I am trying to run chown and chmod from a script owned by root. The permissions are set to 4755 so that users can execute the script as root. However, when I run the script as a user other than root, I get "Operation not permitted" for both chown and chmod. Any ideas as to why this is? (6 Replies)
Hi all..
I'm secering a RH 2.1 server, with gnome (not my choice...), as X manager.
Is ther anyway to get sudo ask for root password other then the actual user's password? Like when you launch the graphical IHM to create a new user, it asks for root's password? Is there a way to do the same... (5 Replies)
Hi,
I have a program with the following suid setup
-rwsr-sr-x 1 root other 653 Aug 16 17:00 restart_server
It basically starts up a service that has to be started by root. I just want the normal users to be able to restart the service using the script above.
But when the... (7 Replies)
I'm actually working with a Ubuntu-System here and have a question about executing a command with 'sudo'.
I tried and got a error message like "not allowed".
After this I logged in with 'sudo -s' and typed the command without 'sudo'. This worked well.
Can please somebody explain me this... (0 Replies)
I've been through many threads before i decide to create a separate thread.
I can't really find the solution to my (simple) problem.
Here's what I'm trying to achieve:
As "canar" user I want to run a command, let's say "/opt/ocaml/bin/ocaml" as "duck" user.
The only to achieve this is to... (1 Reply)
Anyone able to explain why if i run "sudo -i" or "sudo -s" i am able to get into root by just keying my own password?
How to avoid this from happening coz i need all the users to use su - only. (2 Replies)
I have a set of RHEL 5 boxes running our ERP software on Oracle databases. I need to allow my DBA's to su to oracle and one other account (banner) without knowing the oracle or banner password. But I need to prevent them from su'ing to any other user especially root. I only want them to be able to... (1 Reply)
Hello,
It is Solaris-10. There is a file as /opt/vpp/dom1.2/pdd/today_23. It is always generated by root, so owned by root only.
This file has to be deleted as part of application restart always and that is done by app_user and SA is always involved to do rm on that file.
Is it possible to give... (9 Replies)
Just learning about the privilege escalation method provided by setuid. Correct me if I am wrong but what it does is change the uid of the current process to whatever uid I set. Right ?
So what stops me from writing my own C program and calling setuid(0) within it and gaining root privileges ?
... (2 Replies)
I have a coworker that has set up some funky aliases in /etc/bash.alias, and he insists on leaving them that way. For example he aliased "ll" to "ls -lahtr", which really bugs me.
Anyway, I was wondering if there were a way for me to sudo to root without reading /etc/bash.alias, or maybe have... (6 Replies)
Discussion started by: paqman
6 Replies
LEARN ABOUT CENTOS
consolehelper
CONSOLEHELPER(8) System Manager's Manual CONSOLEHELPER(8)NAME
consolehelper - A wrapper that helps console users run system programs
SYNOPSIS
progname [ options ]
DESCRIPTION
consolehelper is a tool that makes it easy for console users to run system programs, doing authentication via PAM (which can be set up to
trust all console users or to ask for a password at the system administrator's discretion). When possible, the authentication is done
graphically; otherwise, it is done within the text console from which consolehelper was started.
It is intended to be completely transparent. This means that the user will never run the consolehelper program directly. Instead, pro-
grams like /sbin/shutdown are paired with a link from /usr/bin/shutdown to /usr/bin/consolehelper. Then when non-root users (specifically,
users without /sbin in their path, or /sbin after /usr/bin) call the "shutdown" program, consolehelper will be invoked to authenticate the
action and then invoke /sbin/shutdown. (consolehelper itself has no priviledges; it calls the userhelper(8) program do the real work.)
consolehelper requires that a PAM configuration for every managed program exist. So to make /sbin/foo or /usr/sbin/foo managed, you need
to create a link from /usr/bin/foo to /usr/bin/consolehelper and create the file /etc/pam.d/foo, normally using the pam_console(8) PAM mod-
ule.
OPTIONS
This program has no command line options of its own; it passes all command line options on to the program it is calling.
SEE ALSO userhelper(8)AUTHOR
Michael K. Johnson <johnsonm@redhat.com>
Red Hat Software 18 March 1999 CONSOLEHELPER(8)