LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 05-12-2014, 04:48 AM   #1
orbs
LQ Newbie
 
Registered: May 2014
Posts: 3

Rep: Reputation: Disabled
Windows runas /netonly equivalent or implementation?


hello all,

first, i'm not quite sure which forum is best fit for this thread. so if an LQ admin wishes to move this thread to a more appropriate forum, please do.

intro: Windows "runas /netonly" is able to authenticate to local resources as yourself (the logged-on user), but authenticate to network resources as another user.

as i understand, sudo authenticates to both local and network resources as another user.

how does one implement split authentication in Linux?

thanks for any hints.
 
Old 05-12-2014, 04:51 AM   #2
descendant_command
Senior Member
 
Registered: Mar 2012
Posts: 1,385

Rep: Reputation: 354Reputation: 354Reputation: 354Reputation: 354
What are you trying to do?
 
Old 05-12-2014, 05:41 AM   #3
orbs
LQ Newbie
 
Registered: May 2014
Posts: 3

Original Poster
Rep: Reputation: Disabled
ERRRGH! i wrote a full 4-paragraph answer, and when i clicked "Submit" the forum kicked me out! said i wasn't logged-in!

so i'll be very brief now:
Windows legacy app. no networking. stores sensitive data on a file server (SMB share, no matter what platform). no server-side. data is accessed only when network share is mounted.
PROBLEM: user has direct access to data.
SOLUTION (under Windows): runas /netonly with user account that has access to the file server.

i'm asked to port the application to Linux clients. app running OK under Wine. Wine must have the volume mounted => same problem. Wine has no independent networking capabilities => solution does not apply.

hope this explains better, feel free to ask further. any suggestions or leads are welcome.
 
Old 05-12-2014, 02:51 PM   #4
orbs
LQ Newbie
 
Registered: May 2014
Posts: 3

Original Poster
Rep: Reputation: Disabled
investigating further, i just stumbled upon AppArmor. quote from it's description at the Wiki:
http://wiki.apparmor.net/index.php/Main_Page

"AppArmor security policies completely define what system resources individual applications can access, and with what privileges."

sounds like it's just what i need, but... i need it to enforce a "allow" policy for a specific Wine application, not the Wine launcher itself; while enforce a "deny" policy for anything else, including the user; and the system resource in question is on network, not local.

AppArmor users/gurus, are you there? can AppArmor do it?
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
sudoers problem with using NOPASSWD in conjuction with runas everett-tek Linux - Newbie 3 07-29-2009 08:36 PM
LXer: Looking Ahead: GNOME Desktop a Windows Implementation for the Linux Kernel? LXer Syndicated Linux News 0 08-30-2007 02:10 PM
Is there an equivalent of nm in Windows? [KIA]aze Programming 5 08-09-2007 08:58 AM
Permission denied when access linux from windows through NFS implementation red_colt Linux - Networking 2 08-12-2005 03:54 AM
?Iptables equivalent in windows pudhiyavan Linux - Security 1 11-06-2003 11:54 PM


All times are GMT -5. The time now is 04:44 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration