|
|
Sponsored Content
Top Forums
Shell Programming and Scripting
Python: Bind to port 80 as root, then drop privileges?
Post 302277977 by Ilja on Monday 19th of January 2009 03:10:31 AM
01-19-2009
|
|
10 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
Hi guys...
how can a root assign a user all or most of the root privileges?
is sudoer comand enough 4 this?
thx alot.. (2 Replies)
Discussion started by: blue_7
2 Replies
2. Programming
Hi
I have make a program that needs root privleges but any user can try to run it, so what I want it is, when any user tries( other than root ) to run the program, an input prompt would open to enter root password ( if user knows ) and program will run ( otherwise exit ), and after completing... (21 Replies)
Discussion started by: sumsin
21 Replies
3. UNIX for Dummies Questions & Answers
Hello,
As admin with root rights, to execute any command from another user without password-ask, I do : su - <user> -c "<cmd>"
But how can I do to give the same rights to another physical user without using root user ? :confused:
I've try to create another user "toor" with the same primary... (4 Replies)
Discussion started by: madmat
4 Replies
4. Linux
Hi,
Is it possible to grant root privileges to an ordinary user?
Other than 'sudo', is there some way under Users/Groups configuration?
I want ordinary user to be able to mount, umount and use command mt.
/Brendan (4 Replies)
Discussion started by: brendan76
4 Replies
5. Shell Programming and Scripting
My English is no very good.
I must make a bash scripting sh create like a backdoor, and when execute the script a user without privileges convert in super user or root, whithout introducing the password.
In Spanish:
Crear un script que sirva como puerta trasera al sistema, de manera que al... (1 Reply)
Discussion started by: kitievbr
1 Replies
6. Solaris
Hello
I am a new (and only) administrator of a Solaris 10 environment. The previous admin gave me a use (say user123) that is supposed to have administrative privileges.
Now the problem is, the user does not have this privilege! Here is what i tried so far:
$ id
uid=109(user123) gid=1(other)... (3 Replies)
Discussion started by: abohmeed
3 Replies
7. HP-UX
hi,
i am new in hp ux and i must create a user with root privileges and so i disable ssh connection from root login.
thanks.. (6 Replies)
Discussion started by: eliste
6 Replies
8. Emergency UNIX and Linux Support
Hi Everyone,
Hope all Doing good,
we have a Dedicated server and its installed with proxmox VE 3.2, My Need is i want Protect my server and only i need to allow the specific port in the server, And i want to forward some of ports 22,80,443 to those VM's inside my dedicated... (0 Replies)
Discussion started by: babinlonston
0 Replies
9. UNIX for Dummies Questions & Answers
I had a question in my test which asked where suppose user B has a program with 's' bit set. Can user A run this program and gain root privileges in any way?
I suppose not as the suid program run with privileges of owner and this program will run with B's privileges and not root. (1 Reply)
Discussion started by: syncmaster
1 Replies
10. Infrastructure Monitoring
Hi guys,
I am currently managing an application running on around 150 servers.
I only have application usage rights on those servers and do not have any root privileges.
I have an external node that can connect to those servers and I have root privileges on that one box.
I want to setup... (2 Replies)
Discussion started by: Junaid Subhani
2 Replies
LEARN ABOUT V7
named
named(1M) System Administration Commands named(1M) NAME
named - Internet domain name server SYNOPSIS
named [-fgsv] [-c config-file] [-d debug-level] [-n #cpus] [-p port] [-t directory] [-u user] [-x cache-file] DESCRIPTION
The named utility is a Domain Name System (DNS) server, part of the BIND 9 distribution from ISC. For more information on the DNS, see RFCs 1033, 1034, and 1035. When invoked without arguments, named reads the default configuration file /etc/named.conf, reads any initial data, and listens for queries. OPTIONS
The following options are supported: -c config-file Use config-file as the configuration file instead of the default /etc/named.conf. To ensure that reloading the configura- tion file continues to work after the server has changed its working directory due to to a possible directory option in the configuration file, config-file should be an absolute pathname. -d debug-level Set the daemon's debug level to debug-level. Debugging traces from named become more verbose as the debug level increases. -f Run the server in the foreground (that is, do not daemonize). -g Run the server in the foreground and force all logging to stderr. -n #cpus Create #cpus worker threads to take advantage of multiple CPUs. If not specified, named will try to determine the number of CPUs present and create one thread per CPU. If it is unable to determine the number of CPUs, a single worker thread will be created. -p port Listen for queries on port port. If not specified, the default is port 53. -s Write memory usage statistics to stdout on exit. This option is mainly of interest to BIND 9 developers and might be removed or changed in a future release. -t directory Change the root directory using chroot(2) to directory after processing the command line arguments, but before reading the configuration file. This option should be used in conjunction with the -u option, as chrooting a process running as root doesn't enhance secu- rity on most systems; the way chroot() is defined allows a process with root privileges to escape a chroot jail. -u user Set the real user ID using setuid(2) to user after completing privileged operations, such as creating sockets that listen on privileged ports. On Linux, named uses the kernel's capability mechanism to drop all root privileges except the ability to use bind(3SOCKET) to bind to a privileged port and set process resource limits. Unfortunately, this means that the -u option works only when named is run on kernel 2.2.18 or later, or kernel 2.3.99-pre3 or later, since previous kernels did not allow privileges to be retained after setuid(). -v Report the version number and exit. -x cache-file Load data from cache-file into the cache of the default view. This option must not be used. It is of interest only to BIND 9 developers and might be removed or changed in a future release. SIGNALS
In routine operation, signals should not be used to control the nameserver; rndc(1M) should be used instead. SIGHUP Force a reload of the server. SIGINT, SIGTERM Shut down the server. The result of sending any other signals to the server is undefined. CONFIGURATION
The named configuration file is too complex to describe in detail here. A complete description is provided in the BIND 9 Administrator Ref- erence Manual. FILES
/etc/named.conf default configuration file /var/run/named.pid default process-ID file ATTRIBUTES
See attributes(5) for descriptions of the following attributes: +-----------------------------+-----------------------------+ | ATTRIBUTE TYPE | ATTRIBUTE VALUE | |Availability |SUNWbind9 | |Interface Stability |External | +-----------------------------+-----------------------------+ SEE ALSO
rndc(1M), chroot(2), setuid(2), bind(3SOCKET), attributes(5) RFC 1033, RFC 1034, RFC 1035 BIND 9 Administrator Reference Manual NOTES
Source for BIND9 is available in the SUNWbind9S package. SunOS 5.10 15 Dec 2004 named(1M)