User Migration Issues

Hi all,

I am slackware 14.0 user. Recently I face one problem. As a root i can change one of my normal user's (assuming Peter) password. However, when I login as Peter, and try to change the password, the system does not allow me to renew my password.


root@slackwa /etc# ls -la | grep shadow
-rw-r----- 1 root shadow 9 Nov 29 2013 gshadow
-rw------- 1 root root 0 Jun 20 2013 gshadow-
-rw-r----- 1 root shadow 2272 Apr 12 22:44 shadow
-rw------- 1 root root 2274 Apr 12 21:40 shadow-
root@slackwa /etc# ls -la | grep passwd
-rw-r--r-- 1 root root 2362 Apr 12 12:58 passwd
-rw------- 1 root root 2306 Jan 8 17:38 passwd-
-rw-r--r-- 1 root root 2305 Aug 11 2014 passwd~


peter@slackwa ~$ which passwd
/usr/bin/passwd
peter@slackwa ~$ ls -la /usr/bin/passwd
-rws--x--x 1 root root 68725 Sep 14 2012 /usr/bin/passwd*

peter@slackwa ~$ passwd
Changing password for peter
Old password:
Incorrect password for peter.
The password for peter is unchanged.

One thing I can assure is the password I input is correct. I have another slackware 14 running on Dell R410, but it does not has this problem.


Please kindly advice. Thank you.

I have been getting permission denied issues when trying to log into as root. I have set my password and when I type su - root and enter in my password I keep getting either password incorrect when I know I am typing it in correctly or acess permission denied from su. Can anyone explain what I am doing wrong. I am trying to get into /etc/passwd for homework assignment and I get permission denied when logged in as my user. Any help will be great. I have in the past been able to logg in to root but now I cant seem to get into it. This is a new install of ubuntu 14

A few of my servers show that this user id has expired.

I know that this is the name of a user account and group account and if I check out /etc/passwd there is an entry under /sbin/nologin. And, if I check under say top -u nobody, I don't see anything running for that user account. However that is the extent of my knowledge on this user account.

Should I be concerned that the passwd for this account is expired or are there cron jobs/programs that rely on this account?

thanks

Hello,

OS: CentOS 6.3

Background:
I'm trying to set up a situation where my FTP account is in a group where my phpbb forums were created. This will allow me to upload changes as I customize my forums (ie: .css files). However, right now, my problem is that I'm running into invalid permissions and the only way to move the files is to upload the file to a directory my FTP account has access too and then sudo cp the file over. Upon closer inspection of my files, it appears the groups the files have been made under are not the correct group.

Problem:
I am trying to use chgrp on a specific file to change the group owner to the group my FTP account is a member of but it does not seem to be working. Here is a snippet of what I'm doing:

Code:

zzz@aaaa:/var/www/html/yyy/forums/styles/GlossyBlack/theme]$ sudo chgrp apache colours.css -v
group of `colours.css' retained as apache
zzz@aaaa:/var/www/html/yyy/forums/styles/GlossyBlack/theme]$ ls
total 164
drwxr-xr-x 3 5645316 apache  4096 Mar 27 15:11 .
drwxr-xr-x 6 5645316 apache  4096 Nov 18  2012 ..
-rw-r--r-- 1  root     apache 23480 Mar 27 19:05 colours.css

I'm not sure why it still says root so I suspect I am doing something incorrect. When looking around, at first it seemed chgrp could change group owner on files but as I dug more, it seemed it can also change groups themselves. So I'm a little confused and require some clarity of experts.

I hope changing the group owner of this file will give access to my FTP account so I can apply this change to all needed locations.

Thanks.

Hey guys, I got samba working and I am able to access my files, however I am now trying to learn security with it. i am pretty much trying to allow certain groups access certain files. if you look at samba group you can see that I have @sambausers group to access sambagroup directory.

I have a user called sambatest01. the user can access "samba users only" but the user can access all of the other files as well. what is a correct set up on the other smb.conf to prevent users from accessing this? I cant seem to find a proper set up


[drivers]
path = /files/drivers
browseable = yes
read only = no
guest ok = no
guest only = no


[samba users only]
path = /files/sambagroup
browseable = yes
read only = no
guest ok = no
guest only = no
write list = @sambausers
valid users = @sambausers

when i try to ftp from server to another server I am getting error below

bash-3.2$ ftp 172.25.27.120
Connected to 172.25.27.120.
220 Service ready for new user.
Name (172.25.27.120:ccnusr): crsftp
331 User name okay, need password for crsftp.
Password:
230 User logged in, proceed.
Remote system type is UNIX.
ftp> cd /tmp
250 Directory changed to /tmp
ftp>
ftp> mput /tmp/tst.air
mput /tmp/tst.air? y
200 Command PORT okay.
550 /tmp/tst.air: Permission denied.
ftp>
ftp>

Please let me know if anyone has faced the simialar issue.

I have checked the vsftpd.conf file and seems everything is fine

anonymous_enable=YES
local_enable=YES
write_enable=YES
#anon_upload_enable=YES
#anon_mkdir_write_enable=YES
dirmessage_enable=YES
xferlog_enable=YES
connect_from_port_20=YES
#chown_uploads=YES
# The name of log file when xferlog_enable=YES and xferlog_std_format=YES
# NO writes to vsftpd_log_file, YES to xferlog_file
xferlog_std_format=YES
#async_abor_enable=YES
#ascii_upload_enable=YES
#ascii_download_enable=YES
#deny_email_enable=YES
# directory. If chroot_local_user is YES, then this list becomes a list of
#chroot_local_user=YES
#chroot_list_enable=YES
#ls_recurse_enable=YES
listen=YES
#listen_ipv6=YES
userlist_enable=YES
tcp_wrappers=YES

I have set up a SFTP which I can connect to, go to the right directory and read/write files to.

The full path is home/sftpuser/SFTP/Customer
The user "sftpuser" I am connecting with is in the group "ftpusers" which has read/write access.

That works fine.

Here is my sshd_config:
Code:

Match Group ftpusers ChrootDirectory /home/%u/
 ForceCommand internal-sftp
  AllowAgentForwarding no
  AllowTcpForwarding no
  X11Forwarding no

However, I made a samba share of the folder Customer, when I go to the IP adress on a Windows machine "\\10.0.0.1\" I can see the folder Customer, when entering it requests user/pass and afterwards gives an error: you have not the right permissions.

In Webmin:
Customer /home/sftpuser/SFTP/Customer Read/write to everyone

My smb.conf:
Code:

[global]
    syslog = 0
    log file = /var/log/samba/log.%m
    read raw = no
    write raw = no
    passdb backend = tdbsam
    workgroup = DOMAIN
    usershare allow guests = yes
    socket options = TCP_NODELAY
    pam password change = yes
    passwd program = /usr/bin/passwd %u
    unix password sync = yes
    obey pam restrictions = yes
    passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
    server role = standalone server
    server string = %h server (Samba, Ubuntu)
    max log size = 1000
    map to guest = bad user
    panic action = /usr/share/samba/panic-action %d
    dns proxy = no



[Customer]
    force create mode = 755
    browsable = yes
    public = yes
    path = /home/sftpuser/SFTP/Customer
    force directory mode = 755
    writeable = yes
    valid users = @ftpusers
    force group = ftpusers
    write list = @ftpusers

I have been struggling for 3 days and am totally out of ideas.

LS -L for the folder:
Code:

total 4
drwxrwx---+ 2 sftpuser ftpusers 4096 Apr  9 11:35 Customer

I am a bit confused and not sure what to look up to fix this issue. When I log in as user, I cannot edit my /var/www/html files.

I have the ownership of /var/www/html set to apache:apache (using centos 7). When I check groups for user it shows user and apache. That does mean I'm apart of the apache group right, and if the /var/www/html is owned by apache, I should be able to edit?

hi experts

I am rsyncing a user's home dir across the NFS and the local PC, but when it tries to copy over the hidden files it fails with permission denied. Both dir are owned by the proper user and I am root when I execute the script, so I am not sure what went wrong here.
For example: this is the content and permissions of the source:

-rw------- 1 user test 115 Nov 14 11:28 .bash_history

and here is my error:

rsync: send_files failed to open "/home/user/.bash_history": Permission denied (13)

Thanks

Changing umask value for files and directories take effect after reload:
/etc/profile
/etc/bashrc
default permission for all users:
-rw-r--r--
above permission is edited to:
-rw-rw-r--
If a specific user in group having only read permission to a file/directory is created before reload,and Linux server reloads, that user gets rw permission to that file/directory. what is the alternative of securing:
/etc/profile
/etc/bashrc
apart from giving the two files access to root user only, and locking out all other users?