similar to: Allow execution of commands via ssh but not to login

Displaying 20 results from an estimated 20000 matches similar to: "Allow execution of commands via ssh but not to login"

2017 Jan 11
1
Allow execution of commands via ssh but not to login
I made my search on google way to complicated for nothing.... :( Thanks John and Seb! authorized_keys will do the job. On Wed, Jan 11, 2017 at 10:40 AM, seb <sebastien at r2-info.fr> wrote: > Hi, > > you can use the option command your /home/user/.ssh/authorized_keys . > > for example : > > command="cd /some_where; other command , ssh-rsa key ....."
2017 Jan 11
0
Allow execution of commands via ssh but not to login
Hi, you can use the option command your /home/user/.ssh/authorized_keys . for example : command="cd /some_where; other command , ssh-rsa key ....." Le 11/01/2017 ? 16:34, Bernard Fay a ?crit : > Hi, > > Is there a way to allow a user to execute commands via ssh, for example: > "ssh user at server ls", but disallow the same user to login on this server >
2017 Feb 22
4
how to resize a partition of a disk define as a physical volume
How do you resize the partition without loosing data? gparted does not support LVM. On Wed, Feb 22, 2017 at 8:37 AM, SysAdmin <admin at s-s.network> wrote: > Hi, > > you need to resize partition /dev/xvda2, afterwards resize pv. > > Regards, > Holger > > > -----Urspr?ngliche Nachricht----- > > Von: CentOS [mailto:centos-bounces at centos.org] Im Auftrag
2017 May 26
3
Fix for the CVE-2017-7494?
Hi, Does a fix has already been made in the CenOS RPM repositories for this Samba remote execution code vulnerability, CVE-2017-7494? Thx, Bernard
2016 Sep 29
5
Failed to find sambaDomain object to get sambaAlgorithmicRidBase
Hello group, When I try to add sambaSAMAccount object class to a user with smbldap-usermod, I have the following error: smbldap-usermod -a bernard.fay Failed to find sambaDomain object to get sambaAlgorithmicRidBase at /usr/share/perl5/vendor_perl/smbldap_tools.pm line 1235. Someone have an idea of the problem? Thanks, Bernard
2017 Oct 23
2
Unable to apply mysqld_db_t to mysql directory
Interesting to see the Equivalence. As a first thing, I tried: semanage fcontext -a -e /var/lib/mysql.old /var/lib/mysql then restorecon -R /var/lib/mysql # semanage fcontext -lC SELinux fcontext type Context /home/users(/.*)? all files system_u:object_r:user_home_dir_t:s0 /var/lib/mysql all
2017 May 26
2
Fix for the CVE-2017-7494?
On Fri, 26 May 2017, Christian, Mark wrote: > On Fri, 2017-05-26 at 11:19 -0400, Bernard Fay wrote: >> Hi, >> >> Does a fix has already been made in the CenOS RPM repositories for this >> Samba remote execution code vulnerability, CVE-2017-7494? > yes. samba-3.6.23-43.el6_9.x86_64.rpm And samba-*-4.4.4-14.el7_3.x86_64 -- Paul Heinlein <> heinlein at
2016 Sep 28
2
Could not fetch domain SID
Hello, I try to setup a new test environment with Samba and LDAP but I could not get my domain SID. [root@ ~]# net getdomainsid SID for local machine LDAP-TEST is: S-1-5-21-1044143993-2427131616-1047417663 Could not fetch domain SID What I am do wrong or forget to do? Thanks, Bernard
2016 Nov 08
1
How to start a script to complete configuration
It would be hard to use ansible, cfengine or whatever while there no IP address on the new VM..... On Tue, Nov 8, 2016 at 10:47 AM, <cpolish at surewest.net> wrote: > On 2016-11-07 14:35, Bernard Fay wrote: > > Hi, > > > > We have a virtual environment based on XenServer. In this environment I > > defined a template for CentOS 7 servers. > > > > I
2016 Sep 16
2
SELinux module
Hello everyone, I have a problem with oddjob_mkhomedir on a NFS mount point. The actual context is nfs_t drwxr-xr-x. root root system_u:object_r:nfs_t:s0 users/ With this type, oddjob_mkhomedir cannot do is job of creating home user directories. In the logs, I found about creating a new module with audi2allow and semodule: [root@ audit]# sealert -l fe2d7f60-d3ff-405b-b518-38d0cf021598
2016 Nov 07
3
How to start a script to complete configuration
Hi, We have a virtual environment based on XenServer. In this environment I defined a template for CentOS 7 servers. I would like to start a script a boot time to complete the configuration of new VMs based on this template. How can I have a script started before any login prompt to ask question to the user to complete the configuration such as hostname, IP address, etc? Thanks, Bernard
2016 Oct 17
3
SELinux context not applied
Hi, I tried to apply a security context on a directory with the following commands: [root@ local]# semanage fcontext -a -t httpd_sys_rw_content_t "netdot(/.*)?" [root@ local]# restorecon -R netdot/ When I list the contexts, it is part of the list.... [root@ local]# semanage fcontext -l | grep netdot ./netdot(/.*)? all files
2017 Feb 28
2
sshd Match Group directive problem
I try to set up two "Match Group" directives in sshd_config. I have an LDAP server. All users including admins are part of the LDAP group users. The admins users are also part of the LDAP group wheel. For example: [~]groups admin1 admin1 : users wheel [~]groups users user1 : users On a client server to LDAP, I try to configure two "Match Group" directives in sshd_config as
2017 Oct 23
2
Unable to apply mysqld_db_t to mysql directory
Thanks, I managed to fix /var/lib/mysql # ls -ldZ /var/lib/mysql drwxr-xr-x. mysql mysql system_u:object_r:mysqld_db_t:s0 /var/lib/mysql To fix it, I tried: semanage fcontext -d -e /var/lib/mysql this command returned: KeyError: /var/lib/mysql I tried restorecon anyway: restorecon -Rv /var/lib/mysql But not better: ls -ldZ /var/lib/mysql drwxr-xr-x. mysql mysql system_u:object_r:var_lib_t:s0
2016 Sep 28
1
Could not fetch domain SID
Hello, I try to setup a new test environment with Samba and LDAP on CentOS 7 but I could not get my domain SID: [root@ ~]# net getdomainsid SID for local machine LDAP-TEST is: S-1-5-21-1044143993- 2427131616-1047417663 Could not fetch domain SID What I do wrong or forget to do? Thanks, Bernard
2017 May 08
1
users still member of LDAP group after being removed from group 5 days ago
Hi, Last Thursday I removed users from an LDAP group and today the Linux command groups still shows those users as member of this group. I double checked in the LDAP to make sure the users are really removed and also not part of the local Linux group users on both the server hosting the LDAP service and the Linux clients. Could this be related to a cache somewhere? If not cache related what
2016 Jul 07
2
How to have more than on SELinux context on a directory
On 06/07/16 21:17, Bernard Fay wrote: > I can access /depot/tftp from a tftp client but unable to do it from a > Windows client as long as SELinux is enforced. If SELinux is permissive I > can access it then I know Samba is properly configured. > > # getenforce > Enforcing > # ls -dZ /depot/tftp/ > drwxrwxrwx. root root system_u:object_r:tftpdir_rw_t:s0 /depot/tftp/ >
2016 Sep 30
2
Failed to find sambaDomain object to get sambaAlgorithmicRidBase
I didn't use smbldap-populate. I used ldif files to add groups to LDAP with ldapadd. You have rather good questions, NT4 or AD style, I don't know. I am a Unix guy with very few knowledge in Windows stuff and I try to stay away from it as much as I can. I have been asked to setup a new LDAP directory with Samba passwords stored in this LDAP directory. I base my work on an actual LDAP
2016 Sep 20
2
smbldap-passwd does not update samba password
What do you mean by ACIs? On Mon, Sep 19, 2016 at 3:56 PM, Gordon Messmer <gordon.messmer at gmail.com> wrote: > On 09/19/2016 10:18 AM, Bernard Fay wrote: > >> Any idea what can be wrong on my server? >> > > > What are your ACIs? > > > _______________________________________________ > CentOS mailing list > CentOS at centos.org >
2016 Sep 22
2
smbldap-passwd does not update samba password
I have never heard of ACI before and I really do not know what it is. In the other hand, what does this have do to with the passwords in Samba? Obviously, there are many things I do not know about LDAP and Samba but I have to manage it.... On Tue, Sep 20, 2016 at 10:16 AM, Gordon Messmer <gordon.messmer at gmail.com> wrote: > On 09/20/2016 04:05 AM, Bernard Fay wrote: > >>