|
|
Sponsored Content
Top Forums
UNIX for Dummies Questions & Answers
Access Denied
Post 302806729 by gkelly1117 on Monday 13th of May 2013 02:04:08 PM
05-13-2013
|
|
10 More Discussions You Might Find Interesting
1. Solaris
Hello,I must share file from Linux machine to Solaris.I've enabled ftp with svcadm enable ftp,when I connect from Linux box I have this
"Name (192.168.1.4:root): anonymous
331 Guest login ok,send your complete e-mail address as password
Password : (I give my e-mail address)
530 Login incorrect... (3 Replies)
Discussion started by: bgf0
3 Replies
2. Red Hat
Hi,
We were just recently given a new VM instance with Red Hat linux.
The only user account that can log in successfully is the root account. I made sure that the user z021407 has access to their directory and the account can read the home directory, but I can't log in with the new account... (2 Replies)
Discussion started by: edrichard
2 Replies
3. SuSE
Guys
i have 2 SUSE Linux Enterprise Server 10 SP1 (i586) boxes.if i take a look into /etc/security/access.conf ,i see following lines at the eof
# All other users should be denied to get access from all sources.
#- : ALL : ALL
- : myID : ALL
now earlier i had written scripts where files... (1 Reply)
Discussion started by: ak835
1 Replies
4. Solaris
Hi,
I have installed solaris 10 on my local system. i want to connect with remotely using putty. it works when i connect remotely with telnet. but when i connect using ssh. it gives access denied error.
i have comment the CONSOLE=/dev/console in /etc/default/login but it still don't work
Plz... (4 Replies)
Discussion started by: malikshahid85
4 Replies
5. Programming
Hi guys.
We can can connect to mysql server from command line with some user. but when using mysql_connect() it says:
access is denied for user 'someuser'@'localhost' (using password: YES)
what should i do? (6 Replies)
Discussion started by: majid.merkava
6 Replies
6. AIX
There is one aix server, IP is 152.240.28.14, the user IP is 152.240.88.64, The user is able to get access briefly then all access is denied from the whole subnet 152.240.88.0. a short while later access is granted and the same thing happens all over again.
The customer is able to... (7 Replies)
Discussion started by: rainbow_bean
7 Replies
7. Red Hat
hi,
I have a problem with any user i created on a linux server RH.
With the user root i did:
adduser toto
passwd toto (to give it a password - message : "all authentication tokens updated successfully")
I can do a "su - toto", but when I try to connect it directly by ssh i have the message... (3 Replies)
Discussion started by: Castelior
3 Replies
8. Windows & DOS: Issues & Discussions
Hi,
I have installed openssh in one of my windows servers following SUA community guidelines. I can successfully install and generate RSA DSA keys. But I cannot SSH to server from my Solaris machine. Below is the output from ssh -v <server>. Also I tried to SSH from the K-shell to localhost... (0 Replies)
Discussion started by: vkk
0 Replies
9. Solaris
Hi All,
I have a root access for one of the server. But, when i try to cd one particular directory i will get the access denied message. Even though that particular directory is created under root. What would be the cause for this? I really wonder if any one have answer for my... (20 Replies)
Discussion started by: Sricharan21
20 Replies
10. UNIX for Advanced & Expert Users
The situation is: I have a RHEL 7.3 VM that I am able to access via both ssh and VM console. I am able to run all of the standard commands for verifying that X11 forwarding/xhost permissions are working (xclock, nautilus, firefox, etc.) i can also run the runInstaller for Oracle client, No problems... (1 Reply)
Discussion started by: melghaze
1 Replies
LEARN ABOUT CENTOS
policykit.conf
POLICYKIT.CONF(5) PolicyKit.conf POLICYKIT.CONF(5) NAME
PolicyKit.conf - PolicyKit configuration file DESCRIPTION
The /etc/PolicyKit/PolicyKit.conf configuration file provides a way for system administrators to override policy for mechanisms that use the PolicyKit library to determine whether a caller is allowed to use the mechanism. Changes to this configuration file are immediately propagated to running processes using the PolicyKit library. If the configuration file is invalid, processes using this library will log this fact to the system logger and the library will only only return no as the answer to processes using it. The polkit-config-file-validate(1) tool can be used to verify that the configuration file is valid. FILE FORMAT
The configuration file is an XML document. It must have the following doctype declaration: <!DOCTYPE pkconfig PUBLIC "-//freedesktop//DTD PolicyKit Configuration 1.0//EN" "http://hal.freedesktop.org/releases/PolicyKit/1.0/config.dtd"> The following elements may be present in the configuration file: config This is the root element. A single attribute version must be present and must be set to "0.1" at this point. There can only be one config element in the configuration file. match This element is for matching information related to the decision making process and includes values describing both the caller and the action. This element can be embedded in both config and other match elements (hence allowing for nested matching). There can only be a single attribute in each match element and POSIX Extended Regular Expression syntax are supported in the value part. The following attributes are supported: user This matches on the users login name. action For matching on the given action being queried for, for example action="org.foo.*" will match on all actions whose action identifier begins with the string "org.foo.". return This element is for used to specify what result the PolicyKit library will return. It can only be embedded in config and match elements and can embed no elements itself. The return element is typically used deeply inside a number of match elements. A single attribute, result is supported and it can assume the following values: no Access denied. auth_self Access denied, but authentication of the caller as himself will grant access to only that caller. auth_self_keep_session Access denied, but authentication of the caller as himself will grant access to any caller in the session of the caller belongs to. auth_self_keep_always Access denied, but authentication of the caller as himself will grant access any caller with the given uid in the future. auth_admin Access denied, but authentication of the caller as an administrative user will grant access to only that caller. auth_admin_keep_session Access denied, but authentication of the caller as an administrative user will grant access to any caller in the session of the caller belongs to. auth_admin_keep_always Access denied, but authentication of the caller as an administrative user will grant access any caller with the given uid in the future. yes Access granted. define_admin_auth This element is used to specify the meaning of "authenticate as administrator". It is normally used at the top-level but can also be used deep inside a number of match elements for conditional behavior. There can only be a single attribute in each define_admin_auth element. POSIX Extended Regular Expression syntax is not supported in the value part, however multiple values to match on can be separated with the bar (|) character. The following attributes are supported: user Administrator authentication means authenticate as the given user(s). If no define_admin_auth element is given, the default is to use user="root" e.g. administrator authentication mean authenticate as the super user. group Administrator authentication means that any user in the groups matching the given value can be used to authenticate. Typically, on a system with the root account disabled one wants to use something like group="wheel" to e.g. enable all UNIX users in the UNIX group wheel to be able to authentication whenever administrator authentication is required. EXAMPLES
For brevity, the standard XML and DOCTYPE headers as well as the top-level config are omitted in the following configuration file examples. The actions used may also be fictional, use polkit-action(1), to learn about the actions available on your system. ALLOW EVERYTHING The users "davidz" and "bateman" are allowed to do any action: <match user="davidz|bateman"> <return result="yes"/> </match> MOUNTING FIXED DRIVES Suppose the action org.freedesktop.hal.storage.mount-fixed is used to determine whether mounting internal hard drives are allowed. Then this configuration file <match action="org.freedesktop.hal.storage.mount-fixed"> <match user="davidz"> <return result="yes"/> </match> <match user="freddy"> <return result="no"/> </match> </match> specifies that user "davidz" is always allowed to do the action, while user "freddy" is never allowed to do the action. Other users will be subject to the defaults results specified in the .policy file describing the action. AVOIDING THE ROOT PASSWORD Suppose the group wheel contains the users on a system who are allowed to carry out administrative tasks (ie. tasks that would usually require the root password) on a system where the root account is disabled. Then <define_admin_auth group="wheel"/> can be used to specify that users in said group can authenticate using their own password in instances where the system would normally prompt for the root password. AUTHOR
Written by David Zeuthen david@fubar.dk with a lot of help from many others. BUGS
Please send bug reports to either the distribution or the hal mailing list, see http://lists.freedesktop.org/mailman/listinfo/hal. to subscribe. SEE ALSO
PolicyKit(8), polkit-config-file-validate(1), polkit-action(1), polkit-auth(1) PolicyKit August 2007 POLICYKIT.CONF(5)