I am using Red Hat LDAP (version 3) and I have passwordLockout set as "on" at global level. Is there a way to disable account lockout for a specific user?
View 1 Replies
View Related
Feb 19, 2010
Is it possible to completely disable the password change for users accounts in linux?? (I don't mind account lock)
View 2 Replies
View Related
Sep 3, 2011
Is it possible for a non-root user to hide themselves from the output of who/w, so that they can be logged in without other users seeing it? I think that the file /var/run/utmp might have something to do with this, but it's not writeable by non-root users (permission 644). I'm fairly certain that this can be done by a non-privileged user (because someone told me that they were able to do so), but I don't know how they did it and can't ask them right now.
View 1 Replies
View Related
Mar 4, 2011
We have 4 servers having rhel 5.2. We have several users logged in on one of them. We have nis server/client running on them and have common home area mounted on all of them. Now we want to disable/block the accounts of the users who have not accessed our servers in last 2 months from today. What logic should we apply to do so? We were checking stat of .bashrc of each user but is not correct logic. We are going to write shell script for the same. We don't want to do anything in users home area or their files.
View 2 Replies
View Related
May 3, 2011
I have, for example, a folder called "MyFolder" and it contains 3 files: MyFile1, MyFile2, MyFile3. The only file that I do NOT want a particular user/group to even see that it exists is, for exmple, MyFile2.So, when they do a directory listing on MyFolder, they should only see MyFile1 and MyFile3. How can this be done in Linux? The important thing is that it is not just preventing them from "executing" MyFile2, but to prevent them from even knowing that it exists by not including it in a directory listing.This is a simpified example using one file, but in reality, I have lots of files and some of those that I want to block are also subfolders.It is very important for me to hide the existence of certain files/folders when the user does a directory listing. It's also important that the files stay in their current folder (that is, I can't use a workaround which requires moving all the files into a separate folder and then securing that folder).
View 4 Replies
View Related
Feb 6, 2010
I'm installing a new laptop for a friend of mine and he wants 3 user accounts, similair to how he runs his windows setup.
1, an admin account, we have called this account peacemaker.
2. his account
3. an account for his girlfriend.
The problem we have is that if we want to do anything from the terminal that requires elevated priviledges, sudo does not accept his password or that of peacemakers. we have done sudo -i -u peacemaker but it still doesn't accept either password, stating his account is not in the sudoers list.
I'm not a massive expert here, but research brought me to this page:[URL]... But that then just means his account has admin rights, which is what we were trying to avoid. We wanted a setup similair to windows where if you want to run someting with elevated privledges if pops up asking for the admin password. This works in the gui, but not in the terminal.
So in short, my question is, is there anyway of having the terminal accept peacemakers user rights from the his normal user account? If I add the account to the sudoers list like it suggests, does this again just give his account the prilvedges rather than saying supply me with the password for peacemaker.
this is probably not really needed and he can just have his account as the main user, but coming from a windows background, he would prefer the 3 user accounts model (2 normal users, 1 admin)
View 4 Replies
View Related
Feb 28, 2010
I'm using ubuntu and i need to know if it is possible to make a "prototype" account that sets the defaults for new users when a new account is made. How would i go about doing this. I would like to have the same start up programs, panel, themes, background, etc...
View 6 Replies
View Related
Dec 7, 2010
Is it possible to install Ubuntu Server and have user accounts and log into the server via a Windows XP machine? Sorry if its a stupid question! Many thanks
View 3 Replies
View Related
May 17, 2010
I have upgraded to Lucid, but was having the same issues on Karmic. I made a 2nd user acct we'll call X and we'll call the original acct Y. All of these issues only happened after creating X.
On X I have: sound Things wrong with X: I don't have the ability to modify any folders (even ones that are made from X's acct), I can't change the password or even access the Users and Groups, I can't modify any browser settings in Firefox but can on Chromium, the option for wireless is completely gone
On Y I have: the ability to access users and groups, the ability to modify all folders on either acct, the ability to change any settings on anything Things wrong with Y: no sound (doesn't even show the driver, but the driver is there on X's acct), wireless is completely gone (just like X's acct), even though I can access Users and Groups I cannot modify anything about X's acct
My first thought was to completely delete X since that's when all the problems began, but I'm afraid that since X seems to have "stolen" my sound card, that will be lost forever. I am also afraid that since neither account has wireless deleting X might hinder ever getting it back.
View 1 Replies
View Related
Jan 6, 2010
I recently made a computer for someone who decided to get a new one instead.. so i thought i'd make a server out of it lk i had it before. so i deleted their account (while on their account) and made me an account.. but now when i try to login to my account it's.. not there? such as when i type my username and pass it says i entered an invalid user/pass. any idea how i can get my user accounts back or atleast logon to this system? i know the root password if there's any way i can login under the root account.
View 8 Replies
View Related
Aug 26, 2010
I am thinking of getting a domain name or ten I do not know were to point the domain to?
and what do I need to setup if a user wants a domain name to point to his account on the server? ok more like I want to have a few domains pointing to my user accounts I have setup on the server..can I do this directly or do I need a server domain first before users can get a domain name?
I have a basic setup user web space and ftp and mysql setup
what extra would I have to install or not to be able to get a domain pointed to my server and/or user accounts?
I don't seem to be able to find anything specific on how to set this up anywhere.
View 7 Replies
View Related
Aug 19, 2009
We have a web server and are trying to meet a clients requirementes around accountability.Basically, everything in the system should be accomplished using user accounts that are individually identifiable. So basically, no root user, since that's anonymous.So how should we set up these user accounts?Being administrators, we want them to have easy access to files not owned by them, such as ones uploaded using FTP accounts or via apache.We want to be as secure as possible though.
My current thought is to add them to the root group so they have full read access throughout the system, and add them to sudo, but I worry that gives them too much control.
View 3 Replies
View Related
Jul 12, 2011
This computer is set up as dual boot Ubuntu / Windows 7.
I have accounts for my sons set up in Windows 7, and also in Ubuntu (11.04).
How can I give them permission to access their (and only their own) user area in windows ("/User/jasper/Documents/..." etc)?
View 1 Replies
View Related
Aug 17, 2010
Can we use CRON to create new user accounts?
View 4 Replies
View Related
May 11, 2010
i'm configuring sendmail for a little office but i was requested for two domains e.g. [URL] and [URL] i've created this two domains but at the moment i create a user account how could i make the difference between wich domain the user belongs?
View 1 Replies
View Related
Dec 13, 2010
I am trying to make subversion to use the user account from bugzilla. I surf the net and found many threads related but most of them are out-of-dated. I have install the following software on ubuntu10.10
1. apache2 -- apt-get install apache
2. subversion -- apt-get install subversion
3. bugzilla3 -- apt-get install bugzilla3
4. libapache2-mod-auth-mysql -- apt-get install libapache2-mod-auth-mysql
After installing those softwares needed, I edited the conf file on /etc/apache2/mods-available/dav_svn.conf
Code:
<Location /svn>
DAV svn
SVNParentPath /svnroot
SVNListParentPath On
[code]....
View 1 Replies
View Related
Mar 19, 2010
I've just rebuilt a server that had SLES10 to Slackware64 13.0. I wanted to keep all users and their passwords, so I copied all user entries in the old SLES /etc/passwd and /etc/shadow files to the corresponding new Slackware files. It turns out that the passwords are not interpreted correctly. I presume that SLES uses a different hashing function than slackware. Is there an easy way to convert these hashes, or will I have to reset all passwords and force users to change at login?
View 3 Replies
View Related
Sep 8, 2010
I recently received an email from a friend without subject and just a link. Since we do that a lot, I clicked on it. I was taking to a website that looks like a phishing site and my computer hard drive started working feverishly. I closed it quickly.
First, I want you guys to be aware of this thing since it seems to be fairly new.
Second, I want to know if I have been compromised. I already changed the password on my gmail account and I accessed the site using Ubuntu and Firefox.
View 3 Replies
View Related
Nov 26, 2010
allow sftp access to my Ubuntu system (happens to be desktop as it's also my main system) using accounts that are not able to login normally. (I have already managed to create such accounts.) These accounts need to be chrooted (also already accomplished with the openssh daemon settings.) Where I run into problems is that I want to give them (read only) access to files outside the chroot (on another partition in fact) and the matter if made more difficult because the directories to be shared are on NTFS-3G partitions (as they are a shared linux / windows storage drive). Is this possible and if so, what do I need to do?
Edit - Forgot to include versions
Ubuntu 10.10
openssh 1.5.5p1-4ubuntu4 (the one that comes with 10.10)
View 9 Replies
View Related
May 7, 2010
I recently ran into a situation where the ftp user account suddenly could not login. I used the User and Groups system tool to check the user account and reset the password. I then attempted to use ftp and login with the new password and still could not. I then went to check the permissions on the folder and found that the system partition was full, so using gpartd I was able to resize the system partition.
However this still did not fix the ftp login problem. When I opened the User and Groups tool again, all users,including my main account, except root are no longer displayed and all groups are not showing. If I try to add the original ftpuser account I get the message that the user already exists. And my main account works for login still. If I add a new user, it is not displayed in the list either.
If I do a cat /etc/passwd I see all the users listed including the new one I created and cat /etc/group displays all the groups and everything looks like the users are still associated with the correct groups. I can use passwd to change the account password without error and I can use adduser to add another user. Howerver no users are listed in the User and Groups tool and users still can not login to ftp. I can reinstall proftp if needed but I would like to be able to use the User and Groups tool to administer users again.
PS: Forgot that just before encountering the ftp login problem, Update Manager and some updates listed that I attempted to install but got an error and didn't have time to check why. Now I know that the partition was full.
View 1 Replies
View Related
