I work on a shared linux enviroment (CentOS), but for some reason one of my logins has been locked.
When I do a cat /etc/passwd | grep "/home", I can find my user:
roaming:x:579:579::/home/roaming:/bin/nologin
I've got root permission but don't know what to do to be able to login again.
What should I do about this 'no login' thing??
The shell for this user is set to a non-existent program in order to prevent user from logging in with interactive shell (ssh, local login). Yet the user can authenticate to do some other stuff like copying files through FTP or SMB.
Just run as a root to put a normal shell back.
chsh roaming /bin/bash
As root, enter
chsh -s /bin/sh roaming
Related
Is there any suitable shell script for shutting down or restarting a Linux machine? I have tried a shell script for shutdown, but when I enter sudo shutdown it will ask for the password. How we can enter the password using the script?
Another, in my opinion cleaner approach:
Create a new file in /etc/sudoers.d/ with content:
%users ALL=NOPASSWD: /sbin/shutdown
%users ALL=NOPASSWD: /sbin/reboot
This causes sudo to not ask for the password, if any user of group "users" tries to execute a shutdown or reboot. Of course you can also specify another group, maybe a newly created group for finer control of reboot permissions.
More information about the other possible settings for sudo can be found in the Manpage.
Yes, use the -S switch which reads the password from STDIN:
$echo <password> | sudo -S <command>
So to shut down the machine, your command would be like this (just replace <password> with your password):
$echo <password> | sudo -S poweroff
Exposing your password is generally bad idea search for something that can protect / hide it. In the past I've used Jenkins plugins to do this while executing the scripts regularly.
if you really want to achieve it, you should write a script containing the shutdown command; make root be its owner, then set the SUID bit with the chmod command and give to it executable permission for everybody. When executed, the owner of the script would become root and no password should be asked.
I am trying to connect to my Linux server.
After entering the password it is showing below output:
Last Logan: Mon Jun 24 12:22:48 2013 from xxx.xxx.xxx.xxx
/bin/bash: No such file or directory
Connection to xxx.xxx.x.xx closed.
How do I connect to the server?
you are trying to enter your server as a user privileges and you see /bin/bash file. When you chroot, you can reach /bin/bash directroy. And you can add your user in sudo.
Then you should see directory /home/username/bin/bash/
Edit :
When you chroot, the named directory becomes /. The correct shell path inside the chroot is then /bin/bash, not /home/username/bin/bash.
You will also need to make sure there's enough other stuff inside the chroot for the system to work. You can test this with sudo chroot /home/username /bin/bash and see what works and what doesn't
And also there is good information about chroot configuration
Your user is associated with an incorrect shell. The path to the associated shell "/bin/bash" doesn't exist on the system.
Correct your user's shell from the root or ask the administrator to do it.
Similar question: changing default shell in linux
I am trying to create a Linux terminal menu by way of a simple script. Within the script it will have some commands that will submit a job (a shell script for example) as another user without password prompt.
I was able to find the following post and this worked. how to run script as another user without password
However, there was one side affect. It appears the user can run other scripts in that users folder which I don't want.
Any suggestions/help welcome.
For the sake of this. Here is what I have:
Username temp1, which is the user that will be running the menu.
uid=1001(temp1), gid=1001(temp1), groups=1001(temp1)
Username wayne, which is the user that the script must be submitted as to run the job
uid=1000(wayne), gid=1000(wayne),groups=1000(wayne),4(adm),24(cdrom),27(sudo),30(dip)...
Script script1.sh, script2.sh owned by wayne.
-rwxr-xr-x script1.sh
-rwxr-xr-x script2.sh
If I try to go to /home/wayne as temp1 user I get permission denied (expected)
I set the scripts to chmod 700 for wayne. So technically no one can run them other than wayne.
I have edited sudo file and have the following entry:
temp1 ALL(wayne) NOPASSWD: /home/wayne/script1.sh
When I run command su -c "/home/wayne/script1.sh" -s /bin/sh wayne the script runs (as expected)
When I run command su -c "/home/wayne/script2.sh" -s /bin/sh wayne the script runs (not expected).
Any ideas?
The answer is change from su to sudo.
su is primarily for switching users, while sudo is for executing commands as other users. The -u flag lets you specify which user to execute the command as:
sudo -u wayne '/home/wayne/script2.sh'
gives Sorry user is not allowed to execute
Solution: In order to run commands/scripts as another user on linux/unix you need sudo permission and run the following formula:
sudo -H -u <user> bash -c '<some-command>'
For example:
sudo -H -u wayne bash -c 'echo "user:$USER|home:$HOME|action:run_script"; ./home/wayne/script.sh'
from Documentation:
sudo allows a permitted user to execute a command as the superuser or
another user, as specified by the security policy.
-H The -H (HOME) option requests that the security policy set
the HOME environment variable to the home directory of the
target user (root by default) as specified by the password
database. Depending on the policy, this may be the default
behavior.
-u user The -u (user) option causes sudo to run the specified
command as a user other than root. To specify a uid
instead of a user name, use #uid. When running commands as
a uid, many shells require that the '#' be escaped with a
backslash ('\'). Security policies may restrict uids to
those listed in the password database. The sudoers policy
allows uids that are not in the password database as long
as the targetpw option is not set. Other security policies
may not support this.
I am trying to do a mysqldump from a local Linux machine to a Windows folder that has been mounted on the system. This is the command I am using in the terminal:
mysqldump -u root -plinuxsux myDB -t LOG > /mounted folder/path/blah/myDB.sql
I am getting the following error:
/mounted folder/path/blah/myDB.sql: Permission denied
I checked the permissions of the folder on the Windows side, and there is a specific user that I created called Sys003 that has full control of that folder.
Do I need to put that user name (and password) into the command above to get it to work? And if so, how do I do that? Thanks.
The problem is that the user that is actually running the mysqldump command has not the permission to write on the destination folder.
One solution might be changing to the Sys003 user and run the mysqldump again:
normal_prompt> su Sys003
password...
Sys003_prompt> mysqldump...
Another one can be running mysqldump as your normal user, then copy the dump as Sys003:
normal_prompt> mysqldump... > /local/dump.sql
normal_prompt> su Sys003
password...
Sys003_prompt> cp /local/dump.sql /mounted_folder/path/blah/myDB.sql
Be careful, since your Sys003 user might not be authorized on running mysqldump, but that's a totally different question :)
It was an error in the /etc/fstab file. I had the user as a different user than Sys003. Once I put the user as Sys003 with their password, it worked.
I want to know if i can somehow or someway run a remote linux script stored in windows machine through putty which can contain:
#!/bin/bash
su
<password>
<some operation which needs root permissions>
exit
<some operation with normal user credentials>
Since i tried above script but it does ask root password and then give error of not able to run commands and needed root access. I ran this script from putty using command line:
putty -ssh normaluser#linuxhost -pw <password> -t -m C:\myRootScript.sh
Thanks for answers
Ashutosh
Either login as the root user (not recommended!) or add the user that you're login in with to the sudoers file
sudo visudo
myusername ALL=(ALL) NOPASSWD: ALL
That will let you run sudo without a password.