|
|
Sponsored Content
Top Forums
UNIX for Dummies Questions & Answers
How to prevent root users from editing files (logs)
Post 91896 by Just Ice on Tuesday 6th of December 2005 10:50:51 AM
12-06-2005
|
|
9 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
Hi
How can I prevent anyone from logging in as root directly? I have added the line
console=/dev/null
to the file /etc/default/login
I was still able to login as root from the console. Please advice.
Thanks
Srini (4 Replies)
Discussion started by: skotapal
4 Replies
2. AIX
At the office, we often have to edit one file with VI. We are 4-6 workers doing it and sometimes can be done at the same time.
We have found a problem and want to prevent it with a file lock. Is it possible and how ?
problem :
Worker-a starts edit VI session on File-A at 1PM
Worker-b... (14 Replies)
Discussion started by: Browser_ice
14 Replies
3. UNIX for Advanced & Expert Users
We have a shared development box, running Solaris 10 that is an NIS client, all the developers have local root password. If they know the NIS uid of another user, they can just do
% useradd -u <uid> login
And then log in as that user and have full access to his files in his home directory. ... (3 Replies)
Discussion started by: nfw
3 Replies
4. Solaris
I would like to know how to prevent users connecting to a server using SSH as root.
I would still like them to be able to login with their username and then change to su.
But I would like to prevent them logging in directly as root.
I have searched the forum and read that I should set... (3 Replies)
Discussion started by: Sepia
3 Replies
5. UNIX for Dummies Questions & Answers
Hi All,
Ref: "build crontab from a text file" in same forum. (I am not allowed to post URL's in the first post)
We are reorganizing our UNIX Crontab file by first making changes in a word pad text file. The intent is to then copy it back to Crontab. Will this work? Copy and Paste does not... (6 Replies)
Discussion started by: nivedhitha
6 Replies
6. UNIX for Dummies Questions & Answers
Hi,
when 2 users are logged as root , how can i find witch one had perform witch command?
Thanks, (1 Reply)
Discussion started by: prpkrk
1 Replies
7. Shell Programming and Scripting
So I have a script that runs as a non-root user, lets say the username is 'xymon' .
This script needs to log on to a remote system as a non-root user also and call up a bash script that runs another bash script as root.
in short: user xymon on system A needs to run a file as root user and have... (2 Replies)
Discussion started by: damang111
2 Replies
8. Shell Programming and Scripting
I have a script which do validation check and perform code migration from one env. to another, this is built for users/developers.
How can I prevent this shell script from copy or read from users, as they can modify it and run it as per their requirement where as this has to be standard script and... (1 Reply)
Discussion started by: pramendra
1 Replies
9. Shell Programming and Scripting
I need to list users in /etc/passwd with root's GID or UID or /root as home directory
If we have these entries in /etc/passwd
root:x:0:0:root:/root:/bin/bash
rootgooduser1:x:100:100::/home/gooduser1:/bin/bash
baduser1:x:0:300::/home/baduser1:/bin/bash... (6 Replies)
Discussion started by: anil510
6 Replies
LEARN ABOUT OPENDARWIN
edquota
EDQUOTA(8) BSD System Manager's Manual EDQUOTA(8) NAME
edquota -- edit user quotas SYNOPSIS
edquota [-u] [-p proto-username] username ... edquota -g [-p proto-groupname] groupname ... edquota -t [-u] edquota -t -g DESCRIPTION
Edquota is a quota editor. By default, or if the -u flag is specified, one or more users may be specified on the command line. For each user a temporary file is created with an ASCII representation of the current disk quotas for that user. The list of filesystems with user quotas is determined by scanning the mounted filesystems for a .quota.ops.user file located at its root. An editor is invoked on the ASCII file. The editor invoked is vi(1) unless the environment variable EDITOR specifies otherwise. The quotas may then be modified, new quotas added, etc. Setting a quota to zero indicates that no quota should be imposed. Setting a hard limit to one indicates that no allocations should be permitted. Setting a soft limit to one with a hard limit of zero indicates that alloca- tions should be permitted on only a temporary basis (see -t below). The current usage information in the file is for informational purposes; only the hard and soft limits can be changed. On leaving the editor, edquota reads the temporary file and modifies the binary quota files to reflect the changes made. The binary quota file, .quota.user is stored at the root of the filesystem. The default filename and root location for the user quotas cannot be overridden. If the -p flag is specified, edquota will duplicate the quotas of the prototypical user specified for each user specified. This is the nor- mal mechanism used to initialize quotas for groups of users. If the -g flag is specified, edquota is invoked to edit the quotas of one or more groups specified on the command line. The list of filesys- tems with group quotas is determined by scanning the mounted filesystems for a .quota.ops.group file located at its root. Similarly, the binary quota file, .quota.group is stored at the root of the filesystem. The default filename and root location for group quotas cannot be overridden. The -p flag can be specified in conjunction with the -g flag to specify a prototypical group to be duplicated among the listed set of groups. Users are permitted to exceed their soft limits for a grace period that may be specified per filesystem. Once the grace period has expired, the soft limit is enforced as a hard limit. The default grace period for a filesystem is specified in /usr/include/sys/quota.h. The -t flag can be used to change the grace period. By default, or when invoked with the -u flag, the grace period is set for each filesystem with a .quota.ops.user file located at its root. When invoked with the -g flag, the grace period is set for each filesystem with a .quota.ops.group file located at its root. The grace period may be specified in days, hours, minutes, or seconds. Setting a grace period to zero indicates that the default grace period should be imposed. Setting a grace period to one second indicates that no grace period should be granted. Only the super-user may edit quotas. FILES
Each of the following quota files is located at the root of the mounted filesystem. The mount option files are empty files whose existence indicates that quotas are to be enabled for that filesystem. The binary data files will be created by edquota, if they don't already exist. .quota.user data file containing user quotas .quota.group data file containing group quotas .quota.ops.user mount option file used to enable user quotas .quota.ops.group mount option file used to enable group quotas SEE ALSO
quota(1), quotactl(2), quotacheck(8), quotaon(8), repquota(8) DIAGNOSTICS
Various messages about inaccessible files; self-explanatory. BSD
June 2, 2019 BSD