When using sudo with redirection, I get 'permission denied'

1

I have a problem with redirecting USB devices in virt-manager.

It worked some time ago without any hassle but now when I try to redirect usb printer or any other device I get following error message:

spice-client-error-quark: Could not redirect Samsung Electronics Co., Ltd. ML-2160 Series [04e8:330f] at 1-3: Could not open usb device: Access denied (insufficient permissions) [-3] (0)

It says I have insufficient permissions but I haven't changed anything in perms since I installed virt-manager, libvirtd and qemu. I run my guests as nobody:kvm (default config). I'm asked about my user's password when starting virt-manager.

It looks like some recent (about two weeks period) updated messed up with usb redirection or I'm missing some configuration.

$ pacman -Q libvirt qemu virt-manager spice systemd libvirt 1.3.2-3 qemu 2.5.0-1 virt-manager 1.3.2-3 spice 0.12.6-2 systemd 229-3

Last edited by mmarzantowicz (2016-03-14...

0 0
2

Starting Couchdb Using Rc.d Script in Couchdb-user

sudo /usr/local/etc/rc.d/couchdb start Starting database server couchdb Apache CouchDB needs write permission on the PID file: /usr/local/var/run/couchdb.pid Error with database server: couchdb What user should own /usr/local/var/run/couchdb.pid i tried couchdb user that doesnt work thanks a lot...

Starting Mysql Through Sudo in Mysql-general

Hi, What binaries & directory premissions are required to enable in sudo to start mysql Instance through sudo. Thanks, How low will we go? Check out Yahoo! Messenger’s low PC-to-Phone call rates....

Permission Denied While Kinit in Hue-user

Hi, I'm trying setup hue and making it run as a custom user (and not hue). Also kerberos is enabled on the hadoop-cluster. Now when I try to run: sudo /etc/init.d/hue start, it throws an error in renew_from_kt() saying permission denied to kinit.В В However when I run it as sudo -u user /etc/init.d/hue start it works fine. Note in...
0 0
3

root# rm /etc/sudoers*
root# visudo

Just put in a comment or something (# this is a comment) and save.

Negative, same error. Also, deleting it altogether and running sudo returns the expected results (something like "can't find sudoers file").

What are the permissions on /etc? Specifically, are the search (execute) bits on?

Normal as far as I can tell:

drwxr-xr-x 97 root root 12288 Mar 28 11:33 /etc

It's probably SELinux.

Already disabled and rebooted. I'm willing to entertain the idea of turning it back on into permissive mode, or uninstalling it (if that's even possible). getenforce returns Disabled.

N.B."Programs that use the setuid bit do not have effective user ID privileges while being traced" so the test you did as a non-root user isn't meaningful.

Similar results running "strace sudo" as root:

open("/etc/sudoers", O_RDONLY|O_LARGEFILE) = -1 EACCES (Permission denied)
setresuid32(-1, 0, -1) ...

0 0
4

The ancient serial port which is no longer found on the latest motherboards and even the not so latest laptops is still used for connecting to the console of networking devices, headless computers and a lot other applications. On computers which do not have built-in serial ports USB-to-Serial adapters can be used. Linux identifies inbuilt serial ports as /dev/ttyS0, /dev/ttyS1,….. /dev/ttySn and USB-to-Serial adapters as /dev/ttyUSB0, …. /dev/ttyUSBn and they can be accessed using terminal emulator applications like PuTTY, minicom and screen.

Normally when the serial console is accessed using the terminal emulator of your choice as a non-root user you’ll get a “permission denied” error. Using PuTTY on Ubuntu I got the following error – “Unable to open connection to: Unable to open serial port“.

This is because the device file of the serial port does not have permissions to allow to currently logged in user to “read” or “write” to the serial device. The following...

0 0
5

---January 13, 2005

You mignt want to have a look at what "Tidy for FreeBSD" has done to the title of the page, though, 'cos it don't look too tidy, to me!

---January 28, 2005

My fault.. been doing a lot of cleaning up with tidy, but apparently a little too quick and didn't check the errors closely enough.

--TonyLawrence

Fri Mar 25 05:07:33 2005: 233 anonymous

I find this article to be very useful as i always used to think whether is the principle sudo possible and now it became possible ...:). It wud be better if the Security part regarding environmental variables part is more elaborated.... Anyway, thanks for the article as it was useful for me, beginner...

Tue Mar 29 02:39:07 2005: 241 anonymous

Is it possible to specify the list of commands that are not allowed.

Tue Mar 29 10:02:16 2005: 243 TonyLawrence


Yes, it's POSSIBLE to say "these are the commands that you can't run", but it's not a good idea...

0 0
6

Clarifying a bit on why the tee option is preferable

Assuming you have appropriate permission to execute the command that creates the output, if you pipe the output of your command to tee, you only need to elevate tee's privledges with sudo and direct tee to write (or append) to the file in question.

in the example given in the question that would mean:

ls -hal /root/ | sudo tee /root/test.out

for a couple more practical examples:

# kill off one source of annoying advertisements echo 127.0.0.1 ad.doubleclick.net | sudo tee -a /etc/hosts # configure eth4 to come up on boot, set IP and netmask (centos 6.4) echo -e "ONBOOT=\"YES\"\nIPADDR=10.42.84.168\nPREFIX=24" | sudo tee -a /etc/sysconfig/network-scripts/ifcfg-eth4

In each of these examples you are taking the output of a non-privileged command and writing to a file that is usually only writable by root, which is the origin of your question.

It is a good idea to do it this way because the command...

0 0
7

Use:

find . 2>/dev/null > files_and_folders

This hides not just the permission denied errors, of course, but all error messages.

If you really want to keep other possible errors, such as too many hops on a symlink, but not the permission denied ones, then you'd probably have to take a flying guess that you don't have many files called 'permission denied' and try:

find . 2>&1 | grep -v 'permission denied' > files_and_folders

If you strictly want to filter just standard error, you can use the more elaborate construction:

find . 2>&1 > files_and_folders | grep -v 'permission denied' >&2

The I/O redirection on the find command is: 2>&1 > files_and_folders |. The pipe redirects standard output to the grep command and is applied first. The 2>&1 sends standard error to the same place as standard output (the pipe). The > files_and_folders sends standard output (but not standard error) to a file. The net result is that messages written to standard error are sent...

0 0
8

Much to my great frustration, nowhere, could I really find a complete and concise method of installing the full node stack that did not involve using sudo or some drawn out tedious, solution (and neither the official node site or stackexchange helped here)....

As well, all of the sites I visited said that npm was included with the nodejs module yet the nodejs version existing in the default Ubuntu repository did not seem to have it.
I came across the nvm module that sounded interesting as it gives you the ability to easily install and switch node.js versions (among other features).

To save others similar frustrations, I thought I would sketch out the steps I took to install the nodejs stack onto Ubuntu 12.04, "Precise" (elementary):

Also, since nvm uses the name "node" instead of "nodejs", make sure that the unrelated program also named "node" -- the Amateur Packet Radio -- does not already exist on your system.

sudo apt-get install git...

0 0
9

Using sudo command, an user can execute root only commands.

In this article, let us review how to setup sudo environment along with some sudo command examples, tips, and tricks.

1. Set up sudo Environment in /etc/sudoers

You can provide sudo privilege to an individual user or a group by modifying /etc/sudoers.

sudo access to an user

To provide sudo access to an individual user, add the following line to the /etc/sudoers file.

sathiya ALL=(ALL) ALL

In the above example:

sathiya : name of user to be allowed to use sudo ALL : Allow sudo access from any terminal ( any machine ). (ALL) : Allow sudo command to be executed as any user. ALL : Allow all commands to be executed.

sudo access to a group

To provide sudo access to a group, add the following line to the /etc/sudoers file.

%programmers ALL=(ALL) ALL

In the above example:

programmers : name of group to be allowed to use sudo. Group...
0 0
10
Sudoer File Examples

Softpanorama main > Access Control in Operating Systems

Sudo provides a well documented sudoers file that is the first and pretty education example:

# Sample /etc/sudoers file. # # This file MUST be edited with the 'visudo' command as root. # # See the sudoers man page for the details on how to write a sudoers file. # ## # User alias specification ## User_Alias FULLTIMERS = millert, mikef, dowdy User_Alias PARTTIMERS = bostley, jwfox, crawl User_Alias WEBMASTERS = will, wendy, wim ## # Runas alias specification ## Runas_Alias OP = root, operator Runas_Alias DB = oracle, sybase ## # Host alias specification ## Host_Alias SPARC = bigtime, eclipse, moet, anchor:\ SGI = grolsch, dandelion, black:\ ALPHA = widget, thalamus, foobar:\ HPPA = boa, nag, python Host_Alias CUNETS = 128.138.0.0/255.255.0.0 Host_Alias CSNETS = 128.138.243.0, 128.138.204.0/24, 128.138.242.0 Host_Alias SERVERS = master, mail, www, ns Host_Alias CDROM = orion, perseus,...
0 0