On Thu, Dec 10, 2020 at 04:48:36PM +0300, Reco wrote:
I just like to remind you the original question:
Is there a way to put an account "beyond use", in any way including su,
sudo etc,
*In any way* includes the way I've described above IMO.
So you're asking if there's a way to prevent
On Thu, Dec 10, 2020 at 10:42:36AM -0500, Greg Wooledge wrote:
In the context of the original question, having a consistent set of
local user accounts (name/UID pairs) across all of your systems in
an NFS environment is useful for making sure all files have consistent
ownership. Even on the
On Wed, Dec 09, 2020 at 03:38:21PM -0500, Paul M Foster wrote:
I have two users on the client: paulf 1000 and nancyf 1001. On the
server, I have two users: pi 1000 and paulf 1001. I can mount the NFS
share from the server to /mnt on my client. But any files belonging to
me (user 1001 on the
On Thu, Dec 10, 2020 at 03:35:50PM +, Tixy wrote:
> Why would you execute sudo or su on the target machine to change to one
> of these unneeded users, presumably you can do whatever mischief is
> your aim by using the account you are executing su or sudo from. Or by
> changing to another valid
On Thu 10 Dec 2020 at 16:48:36 (+0300), Reco wrote:
> On Thu, Dec 10, 2020 at 03:36:47PM +0200, Andrei POPESCU wrote:
> > At least on Debian sudo has to be explicitly configured to allow a
> > regular user to use '-u' with another user name. We can only assume the
> > admin had good reasons to
On Thu, 2020-12-10 at 16:48 +0300, Reco wrote:
> On Thu, Dec 10, 2020 at 03:36:47PM +0200, Andrei POPESCU wrote:
> > On Jo, 10 dec 20, 13:34:55, Reco wrote:
> > > On Thu, Dec 10, 2020 at 12:07:54PM +0200, Andrei POPESCU wrote:
> > > > On Jo, 10 dec 20, 12:52:56, Reco wrote:
> > > > > On Thu, Dec
On Thu, Dec 10, 2020 at 03:36:47PM +0200, Andrei POPESCU wrote:
> On Jo, 10 dec 20, 13:34:55, Reco wrote:
> > On Thu, Dec 10, 2020 at 12:07:54PM +0200, Andrei POPESCU wrote:
> > > On Jo, 10 dec 20, 12:52:56, Reco wrote:
> > > > On Thu, Dec 10, 2020 at 11:46:02AM +0200, Andrei POPESCU wrote:
> > >
On Jo, 10 dec 20, 13:34:55, Reco wrote:
> On Thu, Dec 10, 2020 at 12:07:54PM +0200, Andrei POPESCU wrote:
> > On Jo, 10 dec 20, 12:52:56, Reco wrote:
> > > On Thu, Dec 10, 2020 at 11:46:02AM +0200, Andrei POPESCU wrote:
> > > >
> > > > passwd -l/--lock
> > >
> > > sudo -u /bin/bash -i
> > >
>
On 10/12/2020 09:10, Mark Fletcher wrote:
> On Wed, Dec 09, 2020 at 03:54:10PM -0500, Dan Ritter wrote:
>> Paul M Foster wrote:
>>> I have two users on the client: paulf 1000 and nancyf 1001. On the
>>> server, I have two users: pi 1000 and paulf 1001. I can mount the NFS
>>> share from the
On Thu, Dec 10, 2020 at 12:07:54PM +0200, Andrei POPESCU wrote:
> On Jo, 10 dec 20, 12:52:56, Reco wrote:
> > On Thu, Dec 10, 2020 at 11:46:02AM +0200, Andrei POPESCU wrote:
> > >
> > > passwd -l/--lock
> >
> > sudo -u /bin/bash -i
> >
> > That little trick defeats "locked" account status, an
On Jo, 10 dec 20, 12:52:56, Reco wrote:
> On Thu, Dec 10, 2020 at 11:46:02AM +0200, Andrei POPESCU wrote:
> >
> > passwd -l/--lock
>
> sudo -u /bin/bash -i
>
> That little trick defeats "locked" account status, an absence of a
> password and even /usr/sbin/nologin set as a default shell.
Hi.
On Thu, Dec 10, 2020 at 11:46:02AM +0200, Andrei POPESCU wrote:
> > Left alone, having unneeded users on a given machine could be a
> > security threat, at least in the sense that it provides a greater than
> > necessary attackable surface area. What can be done about that?
> >
Hi.
On Thu, Dec 10, 2020 at 09:10:42AM +, Mark Fletcher wrote:
> This brings up an interesting thought. In the situation where you align
> user IDs across a number of machines for ths purpose, you'll inevitably
> end up with situations where users are created on some of the machines
On Jo, 10 dec 20, 09:10:42, Mark Fletcher wrote:
>
> This brings up an interesting thought. In the situation where you align
> user IDs across a number of machines for ths purpose, you'll inevitably
> end up with situations where users are created on some of the machines
> only for the purpose
On Wed, Dec 09, 2020 at 03:54:10PM -0500, Dan Ritter wrote:
> Paul M Foster wrote:
> > I have two users on the client: paulf 1000 and nancyf 1001. On the
> > server, I have two users: pi 1000 and paulf 1001. I can mount the NFS
> > share from the server to /mnt on my client. But any files
Paul M Foster wrote:
> I have two users on the client: paulf 1000 and nancyf 1001. On the
> server, I have two users: pi 1000 and paulf 1001. I can mount the NFS
> share from the server to /mnt on my client. But any files belonging to
> me (user 1001 on the server) look like they belong to nancy
I have two users on the client: paulf 1000 and nancyf 1001. On the
server, I have two users: pi 1000 and paulf 1001. I can mount the NFS
share from the server to /mnt on my client. But any files belonging to
me (user 1001 on the server) look like they belong to nancy (user 1001
on the client. More
17 matches
Mail list logo
