|
|
Sponsored Content
Top Forums
Shell Programming and Scripting
start a program with other user's permission
Post 302118156 by porter on Saturday 19th of May 2007 08:42:03 AM
05-19-2007
|
|
10 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
I'm running MAC OS X and I'm wondering how I start 'nixey programs (not normal apps) on startup? Things like the dnet client and hxd Hotline Server. Anyone know? (1 Reply)
Discussion started by: l008com
1 Replies
2. UNIX for Dummies Questions & Answers
hi! all
i've setup my PC with FreeBSD 6.2 and i've created login ID for my friends
i would like to allow them to install program (since they're requesting to use bnc/psybnc) using their shell
however, they have encounter such error to install the program
they have to sudo in order to run... (3 Replies)
Discussion started by: rdns
3 Replies
3. Programming
Helo
I havea particular file.
how I know ownerof the file as well as file permission using c program.
Regards,
Amit (4 Replies)
Discussion started by: amitpansuria
4 Replies
4. Programming
I have a set of attributes such as group id,group name,etc related to a linux process. Iwant to know how to start a process in linux using C program.Plz do help me. (3 Replies)
Discussion started by: vigneshinbox
3 Replies
5. Shell Programming and Scripting
Hey!
I'm working on a script that will add a user, create some configfiles, and add a crontab for the user.
The crontab looks like the following:
@reboot /home/user/program config.conf &
I would like for this process to start at the end of my script under the corresponding username by... (0 Replies)
Discussion started by: noratx
0 Replies
6. UNIX for Dummies Questions & Answers
Hi All,
I am working on Solaris Sparc 9 and I developed application and in that I want to open any file when any action is happened but when I am trying to do the same.I am getting the error --
"Error launching /test.txt", "", "Process.execAndWait",
"java.io.IOException: Cannot run... (0 Replies)
Discussion started by: smartgupta
0 Replies
7. Homework & Coursework Questions
hello,
i wil make the next mission:
give how many chambers in a constant number. use an array which chamber is free and count how many chamber there are free. make also something to test
I don't now how to start. I need an little example so i can make the mission
thank you (10 Replies)
Discussion started by: wouter88
10 Replies
8. OS X (Apple)
Hi,
Solid as a rock or ...
Is it possible for a program to damage an iMac (Snow Leopard) so bad that it cannot start up again, and need to be repaired?
I am asking about this, because this seems to have occurred two days ago, when I was running a popular game program.
When I closed the... (6 Replies)
Discussion started by: ASL123
6 Replies
9. Fedora
hello everyone,
I have Matlab installed on Fedora 16. I tried running it by simply typing on terminal:
$ matlabBut it returned the follwoing error:
--- can anyone suggest a solution?
cheers,
peter
---------- Post updated at 10:57 PM ---------- Previous update was at 10:54 PM ----------... (1 Reply)
Discussion started by: peter_071
1 Replies
10. Shell Programming and Scripting
Hi community,
I'm looking for a script/code which starts a shell script with a MPI process depending on:
a) the processor workload, i.e. if the workload falls below a certain limit
b) alternatively if the previous process finished, e.g. if a process ID disappears
I need this for... (3 Replies)
Discussion started by: heunigreenfreak
3 Replies
LEARN ABOUT CENTOS
sssd-sudo
SSSD-SUDO(5) File Formats and Conventions SSSD-SUDO(5) NAME
sssd-sudo - Configuring sudo with the SSSD back end DESCRIPTION
This manual page describes how to configure sudo(8) to work with sssd(8) and how SSSD caches sudo rules. CONFIGURING SUDO TO COOPERATE WITH SSSD
To enable SSSD as a source for sudo rules, add sss to the sudoers entry in nsswitch.conf(5). For example, to configure sudo to first lookup rules in the standard sudoers(5) file (which should contain rules that apply to local users) and then in SSSD, the nsswitch.conf file should contain the following line: sudoers: files sss More information about configuring the sudoers search order from the nsswitch.conf file as well as information about the LDAP schema that is used to store sudo rules in the directory can be found in sudoers.ldap(5). Note: in order to use netgroups or IPA hostgroups in sudo rules, you also need to correctly set nisdomainname(1) to your NIS domain name (which equals to IPA domain name when using hostgroups). CONFIGURING SSSD TO FETCH SUDO RULES
All configuration that is needed on SSSD side is to extend the list of services with "sudo" in [sssd] section of sssd.conf(5). To speed up the LDAP lookups, you can also set search base for sudo rules using ldap_sudo_search_base option. The following example shows how to configure SSSD to download sudo rules from an LDAP server. [sssd] config_file_version = 2 services = nss, pam, sudo domains = EXAMPLE [domain/EXAMPLE] id_provider = ldap sudo_provider = ldap ldap_uri = ldap://example.com ldap_sudo_search_base = ou=sudoers,dc=example,dc=com When the SSSD is configured to use IPA as the ID provider, the sudo provider is automatically enabled. The sudo search base is configured to use the compat tree (ou=sudoers,$DC). THE SUDO RULE CACHING MECHANISM
The biggest challenge, when developing sudo support in SSSD, was to ensure that running sudo with SSSD as the data source provides the same user experience and is as fast as sudo but keeps providing the most current set of rules as possible. To satisfy these requirements, SSSD uses three kinds of updates. They are referred to as full refresh, smart refresh and rules refresh. The smart refresh periodically downloads rules that are new or were modified after the last update. Its primary goal is to keep the database growing by fetching only small increments that do not generate large amounts of network traffic. The full refresh simply deletes all sudo rules stored in the cache and replaces them with all rules that are stored on the server. This is used to keep the cache consistent by removing every rule which was deleted from the server. However, full refresh may produce a lot of traffic and thus it should be run only occasionally depending on the size and stability of the sudo rules. The rules refresh ensures that we do not grant the user more permission than defined. It is triggered each time the user runs sudo. Rules refresh will find all rules that apply to this user, check their expiration time and redownload them if expired. In the case that any of these rules are missing on the server, the SSSD will do an out of band full refresh because more rules (that apply to other users) may have been deleted. If enabled, SSSD will store only rules that can be applied to this machine. This means rules that contain one of the following values in sudoHost attribute: o keyword ALL o wildcard o netgroup (in the form "+netgroup") o hostname or fully qualified domain name of this machine o one of the IP addresses of this machine o one of the IP addresses of the network (in the form "address/mask") There are many configuration options that can be used to adjust the behavior. Please refer to "ldap_sudo_*" in sssd-ldap(5) and "sudo_*" in sssd.conf(5). SEE ALSO
sssd(8), sssd.conf(5), sssd-ldap(5), sssd-krb5(5), sssd-simple(5), sssd-ipa(5), sssd-ad(5), sssd-sudo(5),sss_cache(8), sss_debuglevel(8), sss_groupadd(8), sss_groupdel(8), sss_groupshow(8), sss_groupmod(8), sss_useradd(8), sss_userdel(8), sss_usermod(8), sss_obfuscate(8), sss_seed(8), sssd_krb5_locator_plugin(8), sss_ssh_authorizedkeys(8), sss_ssh_knownhostsproxy(8),pam_sss(8). AUTHORS
The SSSD upstream - http://fedorahosted.org/sssd SSSD
06/17/2014 SSSD-SUDO(5)