Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here. |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
09-07-2006, 03:57 PM
|
#1
|
LQ Newbie
Registered: Feb 2005
Distribution: RH9, RHEnt.
Posts: 23
Rep:
|
user permissions to create files and directories via ssh
Stupid newbie question....
I am starting a new linux server (RHEL4) and the only user right now is root. The only person administering the box is myself (at least with root access).
There is one other person who needs access via SSH (which is setup) to change a few settings for our apache sevrer.
I created a user ID for this person and he can currently login via SSH but he cannot change any files that need to changed. I put him into the root group but still cannot change anything....I know I can have him "su" to root but that would be giving him root password....I do not want to give him root password. How can I change his user ID permissions so he can change files in the apache2 directory? OR is it possible to give him a temporary root password that I can disable later?
Thanks Much!
Last edited by ringding; 09-07-2006 at 04:27 PM.
|
|
|
09-07-2006, 04:38 PM
|
#2
|
Moderator
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417
|
ok, well your main point of reference is possible sudo, which lets you customize the /etc/sudoers file to allow non-root users to edit root owned files without root password. alternatively change the ownership of the files and the directory they live in to be owned by another group or user that they do have access to. what directory do you mean by the apache2 directory? /var/www/html or something? with fles here, as long as the apache daemon user (which may be root, apache or somethign else) can read those files, it doesn't matter who owns them,
|
|
|
09-07-2006, 05:10 PM
|
#3
|
LQ Newbie
Registered: Feb 2005
Distribution: RH9, RHEnt.
Posts: 23
Original Poster
Rep:
|
AH!!....the sudo option sounds like the way to go!!!!
This way, once he is done modifying what he needs to I can simply remove it from the sudoers file and he will no longer have access.
Would he use the same password to authenticate as his normal user password?
i.e. sudo <enter>
then authenticate
then vi filename <enter>
OR
i.e. sudo vi filename <enter>
then authenticate
Oh and I think "apache2" directory which is /usr/local/apache2/....is created when you compile a new apache server from source....
THANKS ALOT!!!
|
|
|
09-07-2006, 05:34 PM
|
#4
|
Moderator
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417
|
the first scenario you gave is closer to the su command, where you do need the root password, and compltely become root from then on. the second is correct for sudo, and they enter their own password (or none) as defined in /etc/sudoers.
|
|
|
All times are GMT -5. The time now is 01:22 PM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|