Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Id command does not return correct username
Top Forums Shell Programming and Scripting Id command does not return correct username Post 303041826 by foad on Wednesday 4th of December 2019 05:18:23 PM
Old 12-04-2019
I was told by JimMcNamara that my reply was too harsh.

Well, it was meant as a factual statement: i would for sure remove any shell access of such a user save for the sandbox, but the bank i work for is probably just too harsh and we should have more of a "no risk no fun"-approach with our systems.

Anyways i would like to apologize for the error of my ways: of course the thread-o/p should be allowed access to all the servers on the network. Would it also be too harsh to suggest he shouldn't get root rights? If so, i suggest he should get them everywhere too as i wouldn't want to be in breach of the forum rules.
 

10 More Discussions You Might Find Interesting

1. IP Networking

pine username return address

hello all I am happily using pine but unhappily sending email as username@where.my.mail.works instead of ****@my.college.edu well, my username on my computer is one thing, but my username on my college account (**** here) is different. what I'm trying to do is use the college server for... (1 Reply)
Discussion started by: plusran
1 Replies

2. UNIX for Dummies Questions & Answers

to pick up the Return Code ( RC) from the mailx command and return it to SAS uisng 's

Hi All, Can anyone please let me know the syntax / how to pick up the Return Code ( RC) from the mailx command and return it to SAS uisng 'system()' function and '${?}'. I am in a process to send the mail automatically with an attachment to bulk users. I have used 'Mailx' and 'Unencode'... (0 Replies)
Discussion started by: manas6
0 Replies

3. UNIX for Dummies Questions & Answers

Is this grep command correct?

Hi I need to know if I have got the following grep command correct. I wanted to find from myfile.txt all signed real numbers (e.g. +5.0, -78, but not 5.0, 5 are not). I have thought about it and decided it was this: grep '' myfile.txt but I was wondering if this was correct. If... (2 Replies)
Discussion started by: rushhour
2 Replies

4. Shell Programming and Scripting

::select statement return value with correct field size::

Hi Everyone, I am facing a problem regarding the select from sybase, the return with the incorrect size. For example, field is NAME(20). After i selected from sybase, the result is nicky. after i assign it to another declaration variable, it will be in actual name "nicky" , what i need... (10 Replies)
Discussion started by: ryanW
10 Replies

5. Shell Programming and Scripting

FTP command line username and password passing

Dear All, I am new to unix and I am trying to build a shell script which will connect to a different server by passing username and password from a file or command line but not manually... In short I dont want to connect to a diff server via ftp interactively. Any suggestion...looking... (8 Replies)
Discussion started by: Pratik4891
8 Replies

6. UNIX for Advanced & Expert Users

I was trying this command...am I going correct? other there is better way

I was trying to copy all debs from apt cache to some storage location and I was taking this approach... /var/cache/apt/archives# ls -1 | grep -v jdownloader | fgrep .deb | xargs cp /media/eshant/L-STORE/Softwares/openjdk/an error bla_bla.deb is a not directory stalled me Suggestions please... (9 Replies)
Discussion started by: ezee
9 Replies

7. Shell Programming and Scripting

Need output of script on screen and file with correct return status of the called script.

Hi, I am trying to capture logs of the script in the file as well as on the screen. I have used exec and tee command for this. While using exec command I am getting the correct output in the file but, script output is not getting displayed on the screen as it get executed. Below is my sample... (14 Replies)
Discussion started by: Prathmesh
14 Replies

8. Shell Programming and Scripting

Wget and correct zip for command

If there were 3 files put in a folder on /Desktop/Test then transferred to a site. would gzip -r /Desktop/Test zip them so that wget --http-user cmccabe --http -passwd xxxx*** https://something.sharefile.com/login.aspx -O - | tar -zxf - could be used to connect to the site, login,... (6 Replies)
Discussion started by: cmccabe
6 Replies

9. Shell Programming and Scripting

LS command does not list the correct file

Hi, I am logged into as root & inside the home directory of another user. ls -a # ls -laq total 44 drwx------ 4 user1 adm 4096 Nov 23 05:10 . drwxr-xr-x. 12 root root 4096 Nov 22 13:05 .. -rw-r--r-- 1 user1 adm 18 Nov 22 13:05 .bash_logout -rw-r--r-- 1 user1 adm 193 Nov... (2 Replies)
Discussion started by: mohtashims
2 Replies

10. Shell Programming and Scripting

How to auto correct a failing command?

If a command is not found, e.g. nawk, this is how I fix the problem ] && NAWK=/usr/bin/gawk ] && NAWK=/usr/bin/nawk ] && NAWK=/usr/bin/awkI use $NAWK an the set the appropriate value based on the system it runs. How can I implement a similar fix for a command found but illegal argument.... (6 Replies)
Discussion started by: mohtashims
6 Replies

LEARN ABOUT CENTOS

sandbox

SANDBOX(8)							   User Commands							SANDBOX(8)

NAME

       sandbox - Run cmd under an SELinux sandbox

SYNOPSIS

       sandbox	[-C] [-c] [-s] [ -d DPI ] [-l level ] [[-M | -X]  -H homedir -T tempdir ] [-I includefile ] [ -W windowmanager ] [ -w windowsize ]
       [[-i file ]...] [ -t type ] cmd

       sandbox [-C] [-c] [-s] [ -d DPI ] [-l level ] [[-M | -X]  -H homedir -T tempdir ] [-I includefile ] [ -W windowmanager ] [ -w windowsize  ]
       [[-i file ]...] [ -t type ] -S

DESCRIPTION

       Run  the cmd application within a tightly confined SELinux domain.  The default sandbox domain only allows applications the ability to read
       and write stdin, stdout and any other file descriptors handed to it. It is not allowed to open any other files.	The -M option  will  mount
       an alternate homedir and tmpdir to be used by the sandbox.

       If  you	have  the  policycoreutils-sandbox package installed, you can use the -X option and the -M option.  sandbox -X allows you to run X
       applications within a sandbox.  These applications will start up their own X Server and create a temporary home directory  and  /tmp.   The
       default	SELinux  policy  does  not allow any capabilities or network access.  It also prevents all access to the users other processes and
       files.  Files specified on the command that are in the home directory or /tmp will be copied into the sandbox directories.

       If directories are specified with -H or -T the directory will have its context modified with chcon(1) unless a level is specified with  -l.
       If the MLS/MCS security level is specified, the user is responsible to set the correct labels.

       -h --help
	      display usage message

       -H --homedir
	      Use alternate homedir to mount over your home directory.	Defaults to temporary. Requires -X or -M.

       -i --include
	      Copy this file into the appropriate temporary sandbox directory. Command can be repeated.

       -I --includefile
	      Copy all files listed in inputfile into the appropriate temporary sandbox directories.

       -l --level
	      Specify the MLS/MCS Security Level to run the sandbox with.  Defaults to random.

       -M --mount
	      Create a Sandbox with temporary files for $HOME and /tmp.

       -s --shred
	      Shred temporary files created in $HOME and /tmp, before deleting.

       -t --type
	      Use alternate sandbox type, defaults to sandbox_t or sandbox_x_t for -X.

	      Examples:
	      sandbox_t -    No X, No Network Access, No Open, read/write on passed in file descriptors.
	      sandbox_min_t  -	  No Network Access
	      sandbox_x_t    -	  Printer Ports
	      sandbox_web_t  -	  Ports required for web browsing
	      sandbox_net_t  -	  All network ports

       -T --tmpdir
	      Use alternate temporary directory to mount on /tmp.  Defaults to tmpfs. Requires -X or -M.

       -S --session
	      Run a full desktop session, Requires level, and home and tmpdir.

       -w --windowsize

	      Specifies the windowsize when creating an X based Sandbox. The default windowsize is 1000x700.

       -W --windowmanager
	      Select alternative window manager to run within sandbox -X.  Default to /usr/bin/matchbox-window-manager.

       -X     Create an X based Sandbox for gui apps, temporary files for $HOME and /tmp, secondary Xserver, defaults to sandbox_x_t

       -d --dpi
	      Set the DPI value for the sandbox X Server. Defaults to the current X Sever DPI.

       -c --cgroups
	      Use  control  groups  to control this copy of sandbox.  Specify parameters in /etc/sysconfig/sandbox. Max memory usage and cpu usage
	      are to be specified in percent. You can specify which CPUs to use by numbering them 0,1,2... etc.

       -C --capabilities Use capabilities within the
	      sandbox. By default applications executed within the sandbox will not be allowed to use capabilities  (setuid  apps),  with  the	-C
	      flag, you can use programs requiring capabilities.

SEE ALSO

       runcon(1), seunshare(8), selinux(8)

AUTHOR

       This manual page was written by Dan Walsh <dwalsh@redhat.com> and Thomas Liu <tliu@fedoraproject.org>

sandbox 							     May 2010								SANDBOX(8)
All times are GMT -4. The time now is 05:19 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy