Setup a user account locked down via /etc/sudoers to allow a third party to run some queries. When the netstat command is run with the -p option it gives the following error:
[QUOTE]# netstat -atupn | grep “333” (No info could be read for “-p”: geteuid()=1031 but you should be root.)
tcp 0 0 10.248.1.201:524 10.34.105.71:3330 ESTABLISHED -
tcp 0 0 10.248.1.201:524 10.82.10.172:50333 ESTABLISHED -
tcp 0 0 10.248.1.201:524 10.82.30.42:33340 ESTABLISHED -
tcp 0 0 10.248.1.201:524 10.82.30.42:33339 ESTABLISHED -
tcp 0 0 10.248.1.201:33314 10.248.1.202:524 ESTABLISHED -
tcp 0 0 10.248.1.201:524 172.22.44.176:3332 ESTABLISHED -[/QUOTE]
The output looks the same as when I run the command as root - which means this I don’t need to worry about this right?
Setup a user account locked down via /etc/sudoers to allow a third party
I do not see ‘sudo’ in the command below. How is it being used exactly?
If the prompt is any indication this account is not “locked down” at all.
[color=blue]
to run some queries. When the netstat command is run with the -p option
it gives the following error:
[color=green]
netstat -atupn | grep “333”
(NO INFO COULD BE READ FOR "-P": GETEUID()=1031 BUT YOU SHOULD BE
ROOT.)
tcp 0 0 10.248.1.201:524 10.34.105.71:3330
ESTABLISHED -
tcp 0 0 10.248.1.201:524 10.82.10.172:50333
ESTABLISHED -
tcp 0 0 10.248.1.201:524 10.82.30.42:33340
ESTABLISHED -
tcp 0 0 10.248.1.201:524 10.82.30.42:33339
ESTABLISHED -
tcp 0 0 10.248.1.201:33314 10.248.1.202:524
ESTABLISHED -
tcp 0 0 10.248.1.201:524 172.22.44.176:3332
ESTABLISHED -[/color][/color]
This is not showing the process as it should. The output may be the same
but I believe that is because on earlier SLES 10 versions netstat (or
something it uses) was broken so that processes never showed up. That
last ‘-’ should be replaced with a PID and process name like below:
Code:
tcp 0 0 192.168.1.90:52601 192.168.1.29:636
ESTABLISHED 4011/namcd
Since you are getting the error that you are, my guess is that your
process is not truly running as ‘root’ which means your prompt is broken
(assuming copied/pasted) which doesn’t matter since prompts are
customizable. You may want to try adding ‘sudo’ before the command and,
if that doesn’t fix it, patch SLES 10 to the latest version. If you are
on SLES 11 then that better-confirms that your user is not truly
privileged despite its prompt looking like root’s.
My bad - I removed the identifying info ie username@servername.
You put me on the right track anyway - thanks.
I had the wrong end of the stick re /etc/sudoers - thinking that users configured therein ran the specified commands as sudo :p. Added sudo to the script and also added username ALL=[B]NOPASSWD:[/B] /bin/netstat to the line in /etc/sudoers and it works.