Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here. |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
12-05-2007, 02:15 PM
|
#1
|
LQ Newbie
Registered: Mar 2006
Location: Mexico
Distribution: RHL AS 3 RHL 9
Posts: 7
Rep:
|
Creating admin account for services
Hi, im trying to configure a user account taht would be allowed to start vsftpd service, smb service, apache2 service.
I added a username and defined the initial group as adm and then added that other groups as daemon and bin. Im usin linux.
What else can i do to grant a user account grants so it can iniciate services such as vsftpd, samba, apache.
Thanks
|
|
|
12-05-2007, 02:49 PM
|
#2
|
LQ Guru
Registered: Nov 2003
Location: N. E. England
Distribution: Fedora, CentOS, Debian
Posts: 16,298
Rep:
|
Usually the system automatically creates its own users for the services you mentioned, so there may be no need for you to create a user specifically for those services.
|
|
|
12-05-2007, 03:42 PM
|
#3
|
Member
Registered: Oct 2007
Distribution: rhel, fedora, gentoo, ubuntu, freebsd
Posts: 104
Rep:
|
Sounds to me like you're basically asking "how do I set up sudo so certain users can run specific init scripts"?
Last edited by complich8; 12-05-2007 at 03:43 PM.
|
|
|
12-05-2007, 03:43 PM
|
#4
|
LQ Guru
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870
|
You could setup sudo to let the user account execute those specific binaries.
|
|
|
12-05-2007, 06:21 PM
|
#5
|
LQ Newbie
Registered: Mar 2006
Location: Mexico
Distribution: RHL AS 3 RHL 9
Posts: 7
Original Poster
Rep:
|
Quote:
Originally Posted by reddazz
Usually the system automatically creates its own users for the services you mentioned, so there may be no need for you to create a user specifically for those services.
|
Yes i have for example an apache user but is set to /nologin but i have 2 apache server one came with the red hat i have and the other one apache2 i installed.
Do i need to change the /nolgoin option for that user so i can use it. And for the vsftpd and smb services i dont have a specific user under /etc/passwd.
Is there something you can recomend me to do
Thanks.
|
|
|
12-05-2007, 06:26 PM
|
#6
|
LQ Newbie
Registered: Mar 2006
Location: Mexico
Distribution: RHL AS 3 RHL 9
Posts: 7
Original Poster
Rep:
|
Sudo
Quote:
Originally Posted by win32sux
You could setup sudo to let the user account execute those specific binaries.
|
I have not used sudo, comlich8 has mentioned sudo command to. Ill look form some doc on the google to get around that command. think that is what i need.
I have tested the command with the admsvc user i created, but when i execute sudo it automatically asks me for a password. I have to set up some permissions so that user can run the services i want to, that will solve my issue?
Ill research and post my results.
Tanks for the help, you all!
|
|
|
12-05-2007, 07:04 PM
|
#7
|
LQ Guru
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870
|
Quote:
Originally Posted by jrvt
I have tested the command with the admsvc user i created, but when i execute sudo it automatically asks me for a password. I have to set up some permissions so that user can run the services i want to, that will solve my issue?
|
sudo can be setup to require (or NOT require) sudoers to type their password. It's up to you. You don't need to set any special permissions on the service binaries if you use sudo. Just create the group you want to use for sudoers, add the appropriate line to /etc/sudoers (using the visudo tool), and then add any users which you want to be sudoers to that group. There's tons of examples on the WWW.
|
|
|
12-06-2007, 01:26 AM
|
#8
|
LQ Guru
Registered: Nov 2003
Location: N. E. England
Distribution: Fedora, CentOS, Debian
Posts: 16,298
Rep:
|
Quote:
Originally Posted by jrvt
Yes i have for example an apache user but is set to /nologin but i have 2 apache server one came with the red hat i have and the other one apache2 i installed.
Do i need to change the /nolgoin option for that user so i can use it. And for the vsftpd and smb services i dont have a specific user under /etc/passwd.
Is there something you can recomend me to do
Thanks.
|
My apologies. I thought you wanted to create a system user to run those services. Anyway, I think follow the suggestions posted by others in this thread and use something like sudo.
|
|
|
12-06-2007, 10:16 AM
|
#9
|
LQ Newbie
Registered: Mar 2006
Location: Mexico
Distribution: RHL AS 3 RHL 9
Posts: 7
Original Poster
Rep:
|
Works!
Thanks for the help. Now i have set up the account i created to use sudo and it can manage the services i want.
Thanks again.
|
|
|
All times are GMT -5. The time now is 11:44 AM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|