|
|
Sponsored Content
Operating Systems
Linux
Red Hat
Block any root Privilege
Post 303037916 by hicksd8 on Saturday 17th of August 2019 10:11:13 AM
|
|
10 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
All,
I want to run a non-root script as the root user with non-root environment variables with crontab. The non-root user would have environment variables for database access such as Oracle or Sybase. The root user does not have the Oracle or Sybase enviroment variables. I thought you could do... (2 Replies)
Discussion started by: bubba112557
2 Replies
2. Solaris
Hello All,
I need your help to know how i can give regular user ALL root privileges.
If there is any way pleas help me :)
Regards,
Ahmad (7 Replies)
Discussion started by: ahmad_one
7 Replies
3. Solaris
Hi Friends,
I would like to block the root user for doing ftp. As I am aware that I need to put the entry for root in /etc/ftpusers.....am I right...??? But I am not able to edit the file & even more command is not working.
#ls -l ftp*
total 14
-rw-r--r-- 1 root sys 1249 Jun... (3 Replies)
Discussion started by: jumadhiya
3 Replies
4. Linux
We are intending to protect a set of user specified files using LVM mirroring where the protected space on which the user files are stored is mirrored on an LV on a different disk. Our problem is that for a user with a custom layout has installed linux with 2 partitons for swap and / and there is... (0 Replies)
Discussion started by: kickdgrass
0 Replies
5. Solaris
Can anyone please tell how to give root privilege to a normal user in solaris 10? (5 Replies)
Discussion started by: nicktrix
5 Replies
6. Red Hat
Friends ,
i want to run my smtp service as a root .
let me know what r the changes i have to made to my machine .
AVklinux (1 Reply)
Discussion started by: avklinux
1 Replies
7. UNIX for Dummies Questions & Answers
Hi,
I use a nomachine terminal to access KDE desktop(redhat linux enterprise) on a server. Is there any way to get the mouse wheel to work without root privilege ?
I have a usb mouse connected to a nomachine terminal,most likely the mouse wheel problem is not the problem of nomachine, but... (1 Reply)
Discussion started by: grossgermany
1 Replies
8. AIX
How to block the root user login in system direct console. Users should login with non-root ids themselves and then use the su command to become root. Which configuration file i need to check and disable it. (5 Replies)
Discussion started by: kmvinay
5 Replies
9. UNIX for Advanced & Expert Users
Hi all,
actually my scenario is we are running a webserver using apache-tomcat in that our client uploading resumes, so that particular space we are allowed to upload
for that we are running java in root permission, so even we changed the particular folder permission also inside the Webapps but... (1 Reply)
Discussion started by: anishkumarv
1 Replies
10. Solaris
Hi All
After downloading ZFS documentation from oracle site, I am able to successfully migrate UFS root FS without zones to ZFS root FS. But in case of UFS root file system with zones , I am successfully able to migrate global zone to zfs root file system but zone are still in UFS root file... (2 Replies)
Discussion started by: sb200
2 Replies
LEARN ABOUT DEBIAN
jifty::currentuser
Jifty::CurrentUser(3pm) User Contributed Perl Documentation Jifty::CurrentUser(3pm) NAME
Jifty::CurrentUser - Base class and basic implementation of current user object DESCRIPTION
Most applications need to have a concept of who the current user is. So Jifty supports this concept internally. Every Jifty::Object (which most things in Jifty are descended from) except the CurrentUser itself is instantiated with a Jifty::CurrentUser subclass as a parameter to the creator. This class describes (and implements a trivial version) of the access control API that a Jifty application needs to implement to provide user-based access control It's generally expected that your application will override this class if you want any sort of access control. new Creates a new Jifty::CurrentUser object. Calls _init, an app-specific initialization routine. If you call it with the "_bootstrap" argument, Jifty will set the user up as a bootstrap user, who's usually allowed to do just about anything without any access control _init Applications should override this method to provide any application-specific user loading code. The built-in If you do nothing, code similar to this will be called by _init. sub _init { my $self = shift; my %args = (@_); if (keys %args and UNIVERSAL::can(Jifty->app_class('Model', 'User'), 'new')) { $self->user_object(Jifty->app_class('Model', 'User')->new(current_user => $self)); $self->user_object->load_by_cols(%args); } return 1; } That is, it will attempt to load the columns given in the model named "App::Model::User" (where App is the name of your application class). If your notion of a user object isn't a typical Jifty model or named something else, you will definitely need to override this method. If you need to perform any additional initialization for user objects, you may want to override this as well. superuser A convenience constructor that returns a new CurrentUser object that's marked as a superuser. Can be called either as a class or object method. user_object This gets or sets your application's user object for the current user. Generally, you're expected to set and load it in the "_init" method in your Jifty::CurrentUser subclass. id Returns 0 if we don't have a user_object. When we do have a user_object, return that user's id. current_user Every class in a Jifty application has a "current_user" method that returns the user who's doing things, in the form of a Jifty::CurrentUser object a subclass thereof. For the somewhat obvious reason that you can't actually lift yourself up by tugging on your own bootstraps, a Jifty::CurrentUser object return itself rather than another "Jifty::CurrentUser" object. AUTHENTICATION AND AUTHORIZATION
To use Jifty's built-in authentication and authorization system, your user objects need to implement the following API methods: password_is STRING Your user_object should have a method called "password_is" which returns true if passed a string that matches the user's current password. username Return a string which identifies the user in some way. auth_token Return a string which proves that the user is who they claim to be. A simple way to do this, for example, would be to hash the username and some server-side secret. RIGHTS AND ACCESS CONTROL
In any system that relies on users' rights to perform actions, it's sometimes necessary to walk around the access control system. There are two primary cases for this: is_superuser Sometimes, while the system is running, you need to do something on behalf of a user that they shouldn't be able to do themselves. Maybe you need to let a new user sign up for your service (You don't want to let any user create more users, right?) or to write an entry to a changelog. If the user has the "is_superuser" flag set, things still get read from the database, but the user can walk around any and all ACL checks. Think "Neo" from the Matrix. The superuser can walk through walls, stop bullets and so on. is_bootstrap_user When your system is first getting going, you can't assume anything. There probably aren't any rights in the system to check. A user with the "is_bootstrap_user" flag set is a self-reliant superuser. Nothing is read from the database, no ACLs are checked. You probably never need to do anything with bootstrap users. current_user_can ACTION For a current user object, the current user can always "read", but never write or do anything else. jifty_serialize_format Serializes as the user_object. SEE ALSO
Jifty::Object, Jifty::Plugin::User LICENSE
Jifty is Copyright 2005-2010 Best Practical Solutions, LLC. Jifty is distributed under the same terms as Perl itself. perl v5.14.2 2010-12-10 Jifty::CurrentUser(3pm)