Ubuntu Servers :: Set Sudo Commands Restrictions

Nov 7, 2010

does anyone know how to set restrictions on the commands a user can run as sudo? i want to make it so they can only halt the system.

View 1 Replies


ADVERTISEMENT

Ubuntu Servers :: Ssh Restrictions Per Interface ?

Aug 20, 2010

I have a server with two active network interfaces. On one, I need ssh open for all users (it's running LTSP, and as I learned the hard way today, blocking ssh kills LDM access).

On the other interface (which connects to the rest of the network), I only want to allow a few administrative users to connnect.

Is there a way to do this cleanly using sshd_config or PAM? I don't want to do something hacky like running dropbear.

View 3 Replies View Related

Ubuntu Servers :: Put A Few Login Restrictions In Place?

Jun 3, 2010

I've got Ubuntu server 10.04 set up and I wanted to make a few restrictions. It's pretty much just acting as a VMware server at the moment, and there are some users I've created who I only want to be able to be able to log into the VMware infrastructure web interface. I want to make sure these users can't log in via SSH, FTP, or the console itself. I understand how to block them from logging in via SSH by using DenyUsers, and I added these users to the /etc/ftpusers file to lock them out of FTP, but how can I block them from logging in at the console itself?

I tried locking the user out by editing the /etc/passwd file, but the problem is that by doing this, it also prevents the user from being able to log into the VMware web interface.

The user's entry in /etc/passwd looks like this: bsmith:*:1005:1005:Bob Smith,,,:/home/bsmith:/bin/bash

View 3 Replies View Related

Ubuntu Servers :: Postfix Per User Smtpd Restrictions?

Feb 15, 2010

Been trying for some time to get Postfix to not allow some internal users to send email externally. I have found some good resources online but none of them work. The user is still able to send email internally and externally.

I used the following web pages to assist me... [URL]

Below is my main.cf
# See /usr/share/postfix/main.cf.dist for a commented, more complete version
# Debian specific: Specifying a file name will cause the first
# line of that file to be used as the name. The Debian default
# is /etc/mailname.

[Code]....

View 3 Replies View Related

Ubuntu :: Can't Do Any Sudo Commands In Terminal

Mar 20, 2010

I was following a guide to stop Ubuntu from always asking the root password. And apparently i messed something up in vsudo edit or something like that i was in... So now when i put in a sudo command i get this...

Quote:

>>> /etc/sudoers: syntax error near line 18 <<<
sudo: parse error in /etc/sudoers near line 18
sudo: no valid sudoers sources found, quitting

so i cant even get back to undo what i edited.

View 8 Replies View Related

Ubuntu :: Unable To Use Sudo And Su - Commands

May 23, 2011

I am unable to use sudo and su - commands. check my output below:

Code:

ubuntu@user1:~$ su -
Segmentation fault
ubuntu@user1:~$ sudo visudo
bash: /usr/bin/sudo: Permission denied

[code].....

View 9 Replies View Related

Ubuntu :: Edit Which Commands Require Sudo?

Aug 2, 2010

is there a way to edit which commands require a sudo? or some programs, like the CPU frequency monitor on panel, requires a password to change. where would i start if i want to change this?

View 2 Replies View Related

Ubuntu :: Where To Enter Commands Like $ Sudo /usr/etc/eth0

Aug 28, 2010

I am a Mac/ Windows user, forced to use Linux for my college work. I do not know where to enter commands like $ sudo /usr/etc/eth0 mvntz -do4i or how to make them work

I had a problem - the Wi-fi card in my laptop was not working. All the forums were useless. They wanted me to READ about wireless networking !

Finally a good friend solved the problem in a simple way : it appears Ubuntu has not installed the drivers for my Broadcom wireless card since it was not open source. I had to download it myself. Here is how : Go to System menu on the top bar. Choose administration/ hardware devices. Tell it to activate the device. It will download the drivers through the cable attached to DSL modem and install.

Then clicked the network icon, selected edit connections, and entered my wireless network name and password. This solved all problems.

Why doesn't Linux give me a warning that the driver for something is not yet installed ? When I was struggling with the network setup wizard for the whole day, there was no clue about the missing driver.

View 6 Replies View Related

General :: Sudo - Run All Commands With Password?

Feb 16, 2010

Having a problem with sudo. I'm down as a user who can run all commands as root provided I enter my password. The relevant line from my /etc/sudoers file :

Code:

user1 ALL=(ALL) ALL

There are several commands that I run quite frequently such as mount and fdisk but would like to avoid having to enter a password each time I use them. What would be the appropriate change to the sudoers file ?

UPDATE: I neglected to scroll down to the bottom of the /etc/sudoers file where there was the line :

Code:

%admin ALL=(ALL) ALL

and since user1 was a member of the admin group any predeeding lines were being overidden by this. Commenting out this line and adding

Code:

user1 ALL= NOPASSWD: /bin/mount, /sbin/fdisk

View 1 Replies View Related

Security :: Sudo To Disallow Certain Commands?

Jan 10, 2011

trying to devise a new sudoers configuration while building a new SOE and would like to force everyone (including system administrators) to use rootsh in favour of doing things like sudo -s, sudo bash, sudo tcsh and so forth. Effectively, use sudo to use any shell other than rootsh. Is there a way to allow users to run anything they want except shells. I realise this is a default permit which inherently is defective, but I'm not convinced that going through the 1559 executable commands of my (as yet incomplete) built system to decided on the likely 1000+ commands I would want to be genuinely allowed. As I said this is for system administrators first, and I'd like to forcibly instil the habit of sudo <command> or using rootsh to get an audited shell. But I know people are already not doing enough sudo <command> as it stands, rather they switch to bash.

View 7 Replies View Related

General :: How To Allow User To Execute All Commands Without Sudo

Apr 30, 2010

Customer asked me to create a menu for linux he also asked me to do this: Open like a command like where a user can execute commands...so for this the users have sudo enabled. The code below works OK. But it has an issue when a command is executed but the command does not need sudo

Like for instance
Code:
cd /
sudo: cd: command not found

How can I allow a user to execute all commands when a command does not need sudo
Code:
echo -e "Press Control+C to finish"
#echo -e " "
while true;
do
read whichcmd?"Insert Command: "
sudo $whichcmd
done

View 3 Replies View Related

Slackware :: Sudo Does Not Allow Access To Root Commands

Feb 22, 2011

In order to allow me to shutdown my PC from within fluxbox without being root I ran "visudo" and added the following line:

Code:

psionl0 ALL=(ALL) NOPASSWD: ALL

A check that the line had been accepted showed all ok:

Code:

bash-4.1$ sudo -l

User psionl0 may run the following commands on this host:

(ALL) NOPASSWD: ALL

Yet when I tested it out, I got nowhere:

Code:

bash-4.1$ sudo pkgtool
sudo: pkgtool: command not found
bash-4.1$ sudo shutdown -h now
sudo: shutdown: command not found
bash-4.1$

Have I done something wrong or isn't sudo meant to be used this way?

View 12 Replies View Related

Ubuntu :: Commands - Sudo Kill -9 -1 - Screen Became Blank - Keyboard Not Responding

Jul 11, 2011

I am learning linux commands. I just wanted to see what happens when I type

Code:

The screen became blank. Keyboard was not responding. I couldn't do a proper shutdown. I switched off computer by pulling out the plug. When I restarted, I heard a series of beeps (approximately 10 beeps). Then I was dropped to the grub prompt. The problem now is I can not type anything into the grub prompt, because the character 'c' is continously printed across the screen like this:

Code:

I couldn't stop the character 'c' from printing (I tried pressing Esc, Ctrl+C)

The solution is easy. I can reinstall grub from a livecd. Or even reinstalling the entire operating system wouldn't take more than 30 minutes. But I want to know:

1) What exactly happened to grub? What stage does this error belong to (1, 1.5 or 2)? What is the error number?

2) How can running "sudo kill -9 -1" affect grub?

View 5 Replies View Related

General :: Setting Up User To Use Sudo For Specific Commands?

Jan 17, 2011

I did some digging on the sudo command and I do know the config file is /etc/sudoers Read the manual for sudoers and found out that I must use visudo to edit the file I read some of the examples at the bottom of the file and tried entering my own account in following the example. one of the commands I was trying to allow my account to perform without root login is the mount command So I tried adding this in (kreid8 /bin/mount ALL) I then saved & exited the file and logged out of root and tried sudo mount -t vfat /dev/sdc1 /media. I got an error saying I had to be root in order to do that But when I use the visudo -l option it shows that I have that privellege. Did I edit the file incorrectly?

View 6 Replies View Related

Programming :: Automate The Password Prompt Required For Sudo Commands?

May 31, 2011

I have written a script to run commands on remote servers, it is working fine. But when I am running "sudo commands" on the remote servers, it asks for me password after prompting for ssh password. I am unable to automate this password prompt (which is just after ssh password prompt). This is the function I am using to provide passwords

Code:

pass ()
{
cd $DIR/"$dt1"_"$dt"
/usr/bin/perl << 'EOF'
use strict;

[code]....

I want the same function to be used , when it expects for sudo passwords for any of the below lines:

Code:

[sudo] password for vikas: orPassword: This is my "cmd" file passed in pass () function.

Code:

ssh -t -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no 192.168.1.100 "bash rcmds"

This is my script output

Quote:

[vikas@box1 ~]$ ./rscript.sh
++ rm -rf /home/vikas/May_31
++ mkdir -p /home/vikas/May_31
++ set +x

[code]....

how to automate the password prompt required for sudo commands.

View 8 Replies View Related

General :: Can't Execute Commands As Sudo Nor Access Sudoers File In Mandriva 2010.1

Aug 16, 2010

since a recent upgrade to Mandriva 2010.1 I am not able to 'sudo' as administrator or when I use the 'root' password. I am the only user on this machine (Dell Inspiron 530S multi-booted with Window's Vista Home Premium, Ubuntu 10.4, and Mandriva 2010.1). I can get into the 'Manage Users' section of the control center by authenticating as 'root' but I can't access 'sudoers file' from command line.

View 4 Replies View Related

General :: Server Terminal Keyboard Shortcut "F5" To Run Commands Sudo Apt-get Update

Sep 10, 2010

I was wondering is there a way to bind say "F5" to the command sudo apt-get update so I can press one key to write this into the terminal?

View 1 Replies View Related

Ubuntu Servers :: Commands Via Ssh On Server?

Aug 3, 2010

I have a server running. I administer this server via ssh and sftp. Commands that are executed on the ssh prompt are killed when I close the ssh connection. Is it not?If I put a '&' or '&&' after it, will this process keep running when I close the ssh connection?In what other way could I start 'applications'/processes in the background? like rtorrent for example.

View 5 Replies View Related

Ubuntu Servers :: Run Ssh Commands Though PHP On Website?

Nov 2, 2010

I'm trying to run ssh commands though PHP on my website. I found this tutorial for it: [URL] I've got a few problems here, when I do "apt-get install openssl-dev" I get this output:

Code:
Reading package lists... Done
Building dependency tree
Reading state information... Done
E: Couldn't find package openssl-dev

[Code].....

View 7 Replies View Related

Ubuntu Servers :: PSSH - How To Use Sudo

Oct 24, 2010

I have a set of servers that I have to manage and I thought that pssh (parallel-ssh) would be a great tool for the job. Except that I can not see how to use that with 'sudo'. I can set password-less ssh between multiple servers for a given user. But I cannot see how to do administrative work if I cannot call SUDO as it requires a password to be entered firstly.

View 5 Replies View Related

Ubuntu Servers :: 10.10 - Can't Sudo Apt-get Update

Mar 16, 2011

I wanted to installed transmission on my buntu server box 10.10 tonite so from my laptop top i ssh'd into it...which took an unordinary amount of time.. went to type in sudo apt-get install transmission half way through each word at the terminal prompt it would just hang...had to wait then it would recognize my typing and i could continue....pressed enter waited a long time; then noticed i coulnd't connect to the repos?

So i manually (as in sitting at the box not over ssh) tried to ping google nothing....sudo apt-get update....nothing....

- i restarted the machine twice
-sudo ifdown eth0 /sudo ifup eth0

sudo nano /etc/networking/interfaces made sure it said

Quote:

I have my router saved to assign 192.168.0.100 to the machines eth0 MAC of 00:14:2a:e9:15:0b so i can always use my webUI w/o having to guess my ip ifconfig shows my broadcast running i dunno i'm sooo confused and lost scared...a lil' cold....kinda hungry..pretty tired....

I'm on cli no gui anyone ever have this?

Quote:

View 8 Replies View Related

Ubuntu Servers :: Can't Sudo When X Forwarding

Jul 13, 2011

I'm trying to set up my mythtv backend on a headless box. The many tutorials out there tell you to run mythtv-setup from a machine with a display by x forwarding through ssh.

Code:

ssh -X username@ipaddress /usr/bin/mythtv-setup

The x forwarding works fine except that the first part of the mythtv-setup requires you to stop the mythtv-backend process which you have to do as root. It brings up a box asking for your password (much like is would if you just typed sudo xxxxxxx in the terminal) but it won't accept the password. Looking in the auth log it seems that it can't authenticate

Code:

Jul 13 11:21:08 server su[21869]: pam_unix(su:auth): authentication failure; logname= uid=1000 euid=0 tty=/dev/pts/1 ruser=administrator rhost= user=root
Jul 13 11:21:10 server su[21869]: pam_authenticate: Authentication failure

[code].....

Now I know that my account (administrator) can have root privileges because I can sudo xxxx to my hearts content via ssh in the terminal, but it seems to not work when it's being requested from a forwarded X window....

View 2 Replies View Related

Ubuntu Servers :: Any Way To See Running Commands With Timestamp?

Jul 26, 2010

I recently hired a new tech guy to start managing our servers. In doing this I went ahead and upgraded all the servers. It has been awhile now since I sent him the details of the new server and the last time I talked to him he was joking around with one of the other clients not realizing how long it took.

I know on other server moves, my old guy could have everything setup and running in a couple days as a good amount of time is waiting for the data to copy over. I am starting to wonder if this guy is going to try and throw a huge bill at me, so I would like to know what hes doing on the server with time stamps just so I can get a idea of how much time he has been logged into the server. Does this server OS have anything like this built in?

View 1 Replies View Related

Ubuntu Servers :: Where To Type Commands In Gnone Gui?

Oct 22, 2010

I am new to Linux, have used KDE/SLAX before but am now attempting to use linux on my old computer to accomplish these objectives:

1) Run an FTP so I (& my mates) can access files anywhere wit ease(no dramas).
2) Enable sharing of my drives so I can put files from Laptop into this computer

Now I have successfully Installed Ubuntu Server (Finallllly) but then messed up cuz I installed the Gnome GUI and now cant find any place where I can type any sudo commands. vsftpd should work for me right?

View 3 Replies View Related

Ubuntu Servers :: Up Key For Previous Commands Not Working?

Nov 8, 2010

My previous experience with Ubuntu desktop (which isn't much) while in the terminal the up key allowed me to see previously entered commands, but I have freshly installed Ubuntu Server Edition and the up key is not allowing me to do so, Is there a way to get this working?

View 3 Replies View Related

Ubuntu Servers :: JeOS 8.04 And Sudo Tab Completion?

Mar 3, 2010

how to get tab completion working with sudo in JeOS (Ubuntu Hardy) 8.04? Assuming I have the command '/usr/bin/svnadmin'. As a normal user I can type:

Code:
svnad + TAB
and it auto-completes as 'svnadmin'. If I type:
Code:
sudo svnad + TAB
nothing happens. My 'echo $SHELL' is '/bin/bash'. I tried enabling the following in '/etc/bash.bashrc':
Code:
if [ -f /etc/bash_completion ]; then

[Code]...

auto-completes as I'd expect. I think I once read that there's some kind of configuration variable for sudo that causes it to use a 'more secure' path rather than the current path in the user's environment. I can't find any info on it though. I'm executing the commands from my home directory.

View 5 Replies View Related

Ubuntu Servers :: Sudo And Ssh Not Working After Upgrade?

Jul 27, 2010

I have a server that started out at 8.04 LTS was upgraded to 8.10 and to 9.04. When I upgraded to 9.04 sudo and ssh stopped working.

Fortunately I have a root account and can login as root or su to root.

I suspect this is the result of changes I made to nsswitch.conf and pam.conf to get winbind working.

I was hoping for a fix by upgrading to 9.10, but that didn't work. I want to upgrade to 10.04 LTS, and stay there but I think need to resolve this first.

auth.log reports failed password for ssh attempts and authentication failed for sudo. I am at a loss to determine where the problem is and how to track it down.

View 3 Replies View Related

Ubuntu Servers :: Disable 'sudo' For All Or A Particular User And Allow Only 'su'?

Jul 30, 2010

How to disable 'sudo' for all or a particular user and allow only 'su'?

View 6 Replies View Related

Server :: Server Runs Commands Slowly / Root "sudo Mc" And Takes To Boot?

Sep 1, 2010

I have debian lenny, when I run an application is slow to load (example: iceweacel open and it takes, I can hold him iceweacel work normally), I tried to change from gnome to another and the same thing, went down some services (samba, squid) and nothing. I open a terminal and it takes, I want to duplicate it and do it fast. From a terminal without X (tty1) with root run mc and moves quickly, also run as root "sudo mc" and takes to boot.Any action done with sudo it takes to run.

Can not be what it takes to make starting the applications, not the PC because it is new, and from one moment to another I began to pass this

The sudoers file is fine, in the log's nothing unusual, since other PC take long to enter samba.

View 1 Replies View Related

Ubuntu Servers :: Commands To Sysadmins Run When You Connect To A New Server?

Apr 22, 2010

What type of server am I on? code...

View 3 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved