Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 10 years ago.
Improve this question
I want to give a specific user on Linux some privileges to enable him to run commands like shutdown or apt-get. I don't want to use the SUID bit since there are other users that I don't want to let them use these commands.
How do I do something like this?
sudo would probably be the easiest way to do this. You'll want to add something like the following to the sudoers file
username ALL=(ALL) /sbin/shutdown, /usr/bin/apt-get
where username is replaced with the user's actual username. You should be able to google for some examples - here is one such page.
Editing the sudoers file can be done safely by using the visudo program.
Related
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 10 years ago.
Improve this question
Is there anyway that i can log all the commands that a certain user or user group has run in an ubuntu CLI.
I need to keep a track of all the commands run by a certain group of users say
UsrGrp1:usr1,usr2,usr3
as i'm running a Cluster of machines and all are being controlled by different users. And i need to monitor those through the root user of every machine.
The history command gives me all the command logs. But it can be modified by the user itself. So i need to keep the logs under the root user only.
You can try logkeys a keylogger for linux. Another options could be script but with this you need to write a trigger to start it at each user login.
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 10 years ago.
Improve this question
Attempting something devious on my machine leads to
ryan#debian:~$ sudo EAT_ALL_THE_COOKIES_BEFORE_DINNER
[sudo] password for ryan:
ryan is not in the sudoers file. This incident will be reported.
Where is this incident reported, and how do I get the log of all the nasty attempted commands?
Nevermind, I just found the answer in the alt-text at xkcd:
Replace root with your username, in my case ryan, so the log is found with:
cat /var/spool/mail/ryan
The report is sent as an email to the root user. Many Linux distributions will automatically setup an alias for that user directing the mail to the first account created during the install process.
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 10 years ago.
Improve this question
I am learning security recently, and noticed that on my experiment system I can create a hard link to /etc/passwd in my home directory, while on my work system I cannot:
$ ln /etc/passwd
ln: failed to create hard link ./passwd' =>/etc/passwd': Operation not permitted
What is done to disable this?
This is because you are trying to create hardlink to /etc/passwd on a different volume. Most likely at your home system you setup everything onto a single volume.
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 10 years ago.
Improve this question
I want grant user rights to copy a specific file from a remote server via SSH. And I do not want to give him any opportunity to execute something else on a remote server.
I have an access to a remote machine but I'm not an adimistrator, and I want to give another user possibility to copy specific file but nothing else.
Is there any way to sign a script in linux to avoid modification of this script or something similar that could help?
There is a solution to restrict SSH run only specific command:
http://chihungchan.blogspot.com/2008/08/restrict-ssh-to-run-specific-command.html
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 11 years ago.
Improve this question
I have an user on my system named: website1 with his password. I need to change the name of website1 to website2. I don't want to remove it and then create a new user because I would like that website2 keep the exact same permissions as website1 on the system. I only want to change the name.
How can I do this?
usermod -l login-name old-name
You can change it with the usermod -l command. Check the usermod manual for more information.