Running sbin commands as normal user
Here's the problem: I would like to run rc.d to start/restart/stop daemons as a normal user.
I ran into two possible workarounds:
1. Sudoers file
I've setup sudoers file to not ask for the password with:
myuser ALL = NOPASSWD: /sbin/rc.d
That of course still force me to write sudo before rc.d to start/restart/stop a daemon. Next step could be to create an alias like alias rc.d='sudo rc.d'.
2. Permissions
Another way would be to change the permissions of the command so It can be ran by "all" or a specific group.
Maybe I'm just crazy, but all these workarounds look a bit "dirty" to me, so I was wondering if someone else knows a different approach to this issue :).
SS4 wrote:
pablox wrote:
Btw, I just found that even when sudo -l shows me:
User myuser may run the following commands on this host:
(root) NOPASSWD: ALL
(ALL) ALL
It still asks for my password when I ran an app through sudo, any clue of what would be happening?
That's just saying that you're allowed to use sudo, not that you can use it without a password.
For example when I run sudo -l
User me may run the following commands on this host:
(ALL) ALL
(ALL) ALL
(root) NOPASSWD: /usr/bin/pacman, (root) /usr/bin/pacdiffviewer, (root) /usr/bin/make, (root) /sbin/shutdown, (root) /usr/sbin/hddtemp, (root) /usr/bin/pacman-color, (root) /usr/sbin/pm-suspend
From my limited understanding (root) means that I become root user
AFAIK our configurations are almost the same, except from the fact that I have configured it to supposedly not ask for the password for every command and in your case of the commands listed there.
If you ran pacman with sudo, it asks your password?
Similar Messages
-
Running commands as normal user
Hi.
Is it possible to do these things?
Run audio without sudo...
(Un)mount partitions without sudo...
Poweroff, or reboot, without sudo...
For instance, If I run:
adduser myusername audio
I'm told that the user already exists. I'm pretty sure nobody would design a system where everything you do needs to be sudo'ed. What am I doing wrong?I use pmount/pumount for mounting/unmounting as user.
I've edited my sudoers file to give my user account access (only on this computer) to issue certain commands without a password. As far as I'm concerned, system commands such as shutdown should only be allowed to run as root. It's just a convenience for me not to have to type my password when using sudo.
# less /etc/sudoers
# sudoers file.
# This file MUST be edited with the 'visudo' command as root.
# Failure to use 'visudo' may result in syntax or file permission errors
# that prevent sudo from running.
# See the sudoers man page for the details on how to write a sudoers file.
# Host alias specification
# User alias specification
# Cmnd alias specification
# Defaults specification
# Runas alias specification
# User privilege specification
root ALL=(ALL) ALL
tom ALL=(ALL) ALL
# Uncomment to allow people in group wheel to run all commands
# %wheel ALL=(ALL) ALL
# Same thing without a password
# %wheel ALL=(ALL) NOPASSWD: ALL
# Samples
# %users ALL=/sbin/mount /cdrom,/sbin/umount /cdrom
# %users localhost=/sbin/shutdown -h now
tom kiwi = NOPASSWD: /sbin/halt
tom kiwi = NOPASSWD: /sbin/reboot
tom kiwi = NOPASSWD: /usr/bin/eject
tom kiwi = NOPASSWD: /usr/sbin/pm-suspend
tom kiwi = NOPASSWD: /home/tom/bin/backup
tom kiwi = NOPASSWD: /etc/rc.d/httpd
Which says: For the user tom on the computer kiwi allow him to run command /sbin/halt without a password.
Last edited by BaconPie (2011-01-05 14:43:09) -
Difference in running program Administrator or normal user?
Hi,
I've written a simple program (logged in as administrator), in which an LED control is turned on when a process starts, and off when the process ends, a sort of Busy-indicator.
I switched to a normal user, and now the LED control does not operate anymore... Sometimes I can turn it on, but not in the required function...
Where does the difference come from?? What else does it affect, aside from LED controls?
Many thanks,
KarelThe user account privileges should not affect CVI UI objects. Are you sure it is not that the application needs privileges to check if the process is running? Does the code that alters the value of the LED ever run? Could you post code that demonstrates this?
National Instruments
Product Support Engineer -
Running Update Service as normal user in Windows 7
Hi.
I have a number of users that have Xperia 10 and Xperia 10 mini mobilephones, and these users want to be able to update there phones using the application "Update Service". Is it possible to run this application without having local administrator priveliges?
Best regards,
Johan ChristenssonWell, when the user tryes to start the application, they get "UAC" message asking them for elevated priveliges. I haven't checked it my self but accordning to one of the users there own credentials dosen't work/cut it.
Best regards,
Johan Christensson -
How to run the the impersonation permission grant command for multiple users
I have run below command earlier to grant the impersonation for a user called user1
get-mailbox -identity user1 | add-adpermission -user domainname\service application user -ExtendedRights ms-Exch-EPI-May-Impersonate
Now I want to run this command for multiple users like user2, user3, user 4 together. How should I run the command.
This is for Exchange Server 2007 SP2
Abhijeet M. MohiteHi Abhijeet
get-mailbox -identity user1 | add-adpermission -user domainname\service application user -ExtendedRights ms-Exch-EPI-May-Impersonate
I am little bit confused with this command so can you please help me what to right inplace of User1 and domainname\service application user
Example: I wanted to give Impersonate rights to
[email protected] then can you please complete command for me. Thanks in advance.
Warm Regards, Pramod Kumar Singh Manager-IT -
Cannot add accounts in empathy when logged in as normal user
When I attempt to add an account in Empathy in GNOME, via F4, I am unable to add accounts - the add button, no matter what account type I use, quite simply does nothing.
More interestingly, when I run it as root from a console, it works fine; an error is given when I run it as a normal user from a console:
$ empathy
** (empathy:12734): WARNING **: Couldn't register with accessibility bus: Did not receive a reply. Possible causes include: the remote application did not send a reply, the message bus security policy blocked the reply, the reply timeout expired, or the network connection was broken.
libGL error: failed to open drm device: Permission denied
libGL error: failed to load driver: radeonsi
I feel like I have missed something trivial, and I can find no references to it...
Last edited by labyrinth42 (2015-01-11 16:29:14)I use GDM as a display manager for GNOME & Empathy seems to work OK IIRC; I'm in Windows ATM ( ) so I can't check -- I'll edit this later.
You could try GDM and see if that fixes the problem. -
Running a command in a remote Powershell session
Hi,
I have used the Enter-PSSession to get a remote session on a domain controller... all is ok with that.
when i run the following command it fails, however if i run this locally on the domain controller it succeeds. this command is correct, it just fails with the remote powershell session
dsacls.exe "OU=MYTestOU,OU=Servers,DC=MyDomain,DC=Local" /G "mydomain\MyComputer$":GRGWCC
I have tried placing c:\windows\system32 before the exe, and i have also tried cmd /c dsacls.exe .........
i cant figure out why this doesnt work, can anyone help?
thanks
Stevestrange, if i run the command for a user account instead of a computer account and remove the "" around it, it works.
dsacls.exe "OU=MYTestOU,OU=Servers,DC=MyDomain,DC=Local" /G mydomain\steve:GRGWCC
it must be that $ sign that is causing the problems....? -
Run shell script as sudo user without giving sudo passowrd from normal usr
Hi ,
i am running shell script from my account with sudo user what is the problem in my procedure.
Please if any thing wrong in my procedureprocedure or any permission required please let me know.
here is the my procedure and sudo permissions.
[techm@ppsol04 ~]$ sudo su - dadm sudo -u dadm /u01/ora/tools/Dbmon/scripts/export.sh
Sorry, user techm is not allowed to execute '/u01/ora/tools/Dbmon/scripts/export.sh' as dadm on ppsol04.
[dchandu@ppsol04 ~]$ sudo -l
Matching Defaults entries for techm on this host:
env_keep=SSH_AUTH_SOCK, !authenticate, env_reset, always_set_home, !requiretty
sudo permissions :
sudo -l
Matching Defaults entries for techm on this host:
env_keep=SSH_AUTH_SOCK, !authenticate, env_reset, always_set_home, !requiretty
User techm may run the following commands on this host:
(ALL) NOPASSWD: /local/bin/hardened_profile.sh
(root) NOPASSWD: /bin/su - dora
(root) NOPASSWD: /bin/su - doraadm
(root) NOPASSWD: /bin/su - docenter
(root) NOPASSWD: /bin/su - tora
(root) NOPASSWD: /bin/su - toraadm
(root) NOPASSWD: /bin/su - tocenter
(root) NOPASSWD: /bin/su - hora
(root) NOPASSWD: /bin/su - horaadm
(root) NOPASSWD: /bin/su - hocenter
(root) NOPASSWD: /bin/su - agcfdwf4
(root) NOPASSWD: /bin/su - pora
(root) NOPASSWD: /bin/su - dadm
(root) NOPASSWD: /bin/su - pocenter
(root) NOPASSWD: /bin/su - agcfdwp4
Thanks
techCan you please explain what you are trying to accomplish?
To my understanding there is no such thing like a sudo password for a normal user. Sudo allows users to become root based on a sudo list (suoders). The user is then prompted for their own account password to run as super-user or root. -
User Defined Activity: Run OS Command with OS parameters
OS: OELR5 U3 x64
DB: 11.1.0.7
OWB: 11R1
I would like to be able to run an os command from a user defined activity within a process flow. I am trying to make use of VMWare's vmrun to control a virtual machine. From the OS command line I enter:
/usr/bin/vmrun -T server -h https://server:port/sdk -u user -p userpassword -gu guest -gp guestpassword runProgramInGuest "[standard] VM/Virtual Machine.vmx" -activeWindow -interactive "c:\path_to_program\program.exe" /switch
How many I duplicate this OS command from within a user defined activity in a process flow?
I create a user defined activity:
COMMAND: /usr/bin/vmrun
PARAMETER_LIST:
RESULT_CODE:
SCRIPT: -T server -h https://server:port/sdk -u user -p userpassword -gu guest -gp guestpassword runProgramInGuest "[standard] VM/Virtual Machine.vmx" -activeWindow -interactive "c:\path_to_program\program.exe" /switch
SUCCESS_THRESHOLD: 0
The process runs without error in the log, but the os command is not being run.
I tried again with:
COMMAND: /usr/bin/vmrun
PARAMETER_LIST: ?-T?server?-h?https://server:port/sdk?-u?user?-p userpassword?-gu?guest?-gp guestpassword?runProgramInGuest "[standard] VM/Virtual Machine.vmx"?-activeWindow?-interactive?"c:\path_to_program\program.exe"?/switch?
RESULT_CODE:
SCRIPT:
SUCCESS_THRESHOLD: 0
with the same result.
And I also tried calling sh:
COMMAND: bin/sh
PARAMETER_LIST:
RESULT_CODE:
SCRIPT: /usr/bin/vmrun -T server -h https://server:port/sdk -u user -p userpassword -gu guest -gp guestpassword runProgramInGuest "[standard] VM/Virtual Machine.vmx" -activeWindow -interactive "c:\path_to_program\program.exe" /switch
SUCCESS_THRESHOLD: 0
also with the same result.
The process runs in each case, and ends with: "Log file is available", but when I look in the log, I don't see errors or any information that might help me adjust the user defined activity.This method works:
COMMAND: bin/bash
PARAMETER_LIST:
RESULT_CODE:
SCRIPT: /usr/bin/vmrun -T server -h https://server:port/sdk -u user -p userpassword -gu guest -gp guestpassword runProgramInGuest "standard VM/Virtual Machine.vmx" -activeWindow -interactive "c:\path_to_program\program.exe" /switch
SUCCESS_THRESHOLD: 0
The issue seems to be caused on an upgrade to OWB 11R2. Our installation does not always update the VALUE entry when a user types in a value, meaning that our entry changes were not reflected into the deployed process package. -
Allow normal user to run "ip link set"
Hi,
every time I power on my wireless lan device by hardware switch I have to execute
ip link set wlan0 up
as root in order to use it. There's a bash script which is triggered with normal user rights by the switch.
I'm member of the network group, but I can't use the bash script to run ip automatically:
[drake@laptop ~]$ ip link set wlan0 up
RTNETLINK answers: Operation not permitted
Is there a way to allow my account to set up wlan0?
Thanks!
DrakeGood afternoon.
I believe we have a RFE for this issue our datebase. Namely:
Bug 18202: Allow to specify params in reports but prevent saving changes
If I may, I recommend that you open a support case and ask the responsible engineer to add your company's information to the RFE (once it's confirmed that the 2 issues are indeed the same). Doing so will increase the chances of this functionality being added to the product in a future release.
Regards,
Alex -
[SOLVED] Dropbox - can't run as normal user, but as root
I have problems with running dropbox as normal user. I installed dropbox from AUR. It is successfully installed. But when I type in terminal dropboxd I get:
WARNING: Cannot write to "/home/USERNAME/.dropbox/dropbox.pid"
I can run dropboxd as root from terminal, but that way default Dropbox folder is created with root permissions in my /home directory. Is there some way to run dropbox as normal user and having Dropbox folder with permissions for my user?
Last edited by archiebald (2010-02-18 22:50:33)Thanks toad and pickboy87 for advices. It's my fault, and lack of concetration after long hours of staring at screen.
Solution is this:
sudo chown -R USERNAME /home/USERNAME/.dropbox
Btw. Ubuntu do all automatically, with Dropbox install, all I need is to follow on screen directions, and next, next.:lol:
edit:
everything works out of the box with dropbox install on other Arch machine i tried, probably I messed something with configuration somewhere before.
Last edited by archiebald (2010-02-18 23:05:13) -
Portlet will run/output when run as Admin, but not normal user
Anyone know why a portlet would run/output under admin privs, but will not run under a normal user's privs? This is a VB.NET portlet using the EDK. Anyone have any ideas?
Flash Player should be initially installed using an Admin account. Once installed however, it should work for all users. If it does not function, then I suspect you're running into a file/folder/registry permission issue. This FAQ can help repair these problems:
How do I fix Windows permission problems with Flash Player? -
Running MSOL commands against a list lof users from csv.
Hi All, I was kindly helped here
with a similar issue only the solution doesn't seem to work for the Get-MSolUser commands:
What I am trying to achieve is to set the users -UsageLocation to GB and then to Set-MSolUserLicense to our Enterprise. So for example I have a list of UPN for our UK users in a csv:
UserPrincipalName
[email protected]
[email protected]
Here is what I have tried just to run a Get command first against the csv:
Import-CSV "C:\emails.csv" | %{Get-MSolUser -identity $_.UserPrincipleName | fl}
Which gives me this error:
Import-CSV "C:\emails.csv" | %{Get-MSolUser -identity $_.UserPrincipleName | fl}
+
~~~~~~~~~
+ CategoryInfo : InvalidArgument: (:) [Get-MsolUser], ParameterBindingException
+ FullyQualifiedErrorId : NamedParameterNotFound,Microsoft.Online.Administration.Automation.GetUser
I can confirm that if I run this command
Get-MSolUser -All -UnlicensedUsersOnly | FT UserPrincipalName,DisplayName,IsLicensed,UsageLocation
I do get a list of all users who are unlicensed.
Any help on where I am going wrong would be greatly appreciated.Thanks Fred, that looks a lot better:
Does this look correct to you?
Import-CSV"C:\emails.csv"|%{Get-MSolUser-SearchString$_.UserPrincipleName
|Set-MsolUser-UsageLocationGB
Or do I need to define a ForEach -Object? -
Rc.local, run command as regular user?
I want to run a command at startup that can't safely be run as root (and I don't want it to be anyway). The only way I know of to execute a command at startup is rc.local, but that will run the command as root. I know sudo can be used to run commands as other users. If I use sudo to change what user the startup command is running as, will that be safe? In other words, will that effectively make it as if it was being run by a regular user instead of root? Or is there a better way of doing this? Thanks.
You can also put it in your .bashrc, so it will be executed every time you log in. For example, I have it set to mount my external disc if it's plugged but not mounted:
if [[ -r /dev/disk/by-label/disco-externo && `mount | grep disco-externo | wc -l` -eq 0 ]]
then
sudo mount /dev/disk/by-label/disco-externo /mnt/disco-externo
fi
If you put the sudo away you can start any command as a regular user under certain circumstances. -
Photoshop crashes when run as normal user
Dear all,
Ever since I installed CS4 Suite with Photoshop Extended, my Photoshop would crash as soon as I open a file. This would not happen if I am logged on as administrator on my Windows XP, but any other type of profile has the problem.
I tried: reinstallation, clearing the Photoshop preference file, testing whether some startup service is causing it, and created new user profiles, but neither helped.
Since, I did not have this problem with the CS3 suite, I assume that CS4 tries to do something that only administrators are allowed, but what ?
Anyone with similar experiences or advice ?
Regards,
WMI think I might have found something more. I reinstalled the video driver to be on the safe side. Then ran photoshop as administrator, no problem. Then as normal user and I got the video driver message, as well as a crash when opening a file. Then I ran it again as administrator and it was not complaining about the video driver. So maybe photoshop accesses a part of my video driver that due to file permissions is only accessible to the administrator, any ideas of what that would be ?
Maybe you are looking for
-
Apple TV 1st gen not seen in itunes
Apple TV would not show in Itunes. I found that the Apple TV tab was completely missing from Itunes preferences. I Googled and found likely due to itunes 10 update. Uninstalled itunes 10 and re-installed itunes 9. Apple TV tab back but still will not
-
How can I sync my IPOD to my home computer after it was wiped without losing all my existing music?
-
RFC_NO_AUTHORITY calling ABAP function from a Web Service
Hi, We have a web service that publishes existing BAPIs, and some custom ABAP functions. When calling the custom ABAP functions we a "system exception" in the client side. Looking at SM21 the log has a dump: The user "1DDD8B960830" in the client 310
-
HDMI/DVI video noise when running with 9400M
I have a late 2008 MBP. I connect it to my Sony 52W3000 using Apple's mini DisplayPort to DVI adaptor and a DVI to HDMI cable. When I use the Nvidia 9400M (Better Battery Life in Energy Saver system preference) I get lots of video noise in the form o
-
Phone locked up- and I am ready to throw it out the window
Last night before going to bed, I plugged my phone in to charge. (Using the IPhone charger and plugged into the wall). My phone is currently showing the battery, yesterday's date and the time of 9:22pm. I can't get the phone to do anything. I just he