I use the following method for preventing the users from changing their passwords , is there any other method other than this ?
ls -l /usr/bin/passwd
-rwsr-xr-x 1 root root 37140 2010-01-26 12:09 /usr/bin/passwd
so we need to remove the suid for that command as follows :- chmod u-s /usr/bin/passwd now normal users won't be able to change their own passwords - and only the root user will be able to do it for them.
I use the following method for preventing the users from changing their passwords , is there any other method other than this ?ls -l /usr/bin/passwd-rwsr-xr-x 1 root root 37140 2010-01-26 12:09 /usr/bin/passwdso we need to remove the suid for that command as follows :- chmod u-s /usr/bin/passwdnow normal users won't be able to change their own passwords - and only the root user will be able to do it for them.
View 9 Replies View RelatedHow can I prevent users from changing their own password? I was surprisingly unsuccessfull in finding a solution for this on google. Lots of stuff about hardening ssh access or dealing with password aging using "chage" but nowhere could I find an answer for my question.
View 5 Replies View RelatedI am administrating a system with about 40 or 50 users, and we recently jumped ship from windows to ubuntu. Most of my users are getting along fine, but it seems every few days, i have to help someone who accidentally changed something, and now their account (or more rarely, the machine) is unusable, and has to be reset.
I know configuring /etc/sudoers is a huge step toward fixing my problem, but that still will not completely solve it. What I would like to do is prevent users from making ANY changes to the system (aside from their work files and the like), including themes, icons, desktop, background, etc.
'readonly HISTFILE'
but the user could tamper with the histfile itself. Like:
rm -f $HISTFILE;
rm -f $HISTFILE; mkdir $HISTFILE;
rm -f $HISTFILE; ln -s /dev/null $HISTFILE;
I'm experimenting with PROMPT_COMMAND to execute a command each time the user executes a command and so log it somewhere else.This post was pruned from the 2009 Is there a way to prevent users from changing or unset their HISTFILE variable? thread. Please do not resurrect old threads but instead create your own (and maybe provide a link to the old one).
The title says it; I want to prevent users from viewing the wireless network password.
View 9 Replies View RelatedI am on ubuntu server and its joined to an W3k Domain thru winbind/samba. However everything works fine and Windows and Local users can login to the machine without any problem. However when I wanted to create a local user X and change his password I couldn't. It created the local user X but I could not change the password.
View 1 Replies View RelatedI am on ubuntu server and its joined to an W3k Domain thru winbind/samba. However everything works fine and Windows and Local users can login to the machine without any problem. However when I wanted to create a local user X and change his password I couldn'tIt created the local user X but I could not change the password. Here are the outputs:
Pam configs:
Common-account:
account sufficient pam_winbind.so
[code]...
I am using Mandriva 2010.2 KDE. When I try to change my password, using the Welcome>About Me>Change Password, I am asked to type in my current password, after I press OK, the dialogue box just seems to hang, nothing happens, the computer does not freeze, just the password dialogue box kind of stops responding.
View 3 Replies View RelatedI want the users to access servers via ssh public key only. By default they don't know their initial password and do need to change that when performing administrative tasks.For changing their passwords without knowing the old they need to switch to root for this special case.The only case it seems I don't have control is that users can not only change their password but also the password of other peoples. Does someone sees a solution (without apparmor/selinux and special /usr/bin/passwd.sh) to restrict users to only change their password?I miss the feature of using environment variables in sudoers file.
View 9 Replies View RelatedSometimes when starting applications, especially with Wine, the screen resizes to a much lower resolution. Sometimes when I close the application & usually when it crashes/I have to kill it, the screen stays at that much lower resolution. To get my normal 1900*1200 resolution back I have to delete all the applets I've put in the top menu bar to for there to be enough space for the menu to appear for me to select System>Prefs>Monitors.How can I prevent an application from altering my resolution & just force it to run windowed, or at a higher resolution?
View 1 Replies View RelatedI am facing a really weird kind of issues where my boss has asked me block everybody from changing their wallpapers and put a default one there.
View 11 Replies View RelatedI have a box with about 30-40 users on it, and I need to prevent a certain group of users from using sudo at all. Is this even possible.
View 4 Replies View RelatedRunning Centos 5.5 64bit. Sometimes I boot this instalation in real machine, sometimas using vmware workstation. The problem is that these environments have different network interface cards - as soon as kudzu detects that network device changed it renames ifcfg-eth0 to ifcfg-eth0.bak and places new default ifcfg-eth0.
Is it possible to command kudzu to leave ifcfg-eth0 as it is ?
i would like to prevent all users other than the user "parker" on my system from using the su or sudo commands. I have not attempted to modify the sudoers file so it just contains the standard root ALL = (ALL) ALL.
View 5 Replies View RelatedIf there is a simple way to prevent accidental shutdown when the following situation occurs:
Sometimes, I log in on my father's computer to run some administrations' tasks (updates...). For that, I use SSH since I'm frequently far from my parents and what I want is to prevent a shutdown run by my father. Of course, he should be able to turn off by himself if nobody else is connected.
Molly-Guard allows to prevent distant shutdown, my request is a kind of complementary software.
Does anyone know a project which could fit with this request? Do you have simple ideas to write a short code I know bash, perl, python...
Is it possible to have a user in Ubuntu/Debian that does not have access to synaptic, apt-get, dpkg and cannot even download anything from the Web, but has root privileges otherwise?
Original post (above translated by aimar) code...
I'm looking for a manner to prevent users from changing the desktop background/wallpaper and all other gnome configuration with booth Ubuntu and Kubuntu. This too (Abraxis, some years ago, have same my problem) [URL] do not solve the problem, for example if I change whit chown (*) own and group of this file to root /.gconf/desktop/gnome/background/%gconf.xml, at the next reboot file return in the previous state. (I don't like Pessulus).
(*)
chown root:root %gconf.xml
chmod 644 %gconf.xml
At the reboot file change automatically owner to "student", I don't know why?
I want to prevent users changing the wallpaper, as i couldn't found any direct method I thought of preventing the /usr/bin/gnome-appearance-properties being running,
I know that the user also can set the wallpaper without running that . But didn't found any other way .
I tried to use SELinux to it and I'm stuck at writing a own policy.
According to SELinux, it prevents everything ., but as i have mapped the user to a SElinux user ,even though he can use administrative tasks , he can run the appearance window. that means he has got the permission from a different policy , Currently I'm stuck at this place.
Suitable way to prevent the wallpaper being changed by the normal users.
Is there a way to avoid changing the wallpaper/Desktop background other the onces which come as default on fedora?
View 1 Replies View RelatedI have a created a wireless connection from the main admin account and checked the box saying "Available to all users", everything is working correctly. I only need to prevent the Desktop Users from switching the connection to another one.
View 4 Replies View RelatedI have a box with multiple users on it and I want everyone to be able to have full access to their home folders, but not be able to see the contents of /home/ or another user's home folder (I.E. bob has full access to /home/bob but cannot access or even see the contents of /home/john)Right now users can see other user's home folders but can't modify what's inside. How do I prevent them from seeing the contents at all?
View 1 Replies View RelatedWhat is the best way to prevent some user run some command? For example every body can run at and batch command and 3 or 4 special users prevent run these command?
View 7 Replies View RelatedI've a Linux box with few users (with shell). I would like to prevent normal users see all the processes running on the box. How can I implement this?
View 1 Replies View RelatedIn Linux, how do i prevent users from executing chown, chgrp or chmod?
View 2 Replies View RelatedEvery time after reboot it asks for the password. I need it to just lower this security and do this by itself.
Also, in general, how can I prevent Ubuntu from asking the password from the interactive user at all?
I have a Windows share on my network and I protected it with a password. I access it with my Ubuntu desktop, and I saved my password the first time I accessed it. The password is saved in Seahorse (the keyring), but each time I try to access my Windows share, I have to type in my keyring password.Despite trying several tutos, I haven't been able to prevent keyring from asking for my keyring password.
View 9 Replies View RelatedI have searched far and wide but could not seem to find a way to prevent GDM from hiding the password field. I am the only user of my laptop, to login I first need to click the login name to show the password field and then I can enter the password. I would like to have the password field always visible and have focus.
View 2 Replies View RelatedHow do I stop users from changing their background? I'm installing ubuntu on some (non-networked) computers at my school, and I don't want the students to change the background on the desktop. I don't care if they change it during their session, but it must revert to the default when the session is logged-out or shutdown.
View 1 Replies View RelatedIm trying to config my intranet to be accessible from inside the network (lan) without need of password and ask for a passwd for those who are viewing from Wan ....
Today my intranet can only be accessed from Lan, external access give me an Unauthorized message, I took look around, try #irc and still can get the appropriated help, I hope that someone here could help me on that...
A piece of my config:
Code: