Displaying 20 results from an estimated 2000 matches similar to: "Giving full administrator privileges through sudo on production systems"
2019 Aug 16
1
Giving full administrator privileges through sudo on production systems
> On Aug 16, 2019, at 6:21 AM, Warren Young <warren at etr-usa.com> wrote:
>
> On Aug 15, 2019, at 11:04 PM, Bagas Sanjaya <bagasdotme at gmail.com> wrote:
>>
>> Based on above cases, is it OK to give group of random users full administrator privileges using sudo, by adding them to sudoers with ALL privileges? Should sudoers call customer service number instead
2019 Aug 17
3
Giving full administrator privileges through sudo on production systems
Why did you say it is wrong to give full admin privileges to random users?
--
An old man doll... just what I always wanted! - Clara
2019 Jun 26
2
Replacing kernel-headers with custom compiled version (from kernel.org) - safe?
Hello CentOS users,
Currently I have compiled kernel version 4.19.37, which the source is from kernel.org. I compiled the kernel by following
steps:
- get the kernel tarball and unpack it
- install prerequisties as described in https://wiki.centos.org/HowTos/Custom_Kernel (in addition bc and openssl-devel)
- copy the kernel configuration:
$ cp /boot/config-3.10.0-957.21.3.el7.x86_64
2019 Aug 16
0
Giving full administrator privileges through sudo on production systems
On Aug 15, 2019, at 11:04 PM, Bagas Sanjaya <bagasdotme at gmail.com> wrote:
>
> Based on above cases, is it OK to give group of random users full administrator privileges using sudo, by adding them to sudoers with ALL privileges? Should sudoers call customer service number instead of sysadmin when something breaks?
sudo is a tool for expressing and enforcing a site?s policies
2019 Jun 26
1
Replacing kernel-headers with custom compiled version (from kernel.org) - safe?
On 26/06/19 23.51, Akemi Yagi wrote:
> On Wed, Jun 26, 2019 at 5:20 AM Bagas Sanjaya <bagasdotme at gmail.com> wrote:
>> Hello CentOS users,
>>
>> Currently I have compiled kernel version 4.19.37, which the source is from kernel.org. I compiled the kernel by following
>> steps:
>> - get the kernel tarball and unpack it
>> - install prerequisties as
2019 Aug 16
0
Giving full administrator privileges through sudo on production systems
Le 16/08/2019 ? 07:04, Bagas Sanjaya a ?crit?:
> Based on above cases, is it OK to give group of random users full
> administrator privileges using sudo, by adding them to sudoers with ALL
> privileges?
Short answer : this is VERY wrong.
Cheers,
Niki
--
Microlinux - Solutions informatiques durables
7, place de l'?glise - 30730 Montpezat
Site : https://www.microlinux.fr
Mail :
2019 Aug 17
0
Giving full administrator privileges through sudo on production systems
On Fri, Aug 16, 2019 at 8:39 PM Bagas Sanjaya <bagasdotme at gmail.com> wrote:
> Why did you say it is wrong to give full admin privileges to random users?
>
$ sudo rm -rf /
$ sudo <install keylogger of choice>
$ sudo cp /etc/{passwd,shadow} $home; (run john-the-ripper against
passwd/shadow files).
etc etc etc.
--
-john r pierce
recycling used bits in santa cruz
2019 Aug 17
2
Giving full administrator privileges through sudo on production systems
> On Aug 16, 2019, at 11:12 PM, John Pierce <jhn.pierce at gmail.com> wrote:
>
> On Fri, Aug 16, 2019 at 8:39 PM Bagas Sanjaya <bagasdotme at gmail.com> wrote:
>
>> Why did you say it is wrong to give full admin privileges to random users?
>>
>
>
> $ sudo rm -rf /
>
I like this one. Long-long ago it was one of the ?tricky? questions at the
2023 Dec 02
3
Kernel problem with multiseat on one card
On Thu, Nov 30, 2023 at 11:48:24AM +0100, Gert Vanhaerents wrote:
> Hi Kernel list,
> I'm the IT person of a school, earlier we used multiseatcomputers for the
> school, i have maded with a XGL implementation and it works fine but not so
> fantastic. The school wants that i build new computers but the XGL project
> is too outdated so i can't use it anymore.
>
> How
2011 Jul 25
3
Sudo #includedir function ignored CentOS 6
I am unable to get the #includedir function to work with sudo. This works
just fine on all my CentOS 5.6 servers, but on 6 it is being ignored. I
have this line in the file /etc/sudoers.d/zabbix-puppet
zabbix ALL=NOPASSWD: /var/lib/zabbix/bin/start_puppet
However sudo still requires a password. If I put that same line into
/etc/sudoers file , there is no password prompt. At the end of my
2005 Dec 10
6
Wierd ZFS interaction with sudo?
I''ve just installed express b28 on my system. After installing, I
decided to move /opt to a zfs pool home/opt. After installing
Blastwave''s latest sudo, I did my usual edits of sudoers.
When I attempted to execute sudo ls to test things I got this:
rtfm:/opt/csw/etc:>sudo ls
sudo: /opt/csw/etc/sudoers is owned by gid 1, should be 0
But /opt/csw/etc/sudoers permissions
2013 Jul 17
3
sudo add user script
Hello list,
I took another stab at finding a way to add a sudo user remotely and it
gets you most of the way there. If you execute the script as root it works
beautifully and does just what you want. Which is add the user to the
group and gives that user group rights to certain commands.
But if you execute it as a user who only has sudo access to the
/etc/sudoers file it errors out.
cloud:~]
2019 Apr 12
3
Sudo rules in samba with winbind
Hello All,
I am currently changing my samba linux clients (Debian) from sssd binding
to winbind.
With sssd I had all sudo rules within the samba active directory.
The configuration was based on:
https://lists.samba.org/archive/samba/2016-April/199402.html
Is there some guideline like the one mentioned available/has someone
already experience with this for winbind based clients?
Within the
2010 Dec 10
4
sudo doing DNS lookup
Hi,
I have a confusing problem. I have two centos 5,5 boxes. Both have
sudo.i386 1.7.2p1-9.el5_5
installed
I am using the same sudoers file, but the one on box A keeps trying to
do DNS lookups
while the one on box B does not. How do I disable this DNS lookup?
Thanks for any info.
--
Stephen Clark
*NetWolves*
Sr. Software Engineer III
Phone:
2009 Oct 23
1
making a plot in xyplot
Hello,
I am a newbie to the lattice package in R, and I'm trying to make a plot using the xyplot function. I have repeated measures data (2 conditions) for two different groups of subjects (teens and adults).
So far, I've made a basic graph using xyplot(y ~x, group=subnum, data=mydata, type="b").
Now I would like to make all the teens' lines one color and the adults'
2006 Sep 07
3
Sudo(ers) distrobution system/script
Just wondering if anyone out there is using sudo across a bunch of
machines and has a system/script for painlessly distributing a master
sudoers file? is it as easy as a daily cronjob running wget/scp/rsync?
2006 Aug 18
4
ZFS Filesytem Corrpution
Hi,
I have been seeing data corruption on the ZFS filesystem. Here are
some details. The machine is running s10 on X86 platform with a single
160Gb SATA disk. (root on s0 and zfs on s7)
...Sanjaya
--------- /etc/release ----------
-bash-3.00# cat /etc/release
Solaris 10 6/06 s10x_u2wos_09a X86
Copyright 2006 Sun Microsystems, Inc. All Rights
2023 Feb 21
2
[GIT PULL] virtio,vhost,vdpa: features, fixes
The following changes since commit ceaa837f96adb69c0df0397937cd74991d5d821a:
Linux 6.2-rc8 (2023-02-12 14:10:17 -0800)
are available in the Git repository at:
https://git.kernel.org/pub/scm/linux/kernel/git/mst/vhost.git tags/for_linus
for you to fetch changes up to deeacf35c922da579637f5db625af20baafc66ed:
vdpa/mlx5: support device features provisioning (2023-02-20 19:27:00 -0500)
2014 Jan 19
1
sudo (+ldap+kerberos) not accepting password
So I have this centos 5.10 box which authenticates network users
against ldap(authorizing)+kerberos(authentication). And I now would
like to have sudo be able to allow admins (netgroup chinbeards) to
sudo about. I am not using sssd though (yet).
Here is the output of me trying sudo (debug on):
[raub at centos5-x64 ~]$ sudo pwd
LDAP Config Summary
===================
uri
2010 Jan 22
5
Add /sbin to sudo PATH
Hello,
Does anyone have an idee how to add /sbin to the sudo $PATH environment?
Adding /sbin to .bashrc $PATH isn't really what I want...
I'd like sudoers to be able to run:
$ sudo chkconfig
And not:
$ sudo /sbin/chkconfig
Thanks
Sam