Does anyone know how to modify permission on jail user. current jail user added to its /home/jail/*
How can I assign jail user(s) enough permission to access /opt, /var, or any other directories other than /home/jail/* ?
I recently started using SVN with Apache for my web development, although I find it really annoying that I have to issue two SVN commands (one local, one remote) to update my web site. I have been looking into SVN post-commit hooks to solve this problem. The only problem is that apache does not have permission to modify files in my user directory... So here is how everything is setup. I am running Slackware 13 full install. There have been no installations overriding any of the default installs.
[Code]....
chroot in two mini distros (Tiny Core and SliTaz): chroot jail appears 'blind'. Chroot can't find any files in the jail and exit with error code. Example (ugly):
Code:
# mkdir /mnt/test
# mkdir /mnt/test/bin
# mkdir /mnt/test/dev
# mkdir /mnt/test/proc
# mkdir /mnt/test/lib
# mount /dev/hdb1 /mnt/test
# mount -t proc none /mnt/test/proc
[Code]...
chroot: cannot execute /bin/bash: No such file or directory Where is the problem?
I want to have an account (beta user), on which:I can use the Internet and other programs without administrative rights without the right to install programs with a kind of sandbox for everything that is connected to the Internet, which means: everything that is associated with the web browser's processes and files that I save to hard disk I want to be separated from the rest of the system, so that whatever can catch up on this account will be locked in it, for example any (if at all) possible malicious scripts from Internet or whatever may be dangerous now or invented in the future. Sometimes, for example, I save the web page to disk with all it content.
And in case someone cracked into this account I want make it in that way that he could not do any tricks to read or change passwords, or make any other changes to the system. The best would be if a password for that user might serve only to log in without having any other powers, and I would give that user an automatic login. For now I created a beta user without administrative rights. I understand that the limiting rights of the user are associated with limiting rights to their home directory. There are also groups, and a user may be included or excluded. I excluded that user from admin group but I don't know what else I can limit and how. When I give chmod 0644 for /home of this user he cannot run Firefox. When I give him 0740 he can run applications, so I assume the x attribute must be preserved.
This is a user without sudo rights, so when I type sudo apt-get update a message shows up correctly that this user doesn't belong to the sudoers group. But still it's not what I wanted. When the user runs Gufw and wants to change the settings to disable the firewall, a message shows up asking to type in a password of alpha user = primary user, which is that belonging to the sudoers group, the first / main user that I created during system installation. I wish that there was only the message that the beta user has no power to change anything, which means even completely remove the possibility of asking for sudo.
In addition, I wish that this beta couldn't be able to change the permissions to its home directory, or go to see what is above. Because so far beta can change the file permissions for its /home, even without a sudo password. How can I do it? Do I need to create a kind of chroot jail for this user? I would like any changes to that user account could be made only after the user log off from beta account, and log in on alfa account and that beta could run only programs that ware installed by alpha. And that beta could read and write, but alfa could also read and write or remove, alter files on beta account. Basically, alfa account should be superior to beta account. Can do that?
In RedHat 4/5 How can i jail/restrict an sftp user to his home directory?
Can i do this without using rssh ?
I have a ftponly user "rom" in my box. This is used by our vendor to send files through ftp. When they send files the ownership of files are all the same as user name group created in this machine.But our application engineers use another user name "deb" to process these file. But as the owner of these file are "rom", they cannot process with their user. Manually they modify the user name and group and then they able to process.The group ID of the two users are different and its application dependent.how should the ownership will be modified automatically or is there any workaround or script to modify the ownership of these file for application user's?
View 5 Replies View RelatedIs it possible to somehow setup a secondary group of log files that log every action taken on the server where your average user wouldn't know that they're being logged. Perhaps if a hacker got in and messed around or something you'd be able to see what they did, but they wouldn't have permission to modify the file.
View 1 Replies View Relatedcreated a user but i forgot to change the home directory permission.so after user created when i go to the user and group mangement i cant see that permission filed related to the home permission directory.my purpose is to stop accessing other user to my home directory,how it can be possible??
View 4 Replies View RelatedI am having dificulting with www-data as the user for apache2. I would like to change the user to my desktop user so that I can limit access to one unknown users. I am also having problems with my wordpress website and the permalink settings. which file I should look at modifing and what I need to modify?
View 9 Replies View RelatedI know if I run repquota -a I can see the quotas set for all users.How do I modify the quota for a specific user?So say the output for john is:User used soft hard grace used soft hard grace----------------------------------------------------------------------john.someth -- 122844 51200 51200 4995 0 0How do I make his block limits 0 so they are unlimited?
View 1 Replies View Relatedlook at this : Uploaded with ImageShack.us how can set permissions in linux like this? I want one user can delete files but can't modify them and ... in linux i have 3 group to assign read write and execute them. is ntfs flexible than linux file system?
View 4 Replies View RelatedI have developed an application, in C language, that should received the EPOCH time (6 bytes) at about every 30 min. What function should I use as a non root user to modify the System Time.? The idea is that the same application could update the System Time. I am using Ubuntu.
View 1 Replies View RelatedWe are looking to monitor and log selected application file systems for file create/modify/delete changes that will also include, user account that changed/deleted the file, file name and date and time of event. Everything I have looked at does not seem to provide all of the information that we need.Inotify seems to monitor modify/create/delete but does not seem to provide the user account. Auditd seems to monitor modify/create/append with user account, but not deletes.We need to provide this information to auditing for Sarbane Oxley compliance.
View 3 Replies View RelatedI want to forbid a user to make changes to preferences of iceweasel, specifically to modify proxy settings of the browser. Although user should still be able to use the browser.
I assume these settings are stored in some file on a harddrive? If so, what is this file and can i simply make it read-only for users? Or any other solution?
I'm completely new to Linux/Ubuntu, but I managed to create a FTP server by using apt-get vsftpd or something.I followed a tutorial and modified a file called vsftpd.conf.I tried to disable all kind ofblocking/permissions. From a Windows client, I can connect to it without any login (I enabled anonymous) and I can download from it, but I am unable to modify it or upload files. Unless there is a better way to transfer files between the computers, how can I enable writing on the FTP server?
View 3 Replies View RelatedI want to modify apache IPv4 configuration to IPv6 configOn both windows and ubuntu.
View 1 Replies View RelatedI'm installing Wordpress and I want Hosting Multiple Sites with them. For that I need modify the httpd.conf file but it's empty. Where I can make that changes? These are the changes:
1. Type: LoadModule rewrite_module /libexec/mod_rewrite.so
2. Find the <VirtualHost> section in the httpd.conf file.
3. Find a line in the <VirtualHost> section of the httpd.conf that looks like this: AllowOverride None
3. Replace that line with this line: AllowOverride FileInfo Options
4. On a new line, type ServerAlias *.[URL].
5. Save the httpd.conf file and close it.
I would like to create a simple bash script, that will enable me to connect to a list of defined linux servers and execute a command there.
I looks like this code...
I am running the script under a regular user not root.
How shall I modify the script to go through all the servers?
I have a multi user system for my roommates and myself that has separate folders for each of us. I've got user authentication working with samba, but unless I set every file and folder readable/writeable by all users, I can't browse it or edit the files.This isn't ideal as the shares are open to other users access, so I'm hoping there's a way to keep folders at 750 and files at 660 while allowing samba users to browse, delete and edit.Also, the samba share is actually a mounted NFS share from another server. Both the NFS server and the Samba server have the same users/uid's. When a file is created from a Windows host via the Samba client, the NFS server's permissions do show that the correct user owns the files, but since the files aren't mode 666 but 640 I can't edit or delete the file.
View 4 Replies View RelatedI would like to allow a user to login through SSH but with differentpermission coming from different ipaddress.For example, a user "tester" login to SSH through 192.168.1.1 andanother user login with the same login id "tester" but from differentip 192.168.1.2.How do I restrict 192.168.1.2 to only allow for viewing the content inthe home directory while giving 192.168.1.1 full access?I got a suggestion from some oneApproach 1) Based on the ip you change the shell. If it's just for read only ajail would be fine.but how do I change shell based on IP?Approach 2) to have two ssh instances. Let's say port 22 and port 24. Port 22 isfor read only, while port 24 is for full accessso how can it be possible to give port 22 only read only access to SSH
View 1 Replies View RelatedI have a few ubuntu servers which have samba shares on the network and for the most part have had little trouble with them. Recently we purchased a few iMac's for one of our deptartments and, while we're able to access the shares, all the files on them are read-only and we are unable to delete/modify files using the iMacs. This is not an issue with any of our windows machines (W2K, WinXP, Vista).
View 2 Replies View RelatedI have a problem about user permission, I just destroy my user...So, I create a new one. But I can't have the permission to use "sudo" or to install program... So, I cannot do a lot of thing in my computer. The logical solution is to boot in failsafe mode and access to the root terminal, but, I don't know how to change the permission to allow me to use sudo.
View 5 Replies View Relatedwhen i move to /usr/share/backgrounds/ and after right click when i go to properties then in tab of Permission it says I am not ROOT user. through TERMINAL I changed the root password using commands (sudo passwd root ) tthe changes has been made succesful eventhough it does not give me root user status.When i connect to internet then after click of connect button ,a pop up appears and says "Enter password to unlock your login keyringThe password you use to log in to your computer no longer matches that of your login keyring."
View 1 Replies View RelatedWe are using ubuntu 10.04 desktop version.ls > /dev/lp0 permission denied in user account we need user can access lp0 /usblp0. Our printing module is lp0 writing technology example dir >prn.
View 3 Replies View RelatedI am in the process of setting up a new server (Debian - Lenny - now updated to Squeeze) and every things were going fine. But unfortunately from today , whenever a user login to ftp, it says
550 permission denied and not able upload / edit or remove any files ( i am able to see all files and folders)
Yesterday it was working fine..
I tried using bot Pure Ftp and Proftp and the issue is common
What I am trying to do is
add a unix user exalmple through adduser command with default directory for the user as /var/www/example.com (shell enabled)
owner of example.com is example
and using the above user name and password to ftp files to the folder
I would like to allow a user to login through SSH but with different permission coming from different ipaddress.
For example, a user "tester" login to SSH through 192.168.1.1 and another user login with the same login id "tester" but from different ip 192.168.1.2.
How do I restrict 192.168.1.2 to only allow for viewing the content in the home directory while giving 192.168.1.1 full access?
I'm a new Ubuntu user, I just installed Ubuntu today and I'm loving it. But this issue has been driving me nuts all day, I've searched for hours for something like this and all posts were about external hard drives. I installed Ubuntu 10.04 on my MBP 13" then dual booted into Ubuntu. I can mount and access my MBP hard drive, but when it comes to the Mac home user files, I don't have permission to even READ.
How can I change that? I tried doing so by dual booting into Mac and changing the folder permissions and also making them shared folders but nothing worked.
I'm having an odd problem (although I'm probably missing something obvious to a non-semi-newbie):I have a directory used for samba shares which is owned by user fred, a system user which the windows clients on my network authenticate with to access the shares. I, roger, want to access the directories without having to put my 'sudo boots' on every time, so I made the directory group users and added roger to that group, and changed the file/folder modes from 0755 to 0775.However I still do not have write permissions inside the directory; I still seem to be considered 'other' and hence only have read and execute.
View 6 Replies View RelatedThis computer is set up as dual boot Ubuntu / Windows 7.
I have accounts for my sons set up in Windows 7, and also in Ubuntu (11.04).
How can I give them permission to access their (and only their own) user area in windows ("/User/jasper/Documents/..." etc)?
I need to configure software as debian image to work on server. I need to create user who is not root, but being able to change IP (I don't know if administrators who will install my image need to give static IP to it, so I want to create special user role for them being able to change IP but not able to see some restricted folders in the image).
View 2 Replies View Related