Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Can I prevent a script from being viewed?
Top Forums UNIX for Advanced & Expert Users Can I prevent a script from being viewed? Post 302994039 by dn888 on Friday 17th of March 2017 09:51:19 PM
Old 03-17-2017
Because if you chmod it, the root user would still be able to access it?
This User Gave Thanks to dn888 For This Post:
SkySmart
 

10 More Discussions You Might Find Interesting

1. OS X (Apple)

Use UNIX to track web sites viewed?

I'm on OSX 10.4. I was wondering if you can use UNIX terminal to track what web sites have been viewed on this Mac... Thank you! (1 Reply)
Discussion started by: tracymanusa
1 Replies

2. Shell Programming and Scripting

how to prevent multiple email notifications from monitoring script

Hi everyone, I am in the process of trying to decide the correct way to solve a particular scripting/email issue I have and would appreciate any advice. We have a cronjob running every 10 mins to check disk size on the server and if this exceeds a certain percentage then it will email a... (2 Replies)
Discussion started by: si_linux
2 Replies

3. Shell Programming and Scripting

script - how to prevent in parallel run

I have one shell script which is being accessed by many jobs at same time. I want to make the script such that , other job should wait for the script if script is being used by some other job. Is there any way to implement it in script level ? Gops (1 Reply)
Discussion started by: Gopal_Engg
1 Replies

4. Shell Programming and Scripting

Cron job to prevent simultaneous script

I'm using a shared server on Hostgator (Linux CentOS). I'm trying to set a cron job using the Control Panel that will check if its already running before starting a new one. I've tried the following... * * * * * && but I get this error emailed to me... /bin/sh: line 0: Any... (5 Replies)
Discussion started by: tech9821
5 Replies

5. Shell Programming and Scripting

Prevent wrong user from using shell script for multiple remote servers

Hi, I am running a shell script from a central server to multiple remote servers using the following code: application_check() { # Linux/UNIX box with ssh key based login SERVERS=`cat /tmp/server-details` # SSH User name USR="user" # create new file > /tmp/abc.log # connect... (2 Replies)
Discussion started by: mystition
2 Replies

6. Shell Programming and Scripting

how do i prevent $ from being commented out if no value is present? (Bash Script)

Hey guys, I want to paste a code in a .php file via a bash script. I am on ubuntu 10.04. The problem is if the values for $ aren't present, then all of them would be removed by the script. An example of my script (I modified it for this thread to prevent it from being overly complicated) ... (2 Replies)
Discussion started by: xxxx
2 Replies

7. UNIX for Dummies Questions & Answers

tcsh: how to prevent a foreach from terminating a script when the result is null?

Sorry if this has been answered. I did search both Google and this site and did find this post: unix.com/unix-dummies-questions-answers/152992-how-ignore-errors-script.html However, it wasn't answered. I have the same question - how do you prevent a tcsh script from terminating when the... (4 Replies)
Discussion started by: deepstructure
4 Replies

8. Shell Programming and Scripting

How to prevent a shell script from copy or read from Users

I have a script which do validation check and perform code migration from one env. to another, this is built for users/developers. How can I prevent this shell script from copy or read from users, as they can modify it and run it as per their requirement where as this has to be standard script and... (1 Reply)
Discussion started by: pramendra
1 Replies

9. Red Hat

Any Help About this script how can i prevent client to use it ?

Hello i have server cpanel on centos 6 an there is a client used script to hack other accounts the script is like this _____ __________ <?php $auth_pass = "7815696ecbf1c96e6894b779456d330e"; $color = "#df5"; $default_action = 'FilesMan'; $default_use_ajax = true;... (1 Reply)
Discussion started by: jackmio
1 Replies

10. Shell Programming and Scripting

UNIX/Linux - awk - displaying unxpected ! character when viewed in mail; but not in actual file

Greetings Experts, I am on AIX using ksh; I am processing the input files and generating a awk_output.txt file using AWK. By reading that awk_output.txt file, I am building a output.html file which is cat and then fed to /usr/sbin/sendmail .When the shell script is triggered through command... (2 Replies)
Discussion started by: chill3chee
2 Replies

LEARN ABOUT LINUX

namespace.conf

NAMESPACE.CONF(5)						 Linux-PAM Manual						 NAMESPACE.CONF(5)

NAME

       namespace.conf - the namespace configuration file

DESCRIPTION

       The pam_namespace.so module allows setup of private namespaces with polyinstantiated directories. Directories can be polyinstantiated based
       on user name or, in the case of SELinux, user name, sensitivity level or complete security context. If an executable script
       /etc/security/namespace.init exists, it is used to initialize the namespace every time an instance directory is set up and mounted. The
       script receives the polyinstantiated directory path and the instance directory path as its arguments.

       The /etc/security/namespace.conf file specifies which directories are polyinstantiated, how they are polyinstantiated, how instance
       directories would be named, and any users for whom polyinstantiation would not be performed.

       When someone logs in, the file namespace.conf is scanned. Comments are marked by # characters. Each non comment line represents one
       polyinstantiated directory. The fields are separated by spaces but can be quoted by " characters also escape sequences , 
, and 	 are
       recognized. The fields are as follows:

       polydir instance_prefix method list_of_uids

       The first field, polydir, is the absolute pathname of the directory to polyinstantiate. The special string $HOME is replaced with the
       user's home directory, and $USER with the username. This field cannot be blank.

       The second field, instance_prefix is the string prefix used to build the pathname for the instantiation of <polydir>. Depending on the
       polyinstantiation method it is then appended with "instance differentiation string" to generate the final instance directory path. This
       directory is created if it did not exist already, and is then bind mounted on the <polydir> to provide an instance of <polydir> based on
       the <method> column. The special string $HOME is replaced with the user's home directory, and $USER with the username. This field cannot be
       blank.

       The third field, method, is the method used for polyinstantiation. It can take these values; "user" for polyinstantiation based on user
       name, "level" for polyinstantiation based on process MLS level and user name, "context" for polyinstantiation based on process security
       context and user name, "tmpfs" for mounting tmpfs filesystem as an instance dir, and "tmpdir" for creating temporary directory as an
       instance dir which is removed when the user's session is closed. Methods "context" and "level" are only available with SELinux. This field
       cannot be blank.

       The fourth field, list_of_uids, is a comma separated list of user names for whom the polyinstantiation is not performed. If left blank,
       polyinstantiation will be performed for all users. If the list is preceded with a single "~" character, polyinstantiation is performed only
       for users in the list.

       The method field can contain also following optional flags separated by : characters.

       create=mode,owner,group - create the polyinstantiated directory. The mode, owner and group parameters are optional. The default for mode is
       determined by umask, the default owner is the user whose session is opened, the default group is the primary group of the user.

       iscript=path - path to the instance directory init script. The base directory for relative paths is /etc/security/namespace.d.

       noinit - instance directory init script will not be executed.

       shared - the instance directories for "context" and "level" methods will not contain the user name and will be shared among all users.

       The directory where polyinstantiated instances are to be created, must exist and must have, by default, the mode of 0000. The requirement
       that the instance parent be of mode 0000 can be overridden with the command line option ignore_instance_parent_mode

       In case of context or level polyinstantiation the SELinux context which is used for polyinstantiation is the context used for executing a
       new process as obtained by getexeccon. This context must be set by the calling application or pam_selinux.so module. If this context is not
       set the polyinstatiation will be based just on user name.

       The "instance differentiation string" is <user name> for "user" method and <user name>_<raw directory context> for "context" and "level"
       methods. If the whole string is too long the end of it is replaced with md5sum of itself. Also when command line option gen_hash is used
       the whole string is replaced with md5sum of itself.

EXAMPLES

       These are some example lines which might be specified in /etc/security/namespace.conf.

		 # The following three lines will polyinstantiate /tmp,
		 # /var/tmp and user's home directories. /tmp and /var/tmp
		 # will be polyinstantiated based on the security level
		 # as well as user name, whereas home directory will be
		 # polyinstantiated based on the full security context and user name.
		 # Polyinstantiation will not be performed for user root
		 # and adm for directories /tmp and /var/tmp, whereas home
		 # directories will be polyinstantiated for all users.
		 #
		 # Note that instance directories do not have to reside inside
		 # the polyinstantiated directory. In the examples below,
		 # instances of /tmp will be created in /tmp-inst directory,
		 # where as instances of /var/tmp and users home directories
		 # will reside within the directories that are being
		 # polyinstantiated.
		 #
		 /tmp	  /tmp-inst/		   level      root,adm
		 /var/tmp /var/tmp/tmp-inst/	   level      root,adm
		 $HOME	  $HOME/$USER.inst/inst- context

       For the <service>s you need polyinstantiation (login for example) put the following line in /etc/pam.d/<service> as the last line for
       session group:

       session required pam_namespace.so [arguments]

       This module also depends on pam_selinux.so setting the context.

SEE ALSO

       pam_namespace(8), pam.d(5), pam(7)

AUTHORS

       The namespace.conf manual page was written by Janak Desai <janak@us.ibm.com>. More features added by Tomas Mraz <tmraz@redhat.com>.

Linux-PAM Manual						    06/04/2011							 NAMESPACE.CONF(5)
All times are GMT -4. The time now is 12:31 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy