I had a server that had a lot of users on it, its operating system was cloudlinux and had cpanel!
This server is used for Python projects and had bin/bash!!! access
Suddenly the command rm -rf * was typed on the server and all the data was deleted !!!
We quickly uploaded the backups and hacked the possibility and restricted ssh access to the root server!
But the next night we were hacked again, this time with the monitoring we had at whm! , we noticed that someone enters whm and quickly changes the password !!!
My question is whether users with access to bin/bash! can find the root password ???
We are now giving users access to JailShell in CPanel and full SSH access is closed. Do you have any idea how this happened?
Did you encounter a similar case?
Does bin/bash access allow the user to see the password?
Thank you for sharing your comments with us
It's difficult to obtain a Linux password, even with full access to the computer. That's because the passwords are stored in hashed form. Probably the only reliable way to get a password is to install a trick password change program, which does the change, but also sends the password somewhere else.
However, you don't need the password to get full access to a computer. There are several other ways in, and anyone who can access /bin/bash is likely to be able to test them and probably find one that works. Once they get full access, most intruders will install some other program that will let them in in the future, even if the original security hole is patched.
Once a machine is compromised, it's pretty important to burn it and start fresh. You can't trust it otherwise.
I set up a local Trac wiki using a conda env, where I installed all dependencies, except the system packages, which I installed in the system:
trac-admin . initenv
I entered the required infos like project name there.
Then I run the Trac standalone server.
tracd --port 8000 .
inside the directory, where I set up the wiki.
Since this is supposed to be a wiki, which I use locally myself and not for any multiuser setup, I don't need any authentication functionality. How can I deactivate any authentication or need for login for Trac?
I know that I don't have permissions, because I used the quick search field for a page, which could not exist and when the wiki showed no results, it didn't offer a create page button of any kind. According to the StartPage, this means I don't have permissions.
I couldn't find any enable/disable setting for this in the ./conf/trac.ini to do this. It would also be acceptable to find an easy way to create a user, as which I login to Trac, but all the guides from Trac documentation assume prior knowledge of some kind of configuration files and they don't explain those exactly. For example here. Where does that configuration file even go and what kind of syntax does this use? Not really helpful.
You are correct that you need to modify the permissions (authorization). The permissions are stored in the database rather than trac.ini. You need to grant permission using trac-admin utility. See TracPermissions.
trac-admin $env permission add anonymous WIKI_CREATE WIKI_MODIFY WIKI_DELETE WIKI_RENAME
For help, execute:
trac-admin $env permission help
If you wish to setup authentication, see TracStandalone: UsingAuthentication.
Seems like the current svn repo is locked. When I do svn up svn just stays there as if its hanged or something and no option from there except to kill it. Would help looking at the logs to see what's going on.
So where does SVN store it's logs and how to find where their location is configured?
Update 1: Found from the answer to a similar question that the logs are at /var/log/httpd but only root has access to that folder.
Is there an alternative to update the location of logs to go to a more accessible location?
If I have permission to use svn should hopefully have access to svn logs or atleast via .htaccess redirect for my folder to somewhere else.
Thanks.
I think you may find it at /var/log/httpd
Is there an alternative to update the location of logs to go to a more
accessible location?
No I dont think you can do that. You can perhaps create a seperate log file.
Check this:-
By activating an “operational logging” feature, you can ask
mod_dav_svn to create a separate log file describing what sort of
high-level operations your clients are performing.
I think i did some nasty crap today...
I deleted the user (admin root) in phpmyadmin (XAMPP)
now I can't create new users.
Any idea how to fix, or should I just try re-install the hole XAMPP packet :-/
I use Leopard iMac.
/Willy
There is a method for resetting permissions in the MySQL manual. It deals with resetting the root password rather than recreating the root account, however I think you should be able to modify the method to re-insert the root account without any trouble.
Following the steps listed there (either method), if you change step 3 to insert a new account (fields might vary, this worked for my particular install):
INSERT INTO user VALUES('localhost','root',PASSWORD('some_pass'),'Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y');
FLUSH PRIVILEGES;
You should be able to take it from there and get the permissions back up to snuff.
I'd like to know how to get Subversion to change the name that my changes appear under.
I'm just starting to use Subversion. I'm currently using it to version control code on an XP laptop where I'm always logged in under my wife's name. I'd like the subversion DB to show the changes under my name.
Later on I'll replicate the DB so it is accessible to the whole house. My wife uses the office computer where she is always logged in under my name. I'll probably set it up so that it automatically checks in modified documents... preferably under her name.
Eventually I'll probably be using it from a linux machine under another username.
Is there some way to modify the user environment to change the user name that Subversion calls you? I'd expect something like setting SVN_USERNAME='Mark' which would override however it usually gets the name.
Update: It looks like the --username flag that Michael referred to does work to change the name reported by "svn stat", even for local file: repositories. In addition, it is sticky so you don't need to specify it for the next command. I even rebooted and it still used the "--username" value from my previous boot.
Most Subversion commands take the --username option to specify the username you want to use to the repository. Subversion remembers the last repository username and password used in each working copy, which means, among other things, that if you use svn checkout --username myuser you never need to specify the username again.
As Kamil Kisiel says, when Subversion is accessing the repository directly off the file system (that is, the repository URL is of form file:///path/to/repo or file://file-server/path/to/repo), it uses your file system permissions to access the repository. And when you connect via SSH tunneling (svn+ssh://server/path/to/repo), SVN uses your FS permissions on the server, as determined by your SSH login. In those cases, svn checkout --username may not work for your repository.
For svn over ssh try:
svn list svn+ssh://[user_name]#server_name/path_to_repo
svn will prompt you for the user_name's password.
You can setup a default username via ~/.subversion/servers:
[groups]
yourgroupname = svn.example.com
[yourgroupname]
username = yourusername
Please be aware that older versions of svn do not support it (e.g. 1.3.1 [sic!]).
"svn co --username=yourUserName --password=yourpassword http://path-to-your-svn"
Worked for me when on another user account. You will be prompted to enter username/password again though. You need to login like the above once and you are all set for the subsequent times(Unless you restart your machine).
If you need to specify a username other than your logged in user for use with svn+ssh just add an entry to your .ssh/config file:
Host example.com
User jdoe
Subversion usually asks me for my "Subversion username" if it fails using my logged in username. So, when I am lazy (usually) I'll just let it ask me for my password and I'll hit enter, and wait for the username prompt and use my Subversion username.
Otherwise, Michael's solution is a good way to specify the username right off.
Most of the answers seem to be for svn+ssh, or don't seem to work for us.
For http access, the easiest way to log out an SVN user from the command line is:
rm ~/.subversion/auth/svn.simple/*
Hat tip: http://www.yolinux.com/TUTORIALS/Subversion.html
Using Subversion with either the Apache module or svnserve. I've been able to perform operations as multiple users using --username.
Each time you invoke a Subversion command as a 'new' user, your $HOME/.subversion/auth/<authentication-method>/ directory will have a new entry cached for that user (assuming you are able to authenticate with the correct password or authentication method for the server you are contacting as that particular user).
I believe if you use the file:// method to access your subversion repository, your changes are always performed under the user which accesses the repository. You need to use a method that supports authentication such as http:// or svn://.
See http://svnbook.red-bean.com/en/1.5/svn-book.html#svn.serverconfig.choosing
If you are using svn+ssh to connect to the repository then the only thing that authenticates you and authorizes you is your ssh credentials. EVERYTHING else is ignored. Your username will be logged in subversion exactly as it is established in your ssh connection. An excellent explanation of this is at jimmyg.org/blog/2007/subversion-over-svnssh-on-debian.html
Go to ~/.subversion/auth/svn.simple/*, and you will see a list of files that contains the information about your svn user account. Just delete all others that you don't need.
After that, when you do anything that regards to SVN operation, such as commit, rm, etc,. You will be prompt again to enter username or passwords.
TortoiseSVN always prompts for username. (unless you tell it not to)
I believe you can set the SVN_USER environment variable to change your SVN username.