LinuxQuestions.org
Visit the LQ Articles and Editorials section
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - General
User Name
Password
Linux - General This Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.

Notices

Reply
 
Search this Thread
Old 10-24-2002, 01:17 PM   #1
antken
Member
 
Registered: Nov 2000
Location: england
Distribution: latest Mandrake
Posts: 368

Rep: Reputation: 30
2 part question


hi,

i have two questions today, i think both of them are linked in some way

1.
i have mandy 8.2 setup as a server with security level set on higher
when i need to ping a host i have to log in as me then log in as root

how can i make ping work for my user?


2.
i have been playing around with loopback file systems and stuff and i would like to use one with my user but i would only like to mount it when i need it

when i run the mount command it says mount: only root can do that
can this be changed?

any ideas?

p.s. i am trying to do these things on the same box
 
Old 10-24-2002, 03:16 PM   #2
Mara
Moderator
 
Registered: Feb 2002
Location: Grenoble
Distribution: Debian
Posts: 9,536

Rep: Reputation: 148Reputation: 148
Re: 2 part question

Quote:
Originally posted by antken

1.
i have mandy 8.2 setup as a server with security level set on higher
when i need to ping a host i have to log in as me then log in as root

how can i make ping work for my user?
You have many options... One of them is to add a new group (for example pingusers) and assign your user to the group. Then change permissions to /bin/ping, set it to root.pingusers, check if group can execute it. If "x" for group is set, all users in the group "pingusers" can use ping. You can add more users by simply adding them to the group.
Quote:

2.
i have been playing around with loopback file systems and stuff and i would like to use one with my user but i would only like to mount it when i need it

when i run the mount command it says mount: only root can do that
can this be changed?
Hmmm... that's harder. Only root can mount partitions/devices with parameters (other users: only devices specified in fstab). You can make mount setuid root (unsafe) or play with sudo.

Last edited by Mara; 10-24-2002 at 03:18 PM.
 
Old 10-24-2002, 08:58 PM   #3
RijilV
Member
 
Registered: Sep 2002
Location: somewhere
Distribution: gentoo
Posts: 123

Rep: Reputation: 15
part 2:

in your fstab:

<device or file> <mount point> <fstype, like reiserfs> noauto,rw,user,loop 0 0

or in the case of encryption:

<device or file> <mount point> <fstype, like reiserfs> noauto,rw,user,loop,encryption=<cypher, like twofish> 0 0

I've been using loopback encryption for quite some time... I typically use a whole partition for it, but whatever, you can use a file, its all the same thing
 
Old 10-25-2002, 07:52 AM   #4
Mik
Senior Member
 
Registered: Dec 2001
Location: The Netherlands
Distribution: Ubuntu
Posts: 1,316

Rep: Reputation: 46
Well using the user ID bit is set (s) for several executables, which allows normal users to do things like ping and mount etc....
I assume it's reset those bits because you have your security set to high. If you feel it is safe for normal user to be allowed to ping and mount things then you can set the user ID bit on those executables again. Ex: chmod u+s /bin/ping
I have the user ID bit set on the following files in /bin:
Code:
-rwsr-xr-x    1 root     audio       84001 Sep 20  2001 eject
-rwsr-xr-x    1 root     root        68804 Sep 21  2001 mount
-rwsr-xr-x    1 root     root        29680 Sep 20  2001 ping
-rwsr-xr-x    1 root     root        17396 Sep 20  2001 ping6
-rwsr-xr-x    1 root     root        31253 Sep 20  2001 su
-rwsr-xr-x    1 root     root        35868 Sep 21  2001 umount
If you only want specific users to be able to use those executables then you will have to setup something with sudo.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
2 part question citrus Linux - Newbie 2 01-09-2005 08:03 PM
2 part question: Speeding up MDK9.1/GNOME question wardialer Linux - Newbie 6 10-14-2004 03:16 PM
2-part question. unixfreak Mandriva 4 08-16-2004 09:48 AM
swap part. question pine0279 Slackware 17 11-18-2003 07:26 AM
Two Part Question zuessh Linux - General 2 02-11-2003 01:03 PM


All times are GMT -5. The time now is 10:48 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration