06-02-2010
If your system supports acl's you can limit ps that way. Or put users in a chroot jail.
Basically, if you want to protect an application password the way the OP wants to use one, you really should not let users get to the unix prompt.
10 More Discussions You Might Find Interesting
1. Programming
Hello I am having serious trouble with the fork command, i basically want to create 9 or 10 child processes and store their pid numbers in array while the children stay resident until i kill() them later , i cannot seem to control how many are made as they all seem to create their own children.
... (16 Replies)
Discussion started by: theultimatechuf
16 Replies
2. Shell Programming and Scripting
Hi,
I have the following requirement. I am building a product on linux. The final build executables and libraries are all in different directories. I am writing a release script to collect all these final build items into a directory in /home/$USER/release.
I have the following condition:
... (9 Replies)
Discussion started by: vino
9 Replies
3. Red Hat
i am using redhat 8.0 and trying to connect to my local port 80 to run some HTTP. i know this can easily be done with telnet localhost 80, however telnet is not running, ssh is. ssh localhost -p 80 gives me a "Connection refused" error.
i've been trying to find out more information on the web,... (3 Replies)
Discussion started by: effigy
3 Replies
4. UNIX for Dummies Questions & Answers
If I have a directory /directory1 and want to tar and zip everything in it into a file new_tar.tar.gz on disk (not tape)
How can I do it?
I tried tar -cv /new_tar.tar /directory1/*
But I got an error: tar: /dev/rmt/0: No such device or address (4 Replies)
Discussion started by: FredSmith
4 Replies
5. UNIX for Dummies Questions & Answers
I am familiar with cron, and vi, but i need to make a change to my
/etc/hosts file, and would like to schedule it. Not sure how to run vi inside of cron. (4 Replies)
Discussion started by: trjones89
4 Replies
6. Shell Programming and Scripting
I have a file that is 20 - 80+ MB in size that is a certain type of log file.
It logs one of our processes and this process is multi-threaded. Therefore the log file is kind of a mess. Here's an example:
The logfile looks like: "DATE TIME - THREAD ID - Details", and a new file is created... (4 Replies)
Discussion started by: elinenbe
4 Replies
7. Solaris
Hi gurus.
Not such a problem, more of a proof of concept.
Ive got two zones :- database-1 and database-dr-1 on two different servers. Both zones have different ip addresses.
I want to copy the whole zone database-1 over to database-dr-1, which is simple enough, but I want to install... (0 Replies)
Discussion started by: sbk1972
0 Replies
8. UNIX for Dummies Questions & Answers
Hi,
I have a file below that I am wanting to awk. The lines of relevance are lines 7 and 9
$ nl /tmp/x
1 ADRCI: Release 11.2.0.3.0 - Production on Sun Jun 23 17:01:02 2013
2 Copyright (c) 1982, 2011, Oracle and/or its affiliates. All rights reserved.
3 ADR base =... (2 Replies)
Discussion started by: newbie_01
2 Replies
9. Programming
Hi,
I need to somehow pipe the password to a command and run some SQL, for example, something like echo $password | sqlplus -s system @query01.sql
To make it not so obvious, I decided to try out writing a small C program that basically just do echo $password. So now I just do x9.out | sqlplus... (8 Replies)
Discussion started by: newbie_01
8 Replies
10. UNIX for Dummies Questions & Answers
Hi,
Humorous UNIX Commands shows a fun way of using echo and dc to sort of obfuscate a string.
% echo 'sasb3135071790101768542287578439snlbxq'|dc
GET A LIFE!
I am just wanting to know if there is a way to sort of use dc and echo to print out an obfuscated/garbled string instead... (3 Replies)
Discussion started by: newbie_01
3 Replies
LEARN ABOUT CENTOS
pam_ldap
pam_ldap(8) System Manager's Manual pam_ldap(8)
NAME
pam_ldap - PAM module for LDAP-based authentication
SYNOPSIS
pam_ldap.so [...]
DESCRIPTION
This is a PAM module that uses an LDAP server to verify user access rights and credentials.
OPTIONS
use_first_pass
Specifies that the PAM module should use the first password provided in the authentication stack and not prompt the user for a pass-
word.
try_first_pass
Specifies that the PAM module should use the first password provided in the authentication stack and if that fails prompt the user
for a password.
nullok Specifying this option allows users to log in with a blank password. Normally logins without a password are denied.
ignore_unknown_user
Specifies that the PAM module should return PAM_IGNORE for users that are not present in the LDAP directory. This causes the PAM
framework to ignore this module.
ignore_authinfo_unavail
Specifies that the PAM module should return PAM_IGNORE if it cannot contact the LDAP server. This causes the PAM framework to ig-
nore this module.
no_warn
Specifies that warning messages should not be propagated to the PAM application.
use_authtok
This causes the PAM module to use the earlier provided password when changing the password. The module will not prompt the user for
a new password (it is analogous to use_first_pass).
debug This option causes the PAM module to log debugging information to syslog(3).
minimum_uid=UID
This option causes the PAM module to ignore the user if the user id is lower than the specified value. This can be used to bypass
LDAP checks for system users (e.g. by setting it to 1000).
MODULE SERVICES PROVIDED
All services are provided by this module but currently sessions changes are not implemented in the nslcd daemon.
FILES
/etc/pam.conf
the main PAM configuration file
/etc/nslcd.conf
The configuration file for the nslcd daemon (see nslcd.conf(5))
SEE ALSO
pam.conf(5), nslcd(8), nslcd.conf(5)
AUTHOR
This manual was written by Arthur de Jong <arthur@arthurdejong.org>.
Version 0.8.13 May 2013 pam_ldap(8)