Mailing List Archive

On Friday 18 July 2003 04:10 pm, John Klimek wrote:
> Is there any semi-secure way to SU to root?

man sudo

- thor


_______________________________________________
mythtv-users mailing list
mythtv-users@snowman.net
http://lists.snowman.net/cgi-bin/mailman/listinfo/mythtv-users

man sudo

John Klimek wrote:
> Is there any semi-secure way to SU to root?
>
> I'm running mythfrontend on my X-Box and when the frontend exits it runs
> "halt" to shut off the x-box. However, halt must be run as root and my
> x-box logs in as a different user by default.
>
> Now I think I could type "su -c halt" to switch to root, then run halt, but
> it will still prompt me for a password.
>
> How could I have it automatically type in a password?
>
> Also, is my syntax right for switching to root then running halt? I want my
> xbox to shutdown when I exit mythtv (using the option in the mythfrontend
> settings).
>
> _______________________________________________
> mythtv-users mailing list
> mythtv-users@snowman.net
> http://lists.snowman.net/cgi-bin/mailman/listinfo/mythtv-users

--
Shawn Edwards
sedwards@theedwards.org

Some people around here wouldn't recognize subtlety if it hit them on the head.

_______________________________________________
mythtv-users mailing list
mythtv-users@snowman.net
http://lists.snowman.net/cgi-bin/mailman/listinfo/mythtv-users

Quoting John Klimek <jmk396@psu.edu>:

> How could I have it automatically type in a password?

A better way would be something like the following. This assumes su uses
PAM. Add the following line to your /etc/pam.d/su file:

auth sufficient /lib/security/pam_listfile.so item=ruser
sense=allow onerr=fail file=/etc/security/suauth.nopass

Then add the username of your mythfrontend user to
/etc/security/suath.nopass.

And I imagine you can configure your mythfrontend to run:

su - -c halt # (or better yet /sbin/halt)

You can also probably achieve the same with sudo, but that requires another
package.

---max kalika
--max@lsit.ucsb.edu
-lsit systems administrator
_______________________________________________
mythtv-users mailing list
mythtv-users@snowman.net
http://lists.snowman.net/cgi-bin/mailman/listinfo/mythtv-users

Shawn Edwards wrote:
> man sudo

Woah. Is there an echo in here? :-)


--
__ ____
/ / / __/ Brian Lalor
/ _ \/__ \ blalor@bravo5.org
/_.__/____/ http://bravo5.org/
_______________________________________________
mythtv-users mailing list
mythtv-users@snowman.net
http://lists.snowman.net/cgi-bin/mailman/listinfo/mythtv-users

> I'm running mythfrontend on my X-Box and when the frontend exits it runs
> "halt" to shut off the x-box. However, halt must be run as root and my
> x-box logs in as a different user by default.

what's with that? I can run both "halt" and "poweroff" from any user
logged into the console. Maybe it's just a redhat thing, though.

-Chris

_______________________________________________
mythtv-users mailing list
mythtv-users@snowman.net
http://lists.snowman.net/cgi-bin/mailman/listinfo/mythtv-users

You can always try to just setuid /sbin/halt

-Mark


-----Original Message-----
From: mythtv-users-bounces@snowman.net
[mailto:mythtv-users-bounces@snowman.net] On Behalf Of Chris Petersen
Sent: Friday, July 18, 2003 12:57 PM
To: Discussion about mythtv
Subject: Re: [mythtv-users] Can I SU to root w/o typing a password?

> I'm running mythfrontend on my X-Box and when the frontend exits it
runs
> "halt" to shut off the x-box. However, halt must be run as root and
my
> x-box logs in as a different user by default.

what's with that? I can run both "halt" and "poweroff" from any user
logged into the console. Maybe it's just a redhat thing, though.

-Chris

_______________________________________________
mythtv-users mailing list
mythtv-users@snowman.net
http://lists.snowman.net/cgi-bin/mailman/listinfo/mythtv-users

---
Incoming mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.500 / Virus Database: 298 - Release Date: 7/10/2003


---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.500 / Virus Database: 298 - Release Date: 7/10/2003


_______________________________________________
mythtv-users mailing list
mythtv-users@snowman.net
http://lists.snowman.net/cgi-bin/mailman/listinfo/mythtv-users

> > I'm running mythfrontend on my X-Box and when the frontend exits it runs
> > "halt" to shut off the x-box. However, halt must be run as root and my
> > x-box logs in as a different user by default.
>
> what's with that? I can run both "halt" and "poweroff" from any user
> logged into the console. Maybe it's just a redhat thing, though.

perhaps his user hes running the frontend from doesn't belong to the
appropriate group.... (shutdown group?)

_______________________________________________
mythtv-users mailing list
mythtv-users@snowman.net
http://lists.snowman.net/cgi-bin/mailman/listinfo/mythtv-users

On Fri, 18 Jul 2003, John Klimek wrote:

> Now I think I could type "su -c halt" to switch to root, then run halt, but
> it will still prompt me for a password.

Just setuid the halt process as root.

chown root.root halt
chmod 4711 halt

Or use sudo, or set up some passwordless ssh keys (probably a bad idea coz
that really does mean unauthenticated root shell access)

--

- Steve http://www.nexusuk.org/

"..Learning that we're only immortal for a limited time.." - Dreamline, Rush
*** Presented in DoubleVision (Where Drunk) - Futurama ***


_______________________________________________
mythtv-users mailing list
mythtv-users@snowman.net
http://lists.snowman.net/cgi-bin/mailman/listinfo/mythtv-users

I don't know what distribution you're using but I believe by there are
to rules for running halt. If you are logged in on the machine
physically, you are able to run halt/reboot no matter who you are. But it you
ssh into the box, you have to su to do both of the command.


-Leo

On Fri, Jul 18, 2003 at 12:10:21PM -0400, John Klimek wrote:
> Is there any semi-secure way to SU to root?
>
> I'm running mythfrontend on my X-Box and when the frontend exits it runs
> "halt" to shut off the x-box. However, halt must be run as root and my
> x-box logs in as a different user by default.
>
> Now I think I could type "su -c halt" to switch to root, then run halt, but
> it will still prompt me for a password.
>
> How could I have it automatically type in a password?
>
> Also, is my syntax right for switching to root then running halt? I want my
> xbox to shutdown when I exit mythtv (using the option in the mythfrontend
> settings).
>
> _______________________________________________
> mythtv-users mailing list
> mythtv-users@snowman.net
> http://lists.snowman.net/cgi-bin/mailman/listinfo/mythtv-users

--
Leo Laksmana - BeOL
mailto:beol@laksmana.net
http://www.laksmana.net/
_______________________________________________
mythtv-users mailing list
mythtv-users@snowman.net
http://lists.snowman.net/cgi-bin/mailman/listinfo/mythtv-users

Leo Laksmana wrote:
> > Also, is my syntax right for switching to root then running halt?I want
my
> > xbox to shutdown when I exit mythtv (using the option in the
mythfrontend
> > settings).
> I don't know what distribution you're using but I believe by there are
> to rules for running halt. If you are logged in on the machine
> physically, you are able to run halt/reboot no matter who you are. But it
> you ssh into the box, you have to su to do both of the command.

What about configuring sudo?

Kenneth.

_______________________________________________
mythtv-users mailing list
mythtv-users@snowman.net
http://lists.snowman.net/cgi-bin/mailman/listinfo/mythtv-users