Re: [CentOS] strange su behavior
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Am 09.03.2010 22:22, schrieb Tom H: Do you have any sudo call from your /etc or /etc/skel bashrc or profile...? Yes, I do have in /etc/bashrc: sudo -l Unless you already understood: su - make the shell a login shell so sudo -l in bashrc is executed, which asks for the user's password Understood, who is asking - not understood why sudo -l is asking for the password and why just hitting the enter key works sudo -l lists the commands that you are allowed to run with sudo That is clear to me, but why does this command request the password? -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEcBAEBAgAGBQJLl9LqAAoJENs3frmum9swKfUIAKa5XH0t4saKu1MuNezprOGW sBs4D+7bgvhQyp4YwAW6ZHkOsDKi8OQTQkpi/rTMiiJ2CshewkTFLj8F02I7j/on Dm8Hckkj/+9W7GXvTNvOT3LWaDfXblIFJgXel4VrmWh4gTXEyieIAf2k4mbCIySA F7rM/K0SswYvLJOPtqxS7CdsXVC7TR0NhyLWp2kCZQTaiQPMSsrg5LxDWeI4iQt3 d6+4iZAJg379bTdO2Wt9OO3uXvvFwHKnBgwwArlrJOv+mdeH1gN2l73XN6nhzwpF IFS+vK6bRIMFwmsRr5kgg5Hfj5yDT+o0YDTYcb8XKOFa4dB2kzuXz1WLj5+uxaI= =KoX6 -END PGP SIGNATURE- ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] strange su behavior
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Am 10.03.2010 18:26, schrieb Tony Schreiner: On Mar 10, 2010, at 12:12 PM, Uwe Kiewel wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Am 09.03.2010 22:22, schrieb Tom H: Do you have any sudo call from your /etc or /etc/skel bashrc or profile...? Yes, I do have in /etc/bashrc: sudo -l Unless you already understood: su - make the shell a login shell so sudo -l in bashrc is executed, which asks for the user's password Understood, who is asking - not understood why sudo -l is asking for the password and why just hitting the enter key works sudo -l lists the commands that you are allowed to run with sudo That is clear to me, but why does this command request the password? what's the output of sudo grep root /etc/sudoers ## the root user, without needing the root password. ## Allow root to run any commands anywhere rootALL=(ALL) ALL -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEcBAEBAgAGBQJLl+/AAAoJENs3frmum9swifQH/jGXojOi65cIEA20gKInEMRe 3Jhnztx2lPDFq2K6am0Wc4qVvcyTkIM5MpgigoJgBI2f0LgLOQNei0/+bDoKsei3 fD5LFcpxepJKd2fukGcjYoIfg1hcHF5fA6+jw6qR/gBdjk67Jx2cZZrfSXaL+uN3 0Mme87EnYKRrJAuAKIlX5yHAB7GQdtuiJrWh6RPbdXSwoggYppjJnFZoCRAnOinp A66jjGa0POAplYs9DHwW/K3mNwA5YggW5KLFyeNfiW16zdaNwQ8a6Q14AeTUy1AO yjQzBZ0UXNkrASpGWKSSDySs3XKIHbtdHhCAY1TxKhOTEeSLO5xROB2UEpsZ9ys= =o7+2 -END PGP SIGNATURE- ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] strange su behavior
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Am 10.03.2010 20:23, schrieb Tom H: Do you have any sudo call from your /etc or /etc/skel bashrc or profile...? Yes, I do have in /etc/bashrc: sudo -l Unless you already understood: su - make the shell a login shell so sudo -l in bashrc is executed, which asks for the user's password Understood, who is asking - not understood why sudo -l is asking for the password and why just hitting the enter key works sudo -l lists the commands that you are allowed to run with sudo That is clear to me, but why does this command request the password? Do you have rootpw/runaspw/targetpw set in /etc/sudoers? No, I don't have. What I want to have is: None-root users shall be allowed to run some commands as root whithout password. And, on logging on, the users shall see, what commands they are able to run. Thanks, Uwe -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEcBAEBAgAGBQJLl/hNAAoJENs3frmum9swxEMIAJgDWhu63h1pYKgG5nmxnUkH hqGPt1W709j4AawHbzyiNqdYfMH3p/9YLY9VwcPS7DHFa0w/X6Vq8I4YcSsPCQc8 FMov96sKZckMTpKBc+qlK0sWXXcJcEDJLdg997WW50BTaxrUob5uy0zoAuzm3pU/ 5X9rq1XXqseU1PLBconNH3lpY1e7A1K4ueY6bXX4EWTqF4sMEEkfVP1sFwHmqVW/ K4wmERfljlLjCrCiLT51/H6LyoAYkmR4qfDxucPC1rEGcOnj3hHZk4mEnu64j7NG nE9MQ3P1SvZff+NG9spRSALJprc1fBKPkndiJFHR9Xm5GhugvsGj7DP7zXRqY2U= =Ea0A -END PGP SIGNATURE- ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] strange su behavior
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Am 09.03.2010 17:32, schrieb John Doe: From: Uwe (ML) Kiewel m...@kiewel-online.ch Do you have any sudo call from your /etc or /etc/skel bashrc or profile...? Yes, I do have in /etc/bashrc: sudo -l Unless you already understood: su - make the shell a login shell so sudo -l in bashrc is executed, which asks for the user's password Understood, who is asking - not understood why sudo -l is asking for the password and why just hitting the enter key works Thanks, Uwe -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEcBAEBAgAGBQJLlqcxAAoJENs3frmum9sw9uYH/Ru8jR0zIApspV4W+1TzYo3H HU6bAAU7p+Gee7rDWPCt4u+o+3woejV1MFFOF3jmAgv5qfZh2/nFAjRCF1Ml/OiW La9xmCv5OZb1fJfHmcL7c/JoTtvfTKXkVbyb0tBec2YCqUATRvOVbLHCMYEI9OQJ A+NeYlfOfQZ8Gnd9g435RoDEVNvYI+FhwOK0bwNRhDRC1ql5GYAcaNoqCtVLapj9 WN+IoxdIu5pm2aSMse/gyHV42JCb7AaVU7kfvoJh+nDQ3SgyOUKqDP+8Uq82mz3i CGz5fp/bcS4BCMasQRI1F5tpuQQJPECG7HWho4pHSrEPNn+yKJ0iCjiZFY85oYs= =F/Hf -END PGP SIGNATURE- ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] strange su behavior
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi, I have a strange su hehavior on a CentOS 5.4 32Bit installation in a VMware ESXi virtualizied environment: If I am root and want to change the user to a non-root user, the system prompts me for a password: [r...@halifax ~]# useradd test00 [r...@halifax ~]# su - test00 We trust you have received the usual lecture from the local System Administrator. It usually boils down to these three things: #1) Respect the privacy of others. #2) Think before you type. #3) With great power comes great responsibility. Password: [tes...@halifax ~]$ logout [r...@halifax ~]# su - test00 [tes...@halifax ~]$ logout [r...@halifax ~]# At this test procedure I just hit the enter key at the password promt. Do you have any idea for this behavoir? I expect to do so from root to any account _without_ being prompted for the password. Thanks, Uwe -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEcBAEBAgAGBQJLlVsjAAoJENs3frmum9swFTwH/1ulj7ZRETV/fAt/0NztXsn5 NJ7szhb+CPDxQCM49RdN6c8OUcZReVZsP1sTPCTiu6kvuNPm7vPhminuecIOEXA/ GUZC/6nS9YcHlFUbmO7nxpP2bbJHrrO2r9s4JdWftHP0YQUADNad9AN/jAQHd032 0xfp/vtAkj2PfIBt/J6h3taVwxx3Epb4gY2wuWYLRcJyDuzJLLD25OJVAOxuUaik RkNcpfiZM3Japq6Mb3kUGlYkdLf4+xxPCC/pwdVVC2fzSUVK9asmqq0pbu6KQfTc Lv5WwS6ENmY6eBbO5IcpILtC+LwBayjU50RWByaFl4uMcfQd9F9uVAdmnLW8/8c= =TNjq -END PGP SIGNATURE- ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] strange su behavior
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Am 08.03.2010 21:21, schrieb John R Pierce: Uwe Kiewel wrote: [r...@halifax ~]# useradd test00 [r...@halifax ~]# su - test00 We trust you have received the usual lecture from the local System Administrator. It usually boils down to these three things: #1) Respect the privacy of others. #2) Think before you type. #3) With great power comes great responsibility. Password: ... that almost sounds like sudo, not su. is it aliased or something? I don't think so: [r...@halifax ~]# type su su is hashed (/bin/su) [r...@halifax ~]# file /bin/su /bin/su: setuid ELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), for GNU/Linux 2.6.9, stripped [r...@halifax ~]# type sudo sudo is /usr/bin/sudo [r...@halifax ~]# file /usr/bin/sudo /usr/bin/sudo: setuid ELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), for GNU/Linux 2.6.9, stripped [r...@halifax ~]# sum /bin/su 2249424 [r...@halifax ~]# sum /usr/bin/sudo 63311 138 Thanks, Uwe -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEcBAEBAgAGBQJLlV38AAoJENs3frmum9swTsgH/1NXTua12hvnHt1js0Mzc1wI RViyiATgPTCYUEKtfR7vUw6oWymbu+Psb8QWjH/x++FkBogjRBGrYjMHP2bhrcBx c8PP4WMWkTpuX05Tb+ox7oB2r8qzuSudx9np9Gx/b1RJJI7y9SG3eiPRINyFreEG 1ywjyvRfvOZPo3398RqXLb6zqEqrK7ghyNp0oo0p7NS4mfn9ipwPMlAzL0oYjmNY +W5dv/Gce/KCHp94piDens312WTTqF+NCpNOSVtz9r6sjHJwGkcDhS86p+p+b+TO Fls5KkgPrh2LldNfrvxLgP+D3XVAMBz60ZKWQ2tk7zaLCqd9nWCvn8v1dhAqWS4= =PjGv -END PGP SIGNATURE- ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] strange su behavior
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Am 08.03.2010 22:03, schrieb Dan Burkland: [r...@halifax ~]# useradd test00 [r...@halifax ~]# su - test00 We trust you have received the usual lecture from the local System Administrator. It usually boils down to these three things: #1) Respect the privacy of others. #2) Think before you type. #3) With great power comes great responsibility. Password: [tes...@halifax ~]$ logout [r...@halifax ~]# su - test00 [tes...@halifax ~]$ logout [r...@halifax ~]# At this test procedure I just hit the enter key at the password promt. Do you have any idea for this behavoir? I expect to do so from root to any account _without_ being prompted for the password. Have you tried just running su without the dash and space before the username? (For example: su test00). If not try that and let us know if you receive the same result. Same result: [r...@halifax ~]# su test00 Password: [tes...@halifax root]$ exit [r...@halifax ~]# - -- Thanks, Uwe -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEcBAEBAgAGBQJLlWjxAAoJENs3frmum9swV70H/1yUOrDx4CYrk3zz7KQqTqe9 OQdYKyAfpOiS+aNTrdX1u3/GNwF5E36M2Wjrnfp+2ZjAvVgHR0UazXBkMpsgLM2r SJwDw+dNAdaPcdKCAOmgN1Bf5gHxdeD3b5KReQ2h6kJWwoMXNAVv+lut5B88tm3/ 8S/bQAPfAmsojzR8aVX6Lr5kmf7EoHEBDwt6Rx3dPi37tghf1GC1bjU9ES3zo2t5 WJbvsZddplRocH9kB/TUeUmuSclP7RBNd2iyjL2SS7wabX6rjy6x+AmvBCc3+hsn HrjYe5CmUwRaCAKVw76Z13cyZEfL+A50m3SfrcHtnDcNRriQnlJ3hugVTIYKHEQ= =5kjJ -END PGP SIGNATURE- ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] strange su behavior
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Am 09.03.2010 02:16, schrieb Spiro Harvey: On Mon, 8 Mar 2010 21:28:44 +0100 Uwe Kiewel m...@kiewel-online.ch wrote: that almost sounds like sudo, not su. is it aliased or something? I don't think so: [r...@halifax ~]# file /bin/su You've confirmed it's not symlinked, but is it aliased? Type alias and see the result. [r...@halifax ~]# alias alias cp='cp -i' alias l.='ls -d .* --color=tty' alias ll='ls -l --color=tty' alias ls='ls --color=tty' alias mv='mv -i' alias rm='rm -i' alias which='alias | /usr/bin/which --tty-only --read-alias --show-dot - --show-tilde' -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEcBAEBAgAGBQJLlfOPAAoJENs3frmum9swD+sH/R9gC2+w0XdBb+bQfVhAhMEV jd4LENnH1FXCC5oU3ypUdtk9VvtdZAfC1HUBQk2jC80Y3aZRP2O5D7fwiHP1ddPd WC2K9yNG1M/7/hAD/fdNSQYRaMbkw/5v5G4827gflUR7OT6JBo6BoHUnkKwh6jOR 8vIJppPQ2a7HBWpmYeH1NO2+YgH/yNvxfZqTT7946ZoO+GvDoCvNkXgUAyOrFjrf 1CaYOOXOtqABe+HBaqccv/IriMM7eRWQt8rPil3ukJt1kR5MNPukggE9xjhJEv7v TLf1iyd1npqrpNLCc8nvNbYr7cUOeQ1HAbJy02lcUobnYUirtkE5wETHW8YFiVY= =Noc7 -END PGP SIGNATURE- ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] server is always getting hacked
Alan McKay schrieb: Open up sshd port only Restrict the access to 22/tcp (ssh) and permit relay required hosts only Uwe ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos