Find the answer to your Linux question:
Results 1 to 3 of 3
Like Tree1Likes
  • 1 Post By cnamejj
Hello, I have read all the basics about user privileges, but in my situation I am quite unsure how to apply my half knowledge. The situation is as follows: Multiple ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Oct 2012
    Posts
    29

    Setting user privileges


    Hello,
    I have read all the basics about user privileges, but in my situation I am quite unsure how to apply my half knowledge.

    The situation is as follows: Multiple users shall be able to execute a shell script on a central server in a LAN via rsh/ssh. This can also happen simultaneously. What I need in this case is one user account for all client users that is only used to execute the script on the server, but I don't know how to set the right privileges. Would it be sufficient to use a normal user account as "global server user" and give him execute privileges for the script and write and read privileges for some files that are used by this script? If I am wrong, please correct me.

  2. #2
    Linux Newbie
    Join Date
    Jun 2012
    Location
    SF Bay area
    Posts
    204
    I have two suggestions that might help.

    First, disable "rsh" and only use "ssh" since it's more secure and has lots more functionality.

    Second, you can setup ssh keys that are bound to a specific command. I do it do rarely that I need to look up the specific syntax each time, but let's leave that as a "tbd" for the moment. You could give each user their own ssh, with a password only they know, that allows them to use "ssh" to run the script in question on the central server. And since it's bound to that command only, they wouldn't have the ability to do anything else.

    You could also just make one key and let everyone use it. The tradeoff is that one key is simpler, but it's harder to add/remove people since everyone need to switch to the new key (or at least get a new password).
    pinhead likes this.

  3. #3
    Just Joined!
    Join Date
    Oct 2012
    Posts
    29
    Thanks. Well, in my case rsh might be a better choice, because it has less overhead than ssh. I want to use it to build some kind of primitive push service by calling a remote command via rsh/ssh which itself executes a kill command and thereby sends a signal to some other remote process that is running in the background. Of course, UDP would be much better in this case, but I don't know any shell command that makes use of UDP. The clients in the network just need to send a small "nudge" to the server. rsh/ssh are session based. Can I influence, how long this session will be kept alive after remote command execution? Maybe I need to configure that in some xinetd config file?

  4. $spacer_open
    $spacer_close

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •