problem using sudo on nis environment
donald.ritchey at exeloncorp.com
donald.ritchey at exeloncorp.com
Thu Jul 24 15:39:26 EDT 2003
Check your settings on the /etc/exports file for NFS. The default setting
of most NFS servers is to map the root user ID to 'nobody:nogroup' on the
client to prevent remote attacks on the server through the client's access
to shared file systems. In this case, even though you are root on the
client, the access given by the NFS server to the underlying file system is
that of an unprivileged user, so root on the client cannot access files on
the shared file system that are protected by permission settings.
You choices are:
1. To selectively enable root access on a per-client basis by
adding
"-root=client1,client2,..." to the export lines at issue.
2. Globally enable root access to all clients with '-root=0'.
3. Figure out a different access method to do what you want to do.
Note that choices 1 or 2 have distinct security risks associated with them.
Be careful with how you implement any remote root access strategies, since
these can now become avenues for attack for a remote assault on your NFS
file server.
Good luck,
Don
Donald L. (Don) Ritchey
E-mail: Donald.Ritchey at exeloncorp.com
-----Original Message-----
From: Sarkar, Anirban [mailto:ASarkar at jamdat.com]
Sent: Thursday, July 24, 2003 1:33 PM
To: 'sudo-users at sudo.ws.'
Subject: problem using sudo on nis environment
I have a NIS environment with a linux 7.3 as the NIS master and solaris 5.8
as the client, all the functionality in NIS works properly.I'm also rinning
nfs to automount the home directories of the users from the NIS master, when
the user logs on to the client.
I want to give sudo rights to some users on the client machine, when I add a
user on the sudoers, they can run the sudo command but it gives the
following error :
shell-init: could not get current directory: getcwd: cannot access parent
directories: Permission denied
bash: /home/dev121/.bashrc: Permission denied
At this point the user has uid=0 gid=1(other).
Basically the user has no access to his home directory once he becomes root.
Can anyone please give me a solution to this, I have spent a lot of time
finding the solution of this problem on the net, but no luck yet.
-sarkar.
____________________________________________________________
sudo-users mailing list <sudo-users at sudo.ws>
For list information, options, or to unsubscribe, visit:
http://www.sudo.ws/mailman/listinfo/sudo-users
************************************************************************
This e-mail and any of its attachments may contain Exelon Corporation
proprietary information, which is privileged, confidential, or subject
to copyright belonging to the Exelon Corporation family of Companies.
This e-mail is intended solely for the use of the individual or entity
to which it is addressed. If you are not the intended recipient of this
e-mail, you are hereby notified that any dissemination, distribution,
copying, or action taken in relation to the contents of and attachments
to this e-mail is strictly prohibited and may be unlawful. If you have
received this e-mail in error, please notify the sender immediately and
permanently delete the original and any copy of this e-mail and any
printout. Thank You.
************************************************************************
More information about the sudo-users
mailing list