Displaying 20 results from an estimated 20000 matches similar to: "Allow execution of commands via ssh but not to login"
2017 Jan 11
1
Allow execution of commands via ssh but not to login
I made my search on google way to complicated for nothing.... :(
Thanks John and Seb! authorized_keys will do the job.
On Wed, Jan 11, 2017 at 10:40 AM, seb <sebastien at r2-info.fr> wrote:
> Hi,
>
> you can use the option command your /home/user/.ssh/authorized_keys .
>
> for example :
>
> command="cd /some_where; other command , ssh-rsa key ....."
2017 Jan 11
0
Allow execution of commands via ssh but not to login
Hi,
you can use the option command your /home/user/.ssh/authorized_keys .
for example :
command="cd /some_where; other command , ssh-rsa key ....."
Le 11/01/2017 ? 16:34, Bernard Fay a ?crit :
> Hi,
>
> Is there a way to allow a user to execute commands via ssh, for example:
> "ssh user at server ls", but disallow the same user to login on this server
>
2017 Feb 22
4
how to resize a partition of a disk define as a physical volume
How do you resize the partition without loosing data?
gparted does not support LVM.
On Wed, Feb 22, 2017 at 8:37 AM, SysAdmin <admin at s-s.network> wrote:
> Hi,
>
> you need to resize partition /dev/xvda2, afterwards resize pv.
>
> Regards,
> Holger
>
> > -----Urspr?ngliche Nachricht-----
> > Von: CentOS [mailto:centos-bounces at centos.org] Im Auftrag
2017 May 26
3
Fix for the CVE-2017-7494?
Hi,
Does a fix has already been made in the CenOS RPM repositories for this
Samba remote execution code vulnerability, CVE-2017-7494?
Thx,
Bernard
2016 Sep 29
5
Failed to find sambaDomain object to get sambaAlgorithmicRidBase
Hello group,
When I try to add sambaSAMAccount object class to a user with
smbldap-usermod, I have the following error:
smbldap-usermod -a bernard.fay
Failed to find sambaDomain object to get sambaAlgorithmicRidBase at
/usr/share/perl5/vendor_perl/smbldap_tools.pm line 1235.
Someone have an idea of the problem?
Thanks,
Bernard
2017 Oct 23
2
Unable to apply mysqld_db_t to mysql directory
Interesting to see the Equivalence. As a first thing, I tried:
semanage fcontext -a -e /var/lib/mysql.old /var/lib/mysql
then
restorecon -R /var/lib/mysql
# semanage fcontext -lC
SELinux fcontext type
Context
/home/users(/.*)? all files
system_u:object_r:user_home_dir_t:s0
/var/lib/mysql all
2017 May 26
2
Fix for the CVE-2017-7494?
On Fri, 26 May 2017, Christian, Mark wrote:
> On Fri, 2017-05-26 at 11:19 -0400, Bernard Fay wrote:
>> Hi,
>>
>> Does a fix has already been made in the CenOS RPM repositories for this
>> Samba remote execution code vulnerability, CVE-2017-7494?
> yes. samba-3.6.23-43.el6_9.x86_64.rpm
And samba-*-4.4.4-14.el7_3.x86_64
--
Paul Heinlein <> heinlein at
2016 Sep 28
2
Could not fetch domain SID
Hello,
I try to setup a new test environment with Samba and LDAP but I could not
get my domain SID.
[root@ ~]# net getdomainsid
SID for local machine LDAP-TEST is:
S-1-5-21-1044143993-2427131616-1047417663
Could not fetch domain SID
What I am do wrong or forget to do?
Thanks,
Bernard
2016 Nov 08
1
How to start a script to complete configuration
It would be hard to use ansible, cfengine or whatever while there no IP
address on the new VM.....
On Tue, Nov 8, 2016 at 10:47 AM, <cpolish at surewest.net> wrote:
> On 2016-11-07 14:35, Bernard Fay wrote:
> > Hi,
> >
> > We have a virtual environment based on XenServer. In this environment I
> > defined a template for CentOS 7 servers.
> >
> > I
2016 Sep 16
2
SELinux module
Hello everyone,
I have a problem with oddjob_mkhomedir on a NFS mount point. The actual
context is nfs_t
drwxr-xr-x. root root system_u:object_r:nfs_t:s0 users/
With this type, oddjob_mkhomedir cannot do is job of creating home user
directories.
In the logs, I found about creating a new module with audi2allow and
semodule:
[root@ audit]# sealert -l fe2d7f60-d3ff-405b-b518-38d0cf021598
2016 Nov 07
3
How to start a script to complete configuration
Hi,
We have a virtual environment based on XenServer. In this environment I
defined a template for CentOS 7 servers.
I would like to start a script a boot time to complete the configuration of
new VMs based on this template. How can I have a script started before any
login prompt to ask question to the user to complete the configuration such
as hostname, IP address, etc?
Thanks,
Bernard
2016 Oct 17
3
SELinux context not applied
Hi,
I tried to apply a security context on a directory with the following
commands:
[root@ local]# semanage fcontext -a -t httpd_sys_rw_content_t "netdot(/.*)?"
[root@ local]# restorecon -R netdot/
When I list the contexts, it is part of the list....
[root@ local]# semanage fcontext -l | grep netdot
./netdot(/.*)? all files
2017 Feb 28
2
sshd Match Group directive problem
I try to set up two "Match Group" directives in sshd_config.
I have an LDAP server. All users including admins are part of the LDAP
group users. The admins users are also part of the LDAP group wheel. For
example:
[~]groups admin1
admin1 : users wheel
[~]groups users
user1 : users
On a client server to LDAP, I try to configure two "Match Group" directives
in sshd_config as
2017 Oct 23
2
Unable to apply mysqld_db_t to mysql directory
Thanks, I managed to fix /var/lib/mysql
# ls -ldZ /var/lib/mysql
drwxr-xr-x. mysql mysql system_u:object_r:mysqld_db_t:s0 /var/lib/mysql
To fix it, I tried:
semanage fcontext -d -e /var/lib/mysql
this command returned:
KeyError: /var/lib/mysql
I tried restorecon anyway:
restorecon -Rv /var/lib/mysql
But not better:
ls -ldZ /var/lib/mysql
drwxr-xr-x. mysql mysql system_u:object_r:var_lib_t:s0
2016 Sep 28
1
Could not fetch domain SID
Hello,
I try to setup a new test environment with Samba and LDAP on CentOS 7 but I
could not get my domain SID:
[root@ ~]# net getdomainsid
SID for local machine LDAP-TEST is: S-1-5-21-1044143993-
2427131616-1047417663
Could not fetch domain SID
What I do wrong or forget to do?
Thanks,
Bernard
2017 May 08
1
users still member of LDAP group after being removed from group 5 days ago
Hi,
Last Thursday I removed users from an LDAP group and today the Linux
command groups still shows those users as member of this group. I double
checked in the LDAP to make sure the users are really removed and also not
part of the local Linux group users on both the server hosting the LDAP
service and the Linux clients.
Could this be related to a cache somewhere? If not cache related what
2016 Jul 07
2
How to have more than on SELinux context on a directory
On 06/07/16 21:17, Bernard Fay wrote:
> I can access /depot/tftp from a tftp client but unable to do it from a
> Windows client as long as SELinux is enforced. If SELinux is permissive I
> can access it then I know Samba is properly configured.
>
> # getenforce
> Enforcing
> # ls -dZ /depot/tftp/
> drwxrwxrwx. root root system_u:object_r:tftpdir_rw_t:s0 /depot/tftp/
>
2016 Sep 30
2
Failed to find sambaDomain object to get sambaAlgorithmicRidBase
I didn't use smbldap-populate. I used ldif files to add groups to LDAP with
ldapadd.
You have rather good questions, NT4 or AD style, I don't know. I am a Unix
guy with very few knowledge in Windows stuff and I try to stay away from it
as much as I can. I have been asked to setup a new LDAP directory with
Samba passwords stored in this LDAP directory.
I base my work on an actual LDAP
2016 Sep 20
2
smbldap-passwd does not update samba password
What do you mean by ACIs?
On Mon, Sep 19, 2016 at 3:56 PM, Gordon Messmer <gordon.messmer at gmail.com>
wrote:
> On 09/19/2016 10:18 AM, Bernard Fay wrote:
>
>> Any idea what can be wrong on my server?
>>
>
>
> What are your ACIs?
>
>
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
>
2016 Sep 22
2
smbldap-passwd does not update samba password
I have never heard of ACI before and I really do not know what it is.
In the other hand, what does this have do to with the passwords in Samba?
Obviously, there are many things I do not know about LDAP and Samba but I
have to manage it....
On Tue, Sep 20, 2016 at 10:16 AM, Gordon Messmer <gordon.messmer at gmail.com>
wrote:
> On 09/20/2016 04:05 AM, Bernard Fay wrote:
>
>>