|
|
Sponsored Content
Top Forums
UNIX for Dummies Questions & Answers
Deny to edit a specific file in sudoers
Post 302763987 by lhareigh890 on Wednesday 30th of January 2013 06:54:59 PM
01-30-2013
|
|
10 More Discussions You Might Find Interesting
1. Linux
Hi,
I have edited 'sudoers' file to allow 'cads' user shutdown the system without providing a password.
Can someone tell me what's wrong with my file?
It's not working when I 'sudo SHUTDOWN' command:
sudo: SHUTDOWN: command not found
Thanks a lot!
# Host alias specification... (4 Replies)
Discussion started by: whatisthis
4 Replies
2. UNIX for Advanced & Expert Users
how to forbid deleting a file even though the file is owned by the user?
I thought of setfacl command on solaris. Any hints please?
thx (2 Replies)
Discussion started by: melanie_pfefer
2 Replies
3. UNIX for Dummies Questions & Answers
What is the difference between ALL and localhost in the bellow?
# %users ALL=/sbin/mount /cdrom,/sbin/umount /cdrom
# %users localhost=/sbin/shutdown -h now
Thank you. (2 Replies)
Discussion started by: hemangjani
2 Replies
4. AIX
Dear AIX/UNIX experts:
I have a demand to restricted a file to be copy by others, but this file must can be read by others/Applications.
As I tried, the chmod command cannot fulfill this requirement. But not sure if the ACL can achieve this function or not ?
Could anybody give me your... (8 Replies)
Discussion started by: devyfong
8 Replies
5. UNIX for Advanced & Expert Users
i have defined a rule in the sudoers file so a specific user is able to run some commands as sudo with no password.
my question is: is it possible to restrict a user to run commands as sudo only in a certain directory? for example: chown only the files that are located in /var/tmp.
Thank you.
... (2 Replies)
Discussion started by: noam128
2 Replies
6. Shell Programming and Scripting
HI guys i have a question.
Question 1: how do i modify a particular string?
e.g
echo "Please enter Book Title: "
read a
echo "Please enter Author: "
read b
if ]
then echo " Record found!"
which will then pop out a menu with the follow output
1. Update Name
2.... (1 Reply)
Discussion started by: ichar
1 Replies
7. Shell Programming and Scripting
How to edit file content at the specific line? For example at below
The things to edit --> This is line 2. And it is below line 1.
This is line 1.
This is line 2. # i want to append some words at this row line. How?
This is line 3. (8 Replies)
Discussion started by: alvin0618
8 Replies
8. HP-UX
Hi All,
I've made a script in order to delete the users. The script is deleting the users and removing its entry from the /etc/sudoers however it is changing the permissions of the /etc/sudoers file to the user from which it is executing the script.
#!/bin/ksh
#set -x
print "The script... (2 Replies)
Discussion started by: Kits
2 Replies
9. UNIX for Dummies Questions & Answers
Hi
using Solaris 10. trying to update /etc/sudoers file
I need to add all the fist level operation team. This is what I have but it doesn't seem to work. Please help.Error message
sudo su -
>>> sudoers file: parse error, line 9 <<<
>>> sudoers file: parse error, line 9 <<<
... (2 Replies)
Discussion started by: samnyc
2 Replies
10. Solaris
In the sudoers file in Solaris...
I am trying to limit the DEVELOPER user privileges to where those users can only use the “rm” command in certain directories. This is to prevent them from deleting directories or files and destroying a server. I want them to be able to use the "rm" command but... (1 Reply)
Discussion started by: nzonefx
1 Replies
LEARN ABOUT LINUX
crontab
CRONTAB(1) General Commands Manual CRONTAB(1) NAME
crontab - maintain crontab files for individual users (Vixie Cron) SYNOPSIS
crontab [ -u user ] file crontab [ -u user ] [ -i ] { -e | -l | -r } DESCRIPTION
crontab is the program used to install, deinstall or list the tables used to drive the cron(8) daemon in Vixie Cron. Each user can have their own crontab, and though these are files in /var/spool/cron/crontabs, they are not intended to be edited directly. If the /etc/cron.allow file exists, then you must be listed (one user per line) therein in order to be allowed to use this command. If the /etc/cron.allow file does not exist but the /etc/cron.deny file does exist, then you must not be listed in the /etc/cron.deny file in order to use this command. If neither of these files exists, then depending on site-dependent configuration parameters, only the super user will be allowed to use this command, or all users will be able to use this command. If both files exist then /etc/cron.allow takes precedence. Which means that /etc/cron.deny is not considered and your user must be listed in /etc/cron.allow in order to be able to use the crontab. Regardless of the existance of any of these files, the root administrative user is always allowed to setup a crontab. For standard Debian systems, all users may use this command. If the -u option is given, it specifies the name of the user whose crontab is to be used (when listing) or modified (when editing). If this option is not given, crontab examines "your" crontab, i.e., the crontab of the person executing the command. Note that su(8) can confuse crontab and that if you are running inside of su(8) you should always use the -u option for safety's sake. The first form of this command is used to install a new crontab from some named file or standard input if the pseudo-filename ``-'' is given. The -l option causes the current crontab to be displayed on standard output. See the note under DEBIAN SPECIFIC below. The -r option causes the current crontab to be removed. The -e option is used to edit the current crontab using the editor specified by the VISUAL or EDITOR environment variables. After you exit from the editor, the modified crontab will be installed automatically. If neither of the environment variables is defined, then the default editor /usr/bin/editor is used. The -i option modifies the -r option to prompt the user for a 'y/Y' response before actually removing the crontab. DEBIAN SPECIFIC
The "out-of-the-box" behaviour for crontab -l is to display the three line "DO NOT EDIT THIS FILE" header that is placed at the beginning of the crontab when it is installed. The problem is that it makes the sequence crontab -l | crontab - non-idempotent -- you keep adding copies of the header. This causes pain to scripts that use sed to edit a crontab. Therefore, the default behaviour of the -l option has been changed to not output such header. You may obtain the original behaviour by setting the environment variable CRONTAB_NOHEADER to 'N', which will cause the crontab -l command to emit the extraneous header. SEE ALSO
crontab(5), cron(8) FILES
/etc/cron.allow /etc/cron.deny /var/spool/cron/crontabs There is one file for each user's crontab under the /var/spool/cron/crontabs directory. Users are not allowed to edit the files under that directory directly to ensure that only users allowed by the system to run periodic tasks can add them, and only syntactically correct crontabs will be written there. This is enforced by having the directory writable only by the crontab group and configuring crontab com- mand with the setgid bid set for that specific group. STANDARDS
The crontab command conforms to IEEE Std1003.2-1992 (``POSIX''). This new command syntax differs from previous versions of Vixie Cron, as well as from the classic SVR3 syntax. DIAGNOSTICS
A fairly informative usage message appears if you run it with a bad command line. cron requires that each entry in a crontab end in a newline character. If the last entry in a crontab is missing the newline, cron will consider the crontab (at least partially) broken and refuse to install it. AUTHOR
Paul Vixie <paul@vix.com> 4th Berkeley Distribution 19 April 2010 CRONTAB(1)