now running mac os x 10.53 and sudo chmod comes back with : operation not permitted.
sample file:
-rwxr-xr-x+ 1 1000 com.apple.monitor_all_services 276592 Jun 8 2007 342345.tif
i am running as root. (1 Reply)
Hello,
I have written a script that has a sudo command to change file permissions within it.
When I run the script manually, the sudo command inside of it works fine.
When the script is run through crontab I get the error "cron: not found".
It the same user profile that I am using... (6 Replies)
Hi All,
i have a cron entry like
0,3,6,9,12,15,18,21,24,27,30,33,36,39,42,45,48,51,54,57 * * * * /amex/sssmonitor/dss_chk.ksh
and the script is like
#!/bin/ksh
file=`uname -n`
> /sunmast/projects/oasis/COREDEV/Dss$file.log
> /tmp/output_sss
today=`date`
varb=`ps -ef | grep... (5 Replies)
Legends,
I am trying sudo chmod from one shell to different machine. but getting the error.
Please let me know if there is any way to do this.
A#pk} for i in Bl1 Brl1
>> do
>> echo $i
>> ssh $i sudo chmod 755 /etc/services
>> done
Bl1
Password:
bash: sudo: command not found
... (2 Replies)
Have a sudo statement inside of a here document. It prompts me for a password, but doesnt wait for me to enter my password. Is there a way I can use the command without sudo or anyway that I can enter the password correctly?
Eg :
while read remotehost
do
ssh -t $2@$remotehost <<REMOTE... (13 Replies)
This is the first time for using sudo for me.
# visudo
## Allows people in group admin to run all commands
%admin ALL=(ALL) ALL
# groupadd admin
# useradd temp
# usermod -a -G admin temp
# id temp
uid=506(temp) gid=506(temp) groups=506(temp),507(admin)
#
#sudo... (5 Replies)
I have a situation where the system is dumping a 2g causing filesystem to fill up. We identified the source and working on a solution. However, I wanted to limit the size of the 'core' file.
Please examine the test scenario ...
cnewtonne@mars> ulimit -f 0
cnewtonne@mars> ls -ltr core*... (2 Replies)
Hi All, I need your expertise to solve my problem, my account has permission to make sudo and su but when I try to switch user in a shell, it does not work with following message:
"Sorry, user jmbeltra is not allowed to execute '/usr/bin/su -c echo HELLO THERE - oracle' as root on dbbr1k01"
I... (4 Replies)
Hi All, im a bit new to Solaris 10 iv been working on Redhat and cant seem to get the sudo working on Solaris 10:D
Iv installed the below packages via pkgadd command:
gcc-4.7.2-sol10-x86-local
libiconv-1.14-sol10-x86-local
libintl-3.4.0-sol10-x86-local
sudo-1.8.13-sol10-x86-local
... (1 Reply)
Hi,
I have configured ldap manually on solaris 10/11 machine with below entries:
# ldapclient list |grep sudo
NS_LDAP_SERVICE_SEARCH_DESC= sudoers:ou=SUDOers,dc=exm,dc=ple,dc=com
# cat /etc/nsswitch.conf |grep -i sudo
sudoers: files ldap
#
But groups available in LDAP server... (8 Replies)
Discussion started by: Sridaran
8 Replies
LEARN ABOUT CENTOS
pam_ssh_agent_auth
pam_ssh_agent_auth(8) PAM pam_ssh_agent_auth(8)PAM_SSH_AGENT_AUTH
This module provides authentication via ssh-agent. If an ssh-agent listening at SSH_AUTH_SOCK can successfully authenticate that it has
the secret key for a public key in the specified file, authentication is granted, otherwise authentication fails.
SUMMARY
/etc/pam.d/sudo: auth sufficient pam_ssh_agent_auth.so file=/etc/security/authorized_keys
/etc/sudoers:
Defaults env_keep += "SSH_AUTH_SOCK"
This configuration would permit anyone who has an SSH_AUTH_SOCK that manages the private key matching a public key in
/etc/security/authorized_keys to execute sudo without having to enter a password. Note that the ssh-agent listening to SSH_AUTH_SOCK can
either be local, or forwarded.
Unlike NOPASSWD, this still requires an authentication, it's just that the authentication is provided by ssh-agent, and not password entry.
ARGUMENTS
file=<path to authorized_keys>
Specify the path to the authorized_keys file(s) you would like to use for authentication. Subject to tilde and % EXPANSIONS (below)
allow_user_owned_authorized_keys_file
A flag which enables authorized_keys files to be owned by the invoking user, instead of root. This flag is enabled automatically
whenever the expansions %h or ~ are used.
debug
A flag which enables verbose logging
sudo_service_name=<service name you compiled sudo to use>
(when compiled with --enable-sudo-hack)
Specify the service name to use to identify the service "sudo". When the PAM_SERVICE identifier matches this string, and if PAM_RUSER
is not set, pam_ssh_agent_auth will attempt to identify the calling user from the environment variable SUDO_USER.
This defaults to "sudo".
EXPANSIONS
~ -- same as in shells, a user's Home directory
Automatically enables allow_user_owned_authorized_keys_file if used in the context of ~/. If used as ~user/, it would expect the file
to be owned by 'user', unless you explicitely set allow_user_owned_authorized_keys_file
%h -- User's Home directory
Automatically enables allow_user_owned_authorized_keys_file
%H -- The short-hostname
%u -- Username
%f -- FQDN
EXAMPLES
in /etc/pam.d/sudo
"auth sufficient pam_ssh_agent_auth.so file=~/.ssh/authorized_keys"
The default .ssh/authorized_keys file in a user's home-directory
"auth sufficient pam_ssh_agent_auth.so file=%h/.ssh/authorized_keys"
Same as above.
"auth sufficient pam_ssh_agent_auth.so file=~fred/.ssh/authorized_keys"
If the home-directory of user 'fred' was /home/fred, this would expand to /home/fred/.ssh/authorized_keys. In this case, we have not
specified allow_user_owned_authorized_keys_file, so this file must be owned by 'fred'.
"auth sufficient pam_ssh_agent_auth.so file=/secure/%H/%u/authorized_keys allow_user_owned_authorized_keys_file"
On a host named foobar.baz.com, and a user named fred, would expand to /secure/foobar/fred/authorized_keys. In this case, we specified
allow_user_owned_authorized_keys_file, so fred would be able to manage that authorized_keys file himself.
"auth sufficient pam_ssh_agent_auth.so file=/secure/%f/%u/authorized_keys"
On a host named foobar.baz.com, and a user named fred, would expand to /secure/foobar.baz.com/fred/authorized_keys. In this case, we
have not specified allow_user_owned_authorized_keys_file, so this file must be owned by root.
v0.8 2009-08-09 pam_ssh_agent_auth(8)