Networking :: Run The Job Under A Root Account And Deny Read/write Access To A Normal User?
Jan 18, 2010
I'm setting up Ubuntu Karmic on my sister's old computer for my nephew, he's quite young so my sister asked to install some content filtering. I'll first setup an OpenDNS account and I've installed and managed to get dansguardian and squid working on a virtual machine to try it out. so far it's working pretty well, but I need to secure it form the inside out.
I was thinking of blocking specific outbound ports so he could not bypass the proxy. because by default the firefox configuration can be easily changed. so I have a couple of questions.
1. is it possible to block outgoing ports on Ubuntu?
2. is that the best method?
3. is there anything else I should be aware of to prevent subversion?
lastly, this question is probably unrelated to this board but I've set up a cron job to update a dynamic ip with OpenDNS, the problem is that the password is in clear text in the user's crontab, can I play with permissions? is it possible to run the job under a root account and deny read/write access to a normal user?
View 1 Replies
ADVERTISEMENT
Dec 19, 2010
I made a Desktop User account. When I went on that account, it allowed me to execute sudo as if I was an administrator. I don't know what might be causing this. I do have ufw set up and blocking incoming connections. Do you guys know what might be at the root of this?Also, when I used sudo from the user account (which I shouldn't have been able to do), I provided the password for my admin account.
View 9 Replies
View Related
Oct 2, 2010
On a Fedora Core box, I have a normal non-privileged user and I also have sole access to the root account. Because I am the only administrator of this box, I frequently su over to root for administrative tasks. The problem is that many of the user configuration I've become accustomed to are only configured on my day-to-day account (.vimrc, .bashrc, .screenrc, etc). Other than giving my day-to-day user account privileges to perform administration tasks, how would I go about sharing configuration between these two accounts?
View 1 Replies
View Related
Oct 6, 2010
I want to simply mount an ext4 file-system onto a normal mount point in Ubuntu (/media/whereever), as read-writable for the current logged-in user, i.e. me.
I don't want to add anything into /etc/fstab, I just want to do it now, manually. I need super-user privileges to mount a device, but then only root can read-write that mount. I've tried various of the mount options, added it into fstab, but with no luck.
View 3 Replies
View Related
Jun 24, 2010
I am a user of a cluster. I don't want root to see/copy files from my user account(obviously). Is that possible to limit the access of root to users account?
View 14 Replies
View Related
Jun 18, 2010
How to login in "root" from a "normal user" account by the Quote:shell scripting.....
View 4 Replies
View Related
Dec 7, 2010
I would like to know if it is possible to deny the access to a file for root? Would ACL's be a possibility? I have "googled" around but haven't found anything interesting (except SELinux). I should secure a password file to an important database.
View 6 Replies
View Related
Nov 28, 2010
I have shared two external harddrives via samba on ubuntu, but only I can access it. The reason being is because I have logged into linux, and become the owner of the external hdd's. On the permission properties, I can see that the group I have created every other user under has "No Folder Access", and if I change this it reverts back instantly. So frustrating, I've tried to chmod it which hasn't done a thing. The owner of the external hdd's seems to be the only person who can access it over samba.Is there anyway I can get normal users to just read and write to external hdd's?
View 9 Replies
View Related
Jan 26, 2010
I need to mount a partition that is on a server (via samba).
I am doing the following in my fstab
Quote:
//server/www /media/www cifs rw,user,allow_other,default_permissions,credential s=/root/.smbcredentials,iocharset=utf8,dir_mode=0777,file_ mode=0777 0 0
I can mount it but it just allows me to access with the root user. How can I do it to get access with any user?
Additional Data: I added "rw,user,allow_other,default_permissions" because I thought that would solve de problem but it didn't.
View 1 Replies
View Related
Mar 9, 2011
Ive managed to install samba, I've shared a folder. I can access from a Windows 7 machine via \ubuntupublic. I can put files in the folder form the ubuntu machine and edit them on the windows box. I can put files in the folder/share from the Windows box but then I cannot edit them on the Ubuntu machine (they are read only and have a "Lock" over them). I can fix this by going to the properties of the file/folder in Windows and manually assigning "Everybody" full control (then the lock disappears and all is well.) I want read/write access to all the folders contents from both machines all the time (security is NOT a concern I WANT the permissions wide open) what am I doing wrong?
View 7 Replies
View Related
Jul 11, 2010
In the past, I've installed Internet services as daemons and as xinetd.d with no problems. Those approaches do not meet my needs. And, perhaps, nothing will.
- the service was converted from VB-6 to wxPython. It has a GUI which is accessed with either "remote desktop" or VNC.
- the wxPython service works on Windows and can be accessed from other hosts on my LAN
- the wxPython service works on CentOS and Fedora, but can only be accessed from within the server host. Even from other user-ids. But, I cannot get to it from other hosts.
- ipchains AKA firewall ports are marked for INPUT.
- The server host uses autologin to fire up a useid in group "user". I do not want it running as "root". the .bash_profile fires the service up.
- the service is heavily mult-threaded, and supports devices connected to serial ports asynchronously with the ephemeral port threads (all this works).
There are some programming solutions that I would rather not develop.
- a proxy service that runs under xinetd.d.
- separate the GUI code from the Internet and serial port code. Allocate a "control" port for remote GUI control. a'la SAMBA & SWAT
Is there any hope, that I can run it as is, by doing some network configuration stuff.
View 8 Replies
View Related
Sep 10, 2011
I cannot log into the normal user account after shutting down the OPENSUSE 11.1 system by cutting off electricity. The system always returns to the login page which requires to choose account id and enter passwd even when I type in correct normal user id and passwd. The root account can be used.
View 9 Replies
View Related
Dec 21, 2010
My linux distro is CentOS 5.3. Today I edited /etc/sysconfig/readonly-root and set "READONLY" to yes, now my /etc/sysconfig/readonly-root file is like this:
# Set to 'yes' to mount the system filesystems read-only.
READONLY=yes
# Set to 'yes' to mount various temporary state as either tmpfs
[code]...
View 3 Replies
View Related
Feb 5, 2011
i am having problems with privileges i have created a new user with my name, but i cant get root privileges on it. i need the same privileges as the root profile.
View 9 Replies
View Related
Jul 17, 2011
I managed to setup an encrypted partition that's mounted on boot using dm-crypt/LUKS.
The relevant entry from my /etc/fstab:
/dev/mapper/st_crypt /media/st ext4 defaults 0 2
The partition is mounted at boot, and I can write to it as root just fine, but I have no idea how to make it writable by a normal user (i.e the users group).
View 1 Replies
View Related
Jun 16, 2011
Do you think there is a way of accessing different user data from another account which I have set up.
Ie. user 1 = account has messed up
user 2 = account works fine
access user account 1 home directory from user 2 work space?
View 9 Replies
View Related
May 19, 2010
I would like to allow normal users to run some root scripts (e.g the sound subsytem [alsa]) in cases sound is stuck. What is the best way to allow this to happen in opensuse? There are many ways to do that (and I do not know how to use any of them ) and I am not sure which one is more suse all right.
View 6 Replies
View Related
Mar 11, 2010
Is there way we can restrict root to su to normal user. Or at least a way to prompt for the password when root tries to su <username>.
View 3 Replies
View Related
Aug 4, 2010
When I try to login root from my normal user, I can see this:
Code:
Cannot exec /usr/libexec/openssh/sftp-server: File or directory doesn't exist
(Translateted from my nativ language)
I think that is my bad shell configuration so I check file /etc/ssh/sshd_config and see in the end (this lines couse this bug):
Code:
Match User root
ChrootDirectory /home
AllowTCPForwarding no
X11Forwarding no
[Code].....
View 2 Replies
View Related
Feb 4, 2010
What are the possible problem when Windows access the file from Ubuntu got Read Only even though have a full permission to read, write and execute the file? Ubuntu to Ubuntu accessing the file there is no problem only Windows got a problem.
View 1 Replies
View Related
Aug 7, 2009
I need to create an SSH user that can only access the directory I would specify for them. For example, I've been able to execute the following:
useradd -d /home/me/directory_for_this_user someuser
So when someuser logs in they get into this directory. Problem is that once they log in they can simply execute:
cd /
and navigate through all other directories which is a security risk.
How I could limit someuser's access to only /home/me/directory_for_this_user and its subdirectories and nowhere else in the system?
View 1 Replies
View Related
Jun 8, 2010
Because I have a flaky wireless device, I occasionally get a hung connection and this script gets things running again in just a few seconds except obviously the boldfaced item, as it still tries to run in the root directory and gives errors:
Configuration file "/root/.kde/share/config/knetworkmanagerrc" not writable.
Please contact your system administrator.
So I am not sure how to get knetworkmanager to run as me, the user ubuntu in the /home/ubuntu directory
#!/bin/bash
service network-manager stop
sleep 1
killall -9 knetworkmanager
[code]....
View 1 Replies
View Related
Dec 12, 2008
I need to login as root , when linux starts to show login window
But it shudnt be as
1) spawning a new terminal and do commands lik startx -- :3
2) without going in recovery mode
I need to login through login window as normal process
View 7 Replies
View Related
Apr 28, 2010
I am using Slackware 13.0 and i have managed to work with my USB pen-drive as root but i cannot do it as a normal user.
View 14 Replies
View Related
Oct 6, 2010
I am using fedora 12.I have two internal drives. Both are ntfs. Whenever i click on them it prompts to enter root password. But i want to mount them as normal user without entering any root password. How can i disable it so that i am not asked to enter root password everytime i mount the drives.
View 2 Replies
View Related
Apr 11, 2010
I'm trying to get my backup script to run every week, but as a normal user, and not as root as it is done when the script is placed in /etc/cron.weekly. Anacron fits my needs in the sense that it doesn't require my computer to always be on, as opposed to cron, and will just run my script when it can, but at the most each week. Cron fits my needs in the sense that I can run the script as the user I am logged in as. The particular script backs up my home directory with rdiff-backup, and it is very convenient that I am the owner of that backup, since when root performs the backup, I am unable to browse my own backup files and must use "sudo" to do this.
Is there a way to let me use the feature of anacron that allows my computer to not always be on, but still get a weekly execution, and also run the script as a normal (non-root) user?
View 2 Replies
View Related
Sep 14, 2010
I'm using fedora 12 and modified the user login options(normal and super user login). I've been using the accounts for a while but i've bumped into a problem - audio not working as a normal user but works when logged in as root. Also, i'm not able to use VLC as a root user.
View 1 Replies
View Related
Mar 26, 2009
Here's the issue: from time to time I have to take away my son's access to the internet, so I exclude his laptop from my wireless Linksys router. Works like a charm, or it did until he discovered that my neighbor also has a wireless router, and hasn't secured it.
So my son sits in the corner of the house closest to my neighbor and uses their internet.
Is there any way I can tell his laptop to NOT access a particular router? Or even better, to only access my router?
View 14 Replies
View Related
Feb 5, 2011
I was changing my GUI settings in XFCE in my root user account on Xubuntu when suddenly I was logged out and the computer shut down.
(I have done this before with no such trouble...)
Now I can't log into my root account all I get is a blank screen for a few seconds then I'm back at the log-in screen, the other account works fine.
(This is on my Xubuntu 10.10 laptop BTW...)
View 5 Replies
View Related
Mar 4, 2011
I need to change a filename but when I boot up I get the message root device is read-only. Is there a way of changing this so that I can change the filename. I have a Mac Pro running Leopard OSX. The graphics card an NVIDIA 7500GT or driver has failed. It was suggested elsewhere that I change the relevant kext files to filename.kext.old, which I did, now when I try to boot start in OSX I get a message in various languages telling me to restart. I have tried booting in safe mode and from original Installation CD. In Safe Mode I get the same multi language splash screen, from CD I still have the graphic card problem, screen freezes and artifacts appear. So I boot up straight into CLI by holding down CMD-S hoping to be able to change filenames back but it says device read-only.
View 2 Replies
View Related
