Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Sudoers in Centos
Operating Systems Linux Sudoers in Centos Post 302955221 by shekar777 on Tuesday 15th of September 2015 01:22:04 PM
Old 09-15-2015
Sudoers in Centos
In our servers we don't have proper groups and No active Directory.
We are adding Users locally and providing users a public key, that's the way they can connect to the servers using .ppk file.

My manager ask me to prompt for a password based login when they try for Sudo. (Currently it was set up for no password in sudoers file)

Since we don't have a Password set up on these boxes is there any way we can achieve this task.

I am thinking as below:
  1. LDAP based authentication
  2. We can add a password locally in the /etc/passwd file in that way it will be encrypted and copied over to local server. then we can modify sudoers file to prompt for the password.

Please let me know is there any other way we can address this thank you for your valuable suggestions Smilie

Thanks
Last edited by rbatte1; 09-18-2015 at 11:43 AM.. Reason: Converted to formatted numbered list instead of just text numbered list
 

6 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

sudoers on HP 11.11

Having a "running low on coffee" moment here & need help. On HP 11.11 where is the sudoers file located; I looked every place I could think of and don't see it. Thanks in advance:confused: (2 Replies)
Discussion started by: dhlopomo
2 Replies

2. UNIX for Dummies Questions & Answers

sudoers

i just installed/configured apache2.0 on my own aix5.3 mini server. i can start/stop apache by root, but i want to start it under my login id(admin) instead. i need to execute this command: /usr/bin/sudo /usr/IBM/HTTPServer/bin/apachectl stop/start. (5 Replies)
Discussion started by: tjmannonline
5 Replies

3. Solaris

sudoers

this is for the first time i am going to use sudoers i want know how to create sudoers and giving privileges for that users thanks in advance dinu (6 Replies)
Discussion started by: dinu
6 Replies

4. Solaris

sudoers

what is the configuration file for sudo? can we edit it as like other file or will it create any adverse effect on editing that file? thanks in advance dinu (1 Reply)
Discussion started by: dinu
1 Replies

5. Red Hat

How to Upgrade Centos 5.7 using Centos 5.8 ISO image on Vmware workstation

Dear Linux Experts, On my windows 7 desktop with the help of Vmware workstation (Version 7.1), created virtual machine and installed Centos 5.7 successfully using ISO image. Query : Is this possible to upgrade the Centos 5.7 using Centos 5.8 ISO image to Centos version 5.8?.. if yes kindly... (2 Replies)
Discussion started by: Ananthcn
2 Replies

6. Solaris

Sudoers

Having a bit of a discussion with a software vendor about this. Can anyone confirm my understanding? /etc/sudoers file example:- user1 server1 = NOPASSWD:/usr/bin/ls -l user1 server1 = NOPASSWD:/usr/bin/file But then the following command fails (logged in on server 1 as user1) because... (2 Replies)
Discussion started by: psychocandy
2 Replies

LEARN ABOUT MOJAVE

ftpd_selinux

ftpd_selinux(8) 					 ftpd SELinux policy documentation					   ftpd_selinux(8)

NAME

       ftpd_selinux - Security-Enhanced Linux policy for ftp daemons.

DESCRIPTION

       Security-Enhanced Linux provides security for ftp daemons via flexible mandatory access control.

FILE_CONTEXTS
       SELinux requires files to have a file type. File types may be specified with semanage and are restored with restorecon.	Policy governs the
       access that daemons have to files.

       Allow ftp servers to read the /var/ftp directory by adding the public_content_t file type to the directory and by restoring the file type.

       semanage fcontext -a -t public_content_t "/var/ftp(/.*)?"

       restorecon -F -R -v /var/ftp

       Allow ftp servers to read and write /var/tmp/incoming by adding the public_content_rw_t type to the directory and  by  restoring  the  file
       type.  This also requires the allow_ftpd_anon_write boolean to be set.

       semanage fcontext -a -t public_content_rw_t "/var/ftp/incoming(/.*)?"

       restorecon -F -R -v /var/ftp/incoming

BOOLEANS

       SELinux policy is based on least privilege required and may also be customizable by setting a boolean with setsebool.

       Allow ftp servers to read and write files with the public_content_rw_t file type.

       setsebool -P allow_ftpd_anon_write on

       Allow ftp servers to read or write files in the user home directories.

       setsebool -P ftp_home_dir on

       Allow ftp servers to read or write all files on the system.

       setsebool -P allow_ftpd_full_access on

       Allow ftp servers to use cifs for public file transfer services.

       setsebool -P allow_ftpd_use_cifs on

       Allow ftp servers to use nfs for public file transfer services.

       setsebool -P allow_ftpd_use_nfs on

       system-config-selinux is a GUI tool available to customize SELinux policy settings.

AUTHOR

       This manual page was written by Dan Walsh <dwalsh@redhat.com>.

SEE ALSO

       selinux(8), ftpd(8), setsebool(8), semanage(8), restorecon(8)

dwalsh@redhat.com						    17 Jan 2005 						   ftpd_selinux(8)
All times are GMT -4. The time now is 09:43 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy