Allow or deny access

Allow or Restrict sudo access to Users in linux

On collaborative work, you would give access to others who would be helping you out on the code or system admin stuff.

The question would be, how limited can you go with granting access to the users?

The first thing would be adding the user to the sudoers list, lets say you have created a new user named tom and you want to grant sudo access to this user

You can edit the sudoers file with whatever editor you are using. But the most recommended way would be using visudo


sudo visudo 

Grant all the access to user

If you want to give the world access to the user, then add the following line and save the file


tom ALL=(ALL) ALL

tom is the user you want to grant permissions and the first ALL is for the host and the ALL in the bracket is referring to other accounts the user sudouser can act as and the final ALL would be for list of commands – in this case tom has every access provided.

Grant only some commands

Lets say you want to give tom an access of copy and renaming a file


tom ALL=/bin/cp,/bin/mv

The above command would tell the system the user tom has access to cp and mv only. You might need to check the correct binary to cp and mv using which command. That is which cp would tell you the right path to the binary of the cp.

Allow the user everything but installing new softwares using apt-get

Ok, so you might want to give every access to the user but you want to limit installing new softwares using apt-get


tom ALL=ALL,!/usr/bin/apt-get

Here tom can do everything but not apt-get. If you add the ! in front of the command, it means don’t allow.

So using the combinations of the above you can reach the level where you can grant and deny any command for the user of interest

Screen Shot 2016-04-10 at 7.49.57 PM

install composer and make it globally accessible

Unless you have been living under rocks, you have heard about composer already. It is a dependency manager and more than that actually. If your PHP app is using a lot of dependencies, then it is time to consult composer.

Here I will put some notes on how to install it and make it available globally so that you can use it from any directory.

First thing first, go and grab the phar file from composer download page

It would be a single phar file and u can use that as it is:

composer.phar install

Of course you would need the composer.json file for the above to work where you would list the dependencies.

But, this would require you to call the phar from where you downloaded and that might not be handy

cd /to/composer/phar/file
sudo mv composer.phar /usr/local/bin/composer

Now, you can call composer from any directory and rock from there
get more @ get composer
That is how you install composer on linux/mac computer and make it globally accessible with in

Failed to Retrieve Share List from Server when connecting unix

I was getting the Failed to Retrieve Share List from Server when I was trying to move files from my mac to mint 13 pc.

I am trying using the existing samba protocol.

Here is how I fixed it.
I just added the ip address of the mac on my hosts file

sudo vi /etc/hosts

this will bring the hosts file. Then add the ip address and the host name of the computer you are trying to communicate.

Say the ip address of the computer you are trying to connect is 192.168.2.5

192.168.2.5 hostname

Then reboot your *nix

sudo reboot

flush memcache contents from command line

We all love caching right? We have a bunch of ’em these days: query cache, file cache, page cache..
Ok, memcache.. what if you quickly wanted to flush all the contents of it on the server, just use this:

echo "flush_all" | nc  

An example for local memcache could be:

echo "flush_all" | nc localhost 11211

you would see “OK” on the command prompt after successful clearing of the cache.
happy memcaching! :)

Segmenation fault – core dump error assembly 32bit code on 64bit machine

I have a shiny 64 bit dell machine that tops ubuntu on it.
I working working on some other machine a bit of assemly code and I didn’t have a problem.
But when I run the same code my 64 machine i was getting the a segmentation falut error. Not surprising actually.
here is what I have done to resolve it:

1. Don’t forget to add .code32 at the beginning of your assembly file. [ talking about x86 architecture ]
2. Have the gcc multilib on your machine

sudo apt-get install gcc-4.7-multilib

3. When assembling and linking your file use

gcc -m32 -nostartfiles -o executablename filename.s

Change your executablename and filename.s accordingly

wireless not working on ubuntu 12.04 on dell inspiron

I have a dual boot on my dell inspiron 15. I had an issue with the wireless driver.
Here are the steps I followed to fix it.
Temporary fix
1. go to software resources, you can get it using dash home which is the first icon of the ones listed on the left and type software sources.
2. then select additional drivers menu and select “using broadcom..”

This will fix the problem temporarily but, when you restart the machine you would have to do it again..

Fix.
1. Go to ubuntu software center, you can get it the same way I mentioned on the first part except you would search for “software center” or you can pick it from the unity menu
2. inside the software center, go to the search text box and enter “b43”
3. uninstall/remove the firmware-b43-installer
4. install b43-fwcutter and firmware-b43-lpphy-installer
5. reboot your computer and wireless should show the :) face..

SSH without password not working: mac to ubuntu

if you are doing a lot of server activities, then you are a friend of SSH.
One thing we would do would be to make ssh password-less..
I am trying to log into ubuntu server from mac client. here is the process.

on the MAC,
1. Make sure you have ssh installed. You can check using

which ssh or
ssh -v : this will tell the version

If for some reason it is not installed or if you want to upgrade it, you can install it using mac port – this would be another discussion but the overall stuff would be

$ sudo port -d selfupdate
$ sudo port install openssh

2. Now, create public/private keys using the following command

ssh-keygen -t rsa

you will find these keys in the ~/.ssh folder
This would be much you would do on the client side

On the server (ubuntu server)
1. Create the user on the server using adduser command. Let’s create user macuser

adduser macuser

then follow the instruction to create the user.
2. Go to /etc/ssh/ and update the sshd_config file
Most of the settings of this file would be responsible for the famous problem of asking the password all the time..
3. in the sshd_config file update the following:

StrictModes no
RSAAuthentication yes
PubkeyAuthentication yes
PasswordAuthentication yes

AuthorizedKeysFile      %h/.ssh/authorized_keys

After this restart the ssh using

sudo service ssh restart

Now go back to the mac client and copy the public keys to the server as follows

ssh-copy-id macuser@ubuntuServerOrIP-goes-here

here you will be asked for your password. Give the password you assigned while creating the user on the server.

Then log into the server using

ssh macuser@ubuntuServerOrIP-goes-here

if it is still asking for the password check the following

1. on the ubuntu server go to the ~/.ssh/authorized_keys and see if the public key of mac is registered
2. Check the folder’s permission level is 700 and that of autorized_keys is 600
3. Check the above setting of sshd_config file are saved and restart the ssh on the server

You will have to enable the component called ‘universe’

Got this message while using apt-get install on ubuntu?

if so, here is how to get away with it,

go to System->administration->Software Sources
And the first tab you would see would be then check on the community maintained opensource (universe)


That would take of it.