Could you post us the output for the user in question doing these, even if they are just errors as they can be good too:-
It might give us a bit more if a clue. I cannot replicate your observations.
Hi all..
I'm secering a RH 2.1 server, with gnome (not my choice...), as X manager.
Is ther anyway to get sudo ask for root password other then the actual user's password? Like when you launch the graphical IHM to create a new user, it asks for root's password? Is there a way to do the same... (5 Replies)
Guy's
I'm trying to add some lines in sudo by useing this command visudo
# User privilege specification
root ALL=(ALL) ALL
# Uncomment to allow people in group wheel to run all commands
# %wheel ALL=(ALL) ALL
# Same thing without a password
# %wheel ALL=(ALL) NOPASSWD: ALL
#... (5 Replies)
I'm actually working with a Ubuntu-System here and have a question about executing a command with 'sudo'.
I tried and got a error message like "not allowed".
After this I logged in with 'sudo -s' and typed the command without 'sudo'. This worked well.
Can please somebody explain me this... (0 Replies)
I've been through many threads before i decide to create a separate thread.
I can't really find the solution to my (simple) problem.
Here's what I'm trying to achieve:
As "canar" user I want to run a command, let's say "/opt/ocaml/bin/ocaml" as "duck" user.
The only to achieve this is to... (1 Reply)
Anyone able to explain why if i run "sudo -i" or "sudo -s" i am able to get into root by just keying my own password?
How to avoid this from happening coz i need all the users to use su - only. (2 Replies)
I have a set of RHEL 5 boxes running our ERP software on Oracle databases. I need to allow my DBA's to su to oracle and one other account (banner) without knowing the oracle or banner password. But I need to prevent them from su'ing to any other user especially root. I only want them to be able to... (1 Reply)
i have tried to use a sudo command from a user level . but instead of asking for user password it asked for root password . how should i go about it .
james@opensuse:/etc> sudo ifconfig
root's password:
And i wish to ask how should i allow a list of command to be allowed to used for a... (4 Replies)
Hello,
It is Solaris-10. There is a file as /opt/vpp/dom1.2/pdd/today_23. It is always generated by root, so owned by root only.
This file has to be deleted as part of application restart always and that is done by app_user and SA is always involved to do rm on that file.
Is it possible to give... (9 Replies)
I have a coworker that has set up some funky aliases in /etc/bash.alias, and he insists on leaving them that way. For example he aliased "ll" to "ls -lahtr", which really bugs me.
Anyway, I was wondering if there were a way for me to sudo to root without reading /etc/bash.alias, or maybe have... (6 Replies)
Discussion started by: paqman
6 Replies
LEARN ABOUT DEBIAN
puppet-kick
PUPPET-KICK(8) Puppet manual PUPPET-KICK(8)NAME
puppet-kick - Remotely control puppet agent
SYNOPSIS
Trigger a puppet agent run on a set of hosts.
USAGE
puppet kick [-a|--all] [-c|--class class] [-d|--debug] [-f|--foreground] [-h|--help] [--host host] [--no-fqdn] [--ignoreschedules]
[-t|--tag tag] [--test] [-p|--ping] host [host [...]]
DESCRIPTION
This script can be used to connect to a set of machines running 'puppet agent' and trigger them to run their configurations. The most com-
mon usage would be to specify a class of hosts and a set of tags, and 'puppet kick' would look up in LDAP all of the hosts matching that
class, then connect to each host and trigger a run of all of the objects with the specified tags.
If you are not storing your host configurations in LDAP, you can specify hosts manually.
You will most likely have to run 'puppet kick' as root to get access to the SSL certificates.
'puppet kick' reads 'puppet master''s configuration file, so that it can copy things like LDAP settings.
USAGE NOTES
Puppet kick needs the puppet agent on the target machine to be running as a daemon, be configured to listen for incoming network connec-
tions, and have an appropriate security configuration.
The specific changes required are:
o Set listen = true in the agent's puppet.conf file (or --listen on the command line)
o Configure the node's firewall to allow incoming connections on port 8139
o Insert the following stanza at the top of the node's auth.conf file:
# Allow puppet kick access
path /run
method save
auth any
allow workstation.example.com
This example would allow the machine workstation.example.com to trigger a Puppet run; adjust the "allow" directive to suit your site. You
may also use allow * to allow anyone to trigger a Puppet run, but that makes it possible to interfere with your site by triggering exces-
sive Puppet runs.
See http://docs.puppetlabs.com/guides/rest_auth_conf.html for more details about security settings.
OPTIONS
Note that any configuration parameter that's valid in the configuration file is also a valid long argument. For example, 'ssldir' is a
valid configuration parameter, so you can specify '--ssldir directory' as an argument.
See the configuration file documentation at http://docs.puppetlabs.com/references/latest/configuration.html for the full list of acceptable
parameters. A commented list of all configuration options can also be generated by running puppet master with '--genconfig'.
--all Connect to all available hosts. Requires LDAP support at this point.
--class
Specify a class of machines to which to connect. This only works if you have LDAP configured, at the moment.
--debug
Enable full debugging.
--foreground
Run each configuration in the foreground; that is, when connecting to a host, do not return until the host has finished its run. The
default is false.
--help Print this help message
--host A specific host to which to connect. This flag can be specified more than once.
--ignoreschedules
Whether the client should ignore schedules when running its configuration. This can be used to force the client to perform work it
would not normally perform so soon. The default is false.
--parallel
How parallel to make the connections. Parallelization is provided by forking for each client to which to connect. The default is 1,
meaning serial execution.
--tag Specify a tag for selecting the objects to apply. Does not work with the --test option.
--test Print the hosts you would connect to but do not actually connect. This option requires LDAP support at this point.
--ping Do a ICMP echo against the target host. Skip hosts that don't respond to ping.
EXAMPLE
$ sudo puppet kick -p 10 -t remotefile -t webserver host1 host2
AUTHOR
Luke Kanies
COPYRIGHT
Copyright (c) 2011 Puppet Labs, LLC Licensed under the Apache 2.0 License
Puppet Labs, LLC June 2012 PUPPET-KICK(8)