| 1 |
DENIED
|
ROLE_USER
|
null |
|
Show voter details
|
| 2 |
DENIED
|
moderate
|
Proxies\__CG__\App\Entity\Post {#1464
+user: App\Entity\User {#264 …}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+image: null
+slug: "Run-command-as-not-root-Hi-everyone-At-work-I-have"
+body: """
Run command as not-root\n
\n
Hi everyone\n
\n
At work, I have to run a command in an AWS instance. In that particular instance only exists the root user. The command should not be executed with root privileges (it executes mpirun, which is not recommended to run as sudo or the machine might break), so I was wondering if there is a way to block or disable the sudo privileges while the command is running. As mentioned, the only user existing there is root, so I suppose "sudo -u" is not an option.\n
\n
Does anyone know how to do it? Thanks in advance!\n
\n
@linux@lemmy.ml
"""
+lang: "en"
+commentCount: 30
+favouriteCount: 36
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1699069034 {#2916
date: 2023-11-04 04:37:14.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
]
+comments: Doctrine\ORM\PersistentCollection {#2917 …}
+votes: Doctrine\ORM\PersistentCollection {#2926 …}
+reports: Doctrine\ORM\PersistentCollection {#2928 …}
+favourites: Doctrine\ORM\PersistentCollection {#2960 …}
+notifications: Doctrine\ORM\PersistentCollection {#2956 …}
+children: [
App\Entity\PostComment {#1422
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1690 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1698 …}
+image: null
+body: """
@elscallr@lemmy.world I agree about the instance configuration, fixing that is the real solution \n
My question was not about running something as another user, but about hiding the superadmin privileges from a single command I'd execute without switching users. However it is clear that something like that doesn't exist so I'll do the right thing and set everything to work with a new user
"""
+lang: "en"
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1699022526 {#1785
date: 2023-11-03 15:42:06.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@astray@lemm.ee"
"@elscallr@lemmy.world"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1709 …}
+nested: Doctrine\ORM\PersistentCollection {#1458 …}
+votes: Doctrine\ORM\PersistentCollection {#1428 …}
+reports: Doctrine\ORM\PersistentCollection {#1765 …}
+favourites: Doctrine\ORM\PersistentCollection {#1584 …}
+notifications: Doctrine\ORM\PersistentCollection {#1583 …}
-id: 635
-bodyTs: "'agre':3 'anoth':22 'clear':43 'command':33 'configur':7 'd':35 'doesn':48 'elscallr@lemmy.world':1 'everyth':60 'execut':36 'exist':50 'fix':8 'hide':26 'howev':40 'instanc':6 'like':46 'll':53 'new':65 'privileg':29 'question':15 'real':12 'right':56 'run':19 'set':59 'singl':32 'solut':13 'someth':20,45 'superadmin':28 'switch':38 'thing':57 'user':23,39,66 'without':37 'work':62"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111347140288436938"
+editedAt: null
+createdAt: DateTimeImmutable @1699022526 {#1413
date: 2023-11-03 15:42:06.0 +01:00
}
}
App\Entity\PostComment {#1549
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1576 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1586 …}
+image: null
+body: "@ursakhiin@beehaw.org honestly, I didn't even know an aws instance could be a docker image. Everything I did was creating the instance normally so I assumed it was just a regular vm. But already double checked and it is not a docker image, so no problem there 🙂"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1699021862 {#1447
date: 2023-11-03 15:31:02.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@ursakhiin@beehaw.org"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1573 …}
+nested: Doctrine\ORM\PersistentCollection {#1568 …}
+votes: Doctrine\ORM\PersistentCollection {#1528 …}
+reports: Doctrine\ORM\PersistentCollection {#1561 …}
+favourites: Doctrine\ORM\PersistentCollection {#1567 …}
+notifications: Doctrine\ORM\PersistentCollection {#1559 …}
-id: 633
-bodyTs: "'alreadi':34 'assum':26 'aw':9 'check':36 'could':11 'creat':20 'didn':4 'docker':14,42 'doubl':35 'even':6 'everyth':16 'honest':2 'imag':15,43 'instanc':10,22 'know':7 'normal':23 'problem':46 'regular':31 'ursakhiin@beehaw.org':1 'vm':32"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111347096751430470"
+editedAt: null
+createdAt: DateTimeImmutable @1699021862 {#1423
date: 2023-11-03 15:31:02.0 +01:00
}
}
App\Entity\PostComment {#1563
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1586 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1586 …}
+image: null
+body: "@ursakhiin@beehaw.org honestly, didn't consider it. Just checked and the "docker" command doesn't even exist so I assume that is not the case. Do you know if the is any other way I can be certain?"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1698980683 {#1551
date: 2023-11-03 04:04:43.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@ursakhiin@beehaw.org"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1562 …}
+nested: Doctrine\ORM\PersistentCollection {#1554 …}
+votes: Doctrine\ORM\PersistentCollection {#1556 …}
+reports: Doctrine\ORM\PersistentCollection {#1555 …}
+favourites: Doctrine\ORM\PersistentCollection {#1620 …}
+notifications: Doctrine\ORM\PersistentCollection {#1604 …}
-id: 629
-bodyTs: "'assum':19 'case':24 'certain':37 'check':8 'command':12 'consid':5 'didn':3 'docker':11 'doesn':13 'even':15 'exist':16 'honest':2 'know':27 'ursakhiin@beehaw.org':1 'way':33"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111344398050955313"
+editedAt: null
+createdAt: DateTimeImmutable @1698980683 {#1427
date: 2023-11-03 04:04:43.0 +01:00
}
}
App\Entity\PostComment {#1701
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1683 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1687
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: null
+root: null
+image: null
+body: """
Forgot to mention that creating a new user brings a lot of problems because of how that machine is configured and all the tools that would need to be added the new user's permission. In theory it would eventually work after some time working on it, but I'd like to know if there's a way to do it without creating users (or if it's impossible, so I can just go on with that only option) \n
@linux@lemmy.ml
"""
+lang: "en"
+favouriteCount: 4
+score: 0
+lastActive: DateTime @1698951882 {#1741
date: 2023-11-02 20:04:42.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#2457 …}
+nested: Doctrine\ORM\PersistentCollection {#2455 …}
+votes: Doctrine\ORM\PersistentCollection {#2468 …}
+reports: Doctrine\ORM\PersistentCollection {#2469 …}
+favourites: Doctrine\ORM\PersistentCollection {#2471 …}
+notifications: Doctrine\ORM\PersistentCollection {#2363 …}
-id: 608
-bodyTs: "'ad':30 'bring':9 'configur':20 'creat':5,63 'd':50 'eventu':40 'forgot':1 'go':74 'imposs':69 'know':53 'like':51 'linux@lemmy.ml':80 'lot':11 'machin':18 'mention':3 'need':27 'new':7,32 'option':79 'permiss':35 'problem':13 'theori':37 'time':44 'tool':24 'user':8,33,64 'way':58 'without':62 'work':41,45 'would':26,39"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342510555544223"
+editedAt: null
+createdAt: DateTimeImmutable @1698951882 {#1739
date: 2023-11-02 20:04:42.0 +01:00
}
+__isInitialized__: true
…2
}
+image: null
+body: """
@Oisteink@feddit.nl yep, that seems the right thing to do. Honestly, most of the real problem was lazyness to reconfigure everything, and that's why I published the question. But now I'm convinced that that's the only way lol \n
Thanks for the help!
"""
+lang: "en"
+favouriteCount: 2
+score: 0
+lastActive: DateTime @1698958797 {#1566
date: 2023-11-02 21:59:57.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@Oisteink@feddit.nl"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1680 …}
+nested: Doctrine\ORM\PersistentCollection {#1686 …}
+votes: Doctrine\ORM\PersistentCollection {#1692 …}
+reports: Doctrine\ORM\PersistentCollection {#1705 …}
+favourites: Doctrine\ORM\PersistentCollection {#1616 …}
+notifications: Doctrine\ORM\PersistentCollection {#1598 …}
-id: 620
-bodyTs: "'convinc':33 'everyth':20 'help':44 'honest':10 'lazy':17 'lol':40 'm':32 'oisteink@feddit.nl':1 'problem':15 'publish':26 'question':28 'real':14 'reconfigur':19 'right':6 'seem':4 'thank':41 'thing':7 'way':39 'yep':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342963738833873"
+editedAt: null
+createdAt: DateTimeImmutable @1698958797 {#1564
date: 2023-11-02 21:59:57.0 +01:00
}
}
App\Entity\PostComment {#1626
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1599 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1599 …}
+image: null
+body: """
@astraeus@programming.dev yep, completely agree on the security issues, that is a mistake that should be fixed. But for the moment I confirmed that root is the only user, and every file and program in the instance can only be used by root (I just created a new user and tried to run the command with su -c but got a lot of permission denials and command not found) \n
If I could hide or disable my own sudo permissions that would save me a lot of work, but I'm starting to think that something like that doesn't exist 🙁
"""
+lang: "en"
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1698954643 {#1702
date: 2023-11-02 20:50:43.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@astraeus@programming.dev"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1618 …}
+nested: Doctrine\ORM\PersistentCollection {#1597 …}
+votes: Doctrine\ORM\PersistentCollection {#1731 …}
+reports: Doctrine\ORM\PersistentCollection {#1723 …}
+favourites: Doctrine\ORM\PersistentCollection {#1721 …}
+notifications: Doctrine\ORM\PersistentCollection {#1728 …}
-id: 616
-bodyTs: "'agre':4 'astraeus@programming.dev':1 'c':57 'command':54,66 'complet':3 'confirm':22 'could':71 'creat':45 'denial':64 'disabl':74 'doesn':97 'everi':30 'exist':99 'file':31 'fix':16 'found':68 'got':59 'hide':72 'instanc':36 'issu':8 'like':95 'lot':61,84 'm':89 'mistak':12 'moment':20 'new':47 'permiss':63,78 'program':33 'root':24,42 'run':52 'save':81 'secur':7 'someth':94 'start':90 'su':56 'sudo':77 'think':92 'tri':50 'use':40 'user':28,48 'work':86 'would':80 'yep':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342691529612536"
+editedAt: null
+createdAt: DateTimeImmutable @1698954643 {#1619
date: 2023-11-02 20:50:43.0 +01:00
}
}
App\Entity\PostComment {#1734
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1732 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1687 …2}
+image: null
+body: "@Oisteink@feddit.nl in another comment (<https://social.vivaldi.net/users/nirogu/statuses/111342629815373353>) I explained why I'd prefer not to create another user, as it would require a lot of work to configure everything again for that command to work (it's a big process). I was thinking of hiding my sudo permissions from the program or something like that, if possible, because many things in the instance are only configured to be used with the root user, even if they don't require sudo. Anyway, I'm seeing that it might not be possible so creating a new user could be the only option 🙁"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1698954358 {#1628
date: 2023-11-02 20:45:58.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@Oisteink@feddit.nl"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1727 …}
+nested: Doctrine\ORM\PersistentCollection {#1733 …}
+votes: Doctrine\ORM\PersistentCollection {#1724 …}
+reports: Doctrine\ORM\PersistentCollection {#1715 …}
+favourites: Doctrine\ORM\PersistentCollection {#1718 …}
+notifications: Doctrine\ORM\PersistentCollection {#1716 …}
-id: 612
-bodyTs: "'/users/nirogu/statuses/111342629815373353':7 'anoth':3,17 'anyway':81 'big':39 'command':33 'comment':4 'configur':28,66 'could':96 'creat':16,92 'd':12 'even':74 'everyth':29 'explain':9 'hide':45 'instanc':63 'like':54 'lot':24 'm':83 'mani':59 'might':87 'new':94 'oisteink@feddit.nl':1 'option':100 'permiss':48 'possibl':57,90 'prefer':13 'process':40 'program':51 'requir':22,79 'root':72 'see':84 'social.vivaldi.net':6 'social.vivaldi.net/users/nirogu/statuses/111342629815373353':5 'someth':53 'sudo':47,80 'thing':60 'think':43 'use':69 'user':18,73,95 'work':26,35 'would':21"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342672818386955"
+editedAt: null
+createdAt: DateTimeImmutable @1698954358 {#1629
date: 2023-11-02 20:45:58.0 +01:00
}
}
App\Entity\PostComment {#1740
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1707 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1687 …2}
+image: null
+body: "@Rustmilian@lemmy.world yeah, already tried it. The problem is that all of the apps in the instance are only installed for the root user (e.g. python and all it's libraries. So, when I use su -c all I get is a lot of command not found messages that would take a lot to solve. Besides I expect a lot more problems when the command needs access to some files and some processes (like a sql database) that would require me to do a lot of stuff to grant permissions to the new user. That would eventually work but given the work it requires I thought that some kind of "anti sudo" command or something like that could exist so I can still be the root user but pretend I am not a superadmin"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1698953702 {#1737
date: 2023-11-02 20:35:02.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@Rustmilian@lemmy.world"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#2465 …}
+nested: Doctrine\ORM\PersistentCollection {#2463 …}
+votes: Doctrine\ORM\PersistentCollection {#2411 …}
+reports: Doctrine\ORM\PersistentCollection {#2422 …}
+favourites: Doctrine\ORM\PersistentCollection {#2458 …}
+notifications: Doctrine\ORM\PersistentCollection {#2456 …}
-id: 618
-bodyTs: "'access':66 'alreadi':3 'anti':110 'app':13 'besid':55 'c':36 'command':44,64,112 'could':117 'databas':76 'e.g':24 'eventu':96 'exist':118 'expect':57 'file':69 'found':46 'get':39 'given':99 'grant':88 'instal':19 'instanc':16 'kind':108 'librari':30 'like':73,115 'lot':42,52,59,84 'messag':47 'need':65 'new':92 'permiss':89 'pretend':128 'problem':7,61 'process':72 'python':25 'requir':79,103 'root':22,125 'rustmilian@lemmy.world':1 'solv':54 'someth':114 'sql':75 'still':122 'stuff':86 'su':35 'sudo':111 'superadmin':133 'take':50 'thought':105 'tri':4 'use':34 'user':23,93,126 'work':97,101 'would':49,78,95 'yeah':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342629815373353"
+editedAt: null
+createdAt: DateTimeImmutable @1698953702 {#1730
date: 2023-11-02 20:35:02.0 +01:00
}
}
Proxies\__CG__\App\Entity\PostComment {#1687 …2}
App\Entity\PostComment {#2359
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1698 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1698 …}
+image: null
+body: "@astray@lemm.ee yeah, that could be an option, but if more users exist in that machine then other processes might fail as that instance is part of a bigger cluster that has several processes running. It might not be a big deal, but checking that may still need some work. I'd prefer a way to do it without creating new users, if it exists"
+lang: "en"
+favouriteCount: 5
+score: 0
+lastActive: DateTime @1698951415 {#2452
date: 2023-11-02 19:56:55.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@astray@lemm.ee"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#2361 …}
+nested: Doctrine\ORM\PersistentCollection {#2372 …}
+votes: Doctrine\ORM\PersistentCollection {#2386 …}
+reports: Doctrine\ORM\PersistentCollection {#2385 …}
+favourites: Doctrine\ORM\PersistentCollection {#2378 …}
+notifications: Doctrine\ORM\PersistentCollection {#2381 …}
-id: 623
-bodyTs: "'astray@lemm.ee':1 'big':40 'bigger':28 'check':43 'cluster':29 'could':4 'creat':59 'd':51 'deal':41 'exist':12,64 'fail':20 'instanc':23 'machin':15 'may':45 'might':19,36 'need':47 'new':60 'option':7 'part':25 'prefer':52 'process':18,33 'run':34 'sever':32 'still':46 'user':11,61 'way':54 'without':58 'work':49 'yeah':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342479953246218"
+editedAt: null
+createdAt: DateTimeImmutable @1698951415 {#2453
date: 2023-11-02 19:56:55.0 +01:00
}
}
]
-id: 286
-bodyTs: "'advanc':103 'anyon':95 'aw':19 'block':65 'break':54 'command':2,16,31,73 'disabl':67 'everyon':8 'execut':35,40 'exist':26,81 'hi':7 'instanc':20,24 'know':96 'linux@lemmy.ml':104 'machin':52 'mention':77 'might':53 'mpirun':41 'not-root':4 'option':93 'particular':23 'privileg':38,70 'recommend':45 'root':6,28,37,84 'run':1,14,47,75 'sudo':49,69,88 'suppos':87 'thank':101 'u':89 'user':29,80 'way':63 'wonder':58 'work':10"
+upVotes: 0
+downVotes: 0
+ranking: 1699037071
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342431186356628"
+editedAt: null
+createdAt: DateTimeImmutable @1698950671 {#2915
date: 2023-11-02 19:44:31.0 +01:00
}
+__isInitialized__: true
…2
} |
|
Show voter details
|
| 3 |
DENIED
|
edit
|
Proxies\__CG__\App\Entity\Post {#1464
+user: App\Entity\User {#264 …}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+image: null
+slug: "Run-command-as-not-root-Hi-everyone-At-work-I-have"
+body: """
Run command as not-root\n
\n
Hi everyone\n
\n
At work, I have to run a command in an AWS instance. In that particular instance only exists the root user. The command should not be executed with root privileges (it executes mpirun, which is not recommended to run as sudo or the machine might break), so I was wondering if there is a way to block or disable the sudo privileges while the command is running. As mentioned, the only user existing there is root, so I suppose "sudo -u" is not an option.\n
\n
Does anyone know how to do it? Thanks in advance!\n
\n
@linux@lemmy.ml
"""
+lang: "en"
+commentCount: 30
+favouriteCount: 36
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1699069034 {#2916
date: 2023-11-04 04:37:14.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
]
+comments: Doctrine\ORM\PersistentCollection {#2917 …}
+votes: Doctrine\ORM\PersistentCollection {#2926 …}
+reports: Doctrine\ORM\PersistentCollection {#2928 …}
+favourites: Doctrine\ORM\PersistentCollection {#2960 …}
+notifications: Doctrine\ORM\PersistentCollection {#2956 …}
+children: [
App\Entity\PostComment {#1422
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1690 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1698 …}
+image: null
+body: """
@elscallr@lemmy.world I agree about the instance configuration, fixing that is the real solution \n
My question was not about running something as another user, but about hiding the superadmin privileges from a single command I'd execute without switching users. However it is clear that something like that doesn't exist so I'll do the right thing and set everything to work with a new user
"""
+lang: "en"
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1699022526 {#1785
date: 2023-11-03 15:42:06.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@astray@lemm.ee"
"@elscallr@lemmy.world"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1709 …}
+nested: Doctrine\ORM\PersistentCollection {#1458 …}
+votes: Doctrine\ORM\PersistentCollection {#1428 …}
+reports: Doctrine\ORM\PersistentCollection {#1765 …}
+favourites: Doctrine\ORM\PersistentCollection {#1584 …}
+notifications: Doctrine\ORM\PersistentCollection {#1583 …}
-id: 635
-bodyTs: "'agre':3 'anoth':22 'clear':43 'command':33 'configur':7 'd':35 'doesn':48 'elscallr@lemmy.world':1 'everyth':60 'execut':36 'exist':50 'fix':8 'hide':26 'howev':40 'instanc':6 'like':46 'll':53 'new':65 'privileg':29 'question':15 'real':12 'right':56 'run':19 'set':59 'singl':32 'solut':13 'someth':20,45 'superadmin':28 'switch':38 'thing':57 'user':23,39,66 'without':37 'work':62"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111347140288436938"
+editedAt: null
+createdAt: DateTimeImmutable @1699022526 {#1413
date: 2023-11-03 15:42:06.0 +01:00
}
}
App\Entity\PostComment {#1549
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1576 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1586 …}
+image: null
+body: "@ursakhiin@beehaw.org honestly, I didn't even know an aws instance could be a docker image. Everything I did was creating the instance normally so I assumed it was just a regular vm. But already double checked and it is not a docker image, so no problem there 🙂"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1699021862 {#1447
date: 2023-11-03 15:31:02.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@ursakhiin@beehaw.org"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1573 …}
+nested: Doctrine\ORM\PersistentCollection {#1568 …}
+votes: Doctrine\ORM\PersistentCollection {#1528 …}
+reports: Doctrine\ORM\PersistentCollection {#1561 …}
+favourites: Doctrine\ORM\PersistentCollection {#1567 …}
+notifications: Doctrine\ORM\PersistentCollection {#1559 …}
-id: 633
-bodyTs: "'alreadi':34 'assum':26 'aw':9 'check':36 'could':11 'creat':20 'didn':4 'docker':14,42 'doubl':35 'even':6 'everyth':16 'honest':2 'imag':15,43 'instanc':10,22 'know':7 'normal':23 'problem':46 'regular':31 'ursakhiin@beehaw.org':1 'vm':32"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111347096751430470"
+editedAt: null
+createdAt: DateTimeImmutable @1699021862 {#1423
date: 2023-11-03 15:31:02.0 +01:00
}
}
App\Entity\PostComment {#1563
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1586 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1586 …}
+image: null
+body: "@ursakhiin@beehaw.org honestly, didn't consider it. Just checked and the "docker" command doesn't even exist so I assume that is not the case. Do you know if the is any other way I can be certain?"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1698980683 {#1551
date: 2023-11-03 04:04:43.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@ursakhiin@beehaw.org"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1562 …}
+nested: Doctrine\ORM\PersistentCollection {#1554 …}
+votes: Doctrine\ORM\PersistentCollection {#1556 …}
+reports: Doctrine\ORM\PersistentCollection {#1555 …}
+favourites: Doctrine\ORM\PersistentCollection {#1620 …}
+notifications: Doctrine\ORM\PersistentCollection {#1604 …}
-id: 629
-bodyTs: "'assum':19 'case':24 'certain':37 'check':8 'command':12 'consid':5 'didn':3 'docker':11 'doesn':13 'even':15 'exist':16 'honest':2 'know':27 'ursakhiin@beehaw.org':1 'way':33"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111344398050955313"
+editedAt: null
+createdAt: DateTimeImmutable @1698980683 {#1427
date: 2023-11-03 04:04:43.0 +01:00
}
}
App\Entity\PostComment {#1701
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1683 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1687
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: null
+root: null
+image: null
+body: """
Forgot to mention that creating a new user brings a lot of problems because of how that machine is configured and all the tools that would need to be added the new user's permission. In theory it would eventually work after some time working on it, but I'd like to know if there's a way to do it without creating users (or if it's impossible, so I can just go on with that only option) \n
@linux@lemmy.ml
"""
+lang: "en"
+favouriteCount: 4
+score: 0
+lastActive: DateTime @1698951882 {#1741
date: 2023-11-02 20:04:42.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#2457 …}
+nested: Doctrine\ORM\PersistentCollection {#2455 …}
+votes: Doctrine\ORM\PersistentCollection {#2468 …}
+reports: Doctrine\ORM\PersistentCollection {#2469 …}
+favourites: Doctrine\ORM\PersistentCollection {#2471 …}
+notifications: Doctrine\ORM\PersistentCollection {#2363 …}
-id: 608
-bodyTs: "'ad':30 'bring':9 'configur':20 'creat':5,63 'd':50 'eventu':40 'forgot':1 'go':74 'imposs':69 'know':53 'like':51 'linux@lemmy.ml':80 'lot':11 'machin':18 'mention':3 'need':27 'new':7,32 'option':79 'permiss':35 'problem':13 'theori':37 'time':44 'tool':24 'user':8,33,64 'way':58 'without':62 'work':41,45 'would':26,39"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342510555544223"
+editedAt: null
+createdAt: DateTimeImmutable @1698951882 {#1739
date: 2023-11-02 20:04:42.0 +01:00
}
+__isInitialized__: true
…2
}
+image: null
+body: """
@Oisteink@feddit.nl yep, that seems the right thing to do. Honestly, most of the real problem was lazyness to reconfigure everything, and that's why I published the question. But now I'm convinced that that's the only way lol \n
Thanks for the help!
"""
+lang: "en"
+favouriteCount: 2
+score: 0
+lastActive: DateTime @1698958797 {#1566
date: 2023-11-02 21:59:57.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@Oisteink@feddit.nl"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1680 …}
+nested: Doctrine\ORM\PersistentCollection {#1686 …}
+votes: Doctrine\ORM\PersistentCollection {#1692 …}
+reports: Doctrine\ORM\PersistentCollection {#1705 …}
+favourites: Doctrine\ORM\PersistentCollection {#1616 …}
+notifications: Doctrine\ORM\PersistentCollection {#1598 …}
-id: 620
-bodyTs: "'convinc':33 'everyth':20 'help':44 'honest':10 'lazy':17 'lol':40 'm':32 'oisteink@feddit.nl':1 'problem':15 'publish':26 'question':28 'real':14 'reconfigur':19 'right':6 'seem':4 'thank':41 'thing':7 'way':39 'yep':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342963738833873"
+editedAt: null
+createdAt: DateTimeImmutable @1698958797 {#1564
date: 2023-11-02 21:59:57.0 +01:00
}
}
App\Entity\PostComment {#1626
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1599 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1599 …}
+image: null
+body: """
@astraeus@programming.dev yep, completely agree on the security issues, that is a mistake that should be fixed. But for the moment I confirmed that root is the only user, and every file and program in the instance can only be used by root (I just created a new user and tried to run the command with su -c but got a lot of permission denials and command not found) \n
If I could hide or disable my own sudo permissions that would save me a lot of work, but I'm starting to think that something like that doesn't exist 🙁
"""
+lang: "en"
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1698954643 {#1702
date: 2023-11-02 20:50:43.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@astraeus@programming.dev"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1618 …}
+nested: Doctrine\ORM\PersistentCollection {#1597 …}
+votes: Doctrine\ORM\PersistentCollection {#1731 …}
+reports: Doctrine\ORM\PersistentCollection {#1723 …}
+favourites: Doctrine\ORM\PersistentCollection {#1721 …}
+notifications: Doctrine\ORM\PersistentCollection {#1728 …}
-id: 616
-bodyTs: "'agre':4 'astraeus@programming.dev':1 'c':57 'command':54,66 'complet':3 'confirm':22 'could':71 'creat':45 'denial':64 'disabl':74 'doesn':97 'everi':30 'exist':99 'file':31 'fix':16 'found':68 'got':59 'hide':72 'instanc':36 'issu':8 'like':95 'lot':61,84 'm':89 'mistak':12 'moment':20 'new':47 'permiss':63,78 'program':33 'root':24,42 'run':52 'save':81 'secur':7 'someth':94 'start':90 'su':56 'sudo':77 'think':92 'tri':50 'use':40 'user':28,48 'work':86 'would':80 'yep':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342691529612536"
+editedAt: null
+createdAt: DateTimeImmutable @1698954643 {#1619
date: 2023-11-02 20:50:43.0 +01:00
}
}
App\Entity\PostComment {#1734
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1732 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1687 …2}
+image: null
+body: "@Oisteink@feddit.nl in another comment (<https://social.vivaldi.net/users/nirogu/statuses/111342629815373353>) I explained why I'd prefer not to create another user, as it would require a lot of work to configure everything again for that command to work (it's a big process). I was thinking of hiding my sudo permissions from the program or something like that, if possible, because many things in the instance are only configured to be used with the root user, even if they don't require sudo. Anyway, I'm seeing that it might not be possible so creating a new user could be the only option 🙁"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1698954358 {#1628
date: 2023-11-02 20:45:58.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@Oisteink@feddit.nl"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1727 …}
+nested: Doctrine\ORM\PersistentCollection {#1733 …}
+votes: Doctrine\ORM\PersistentCollection {#1724 …}
+reports: Doctrine\ORM\PersistentCollection {#1715 …}
+favourites: Doctrine\ORM\PersistentCollection {#1718 …}
+notifications: Doctrine\ORM\PersistentCollection {#1716 …}
-id: 612
-bodyTs: "'/users/nirogu/statuses/111342629815373353':7 'anoth':3,17 'anyway':81 'big':39 'command':33 'comment':4 'configur':28,66 'could':96 'creat':16,92 'd':12 'even':74 'everyth':29 'explain':9 'hide':45 'instanc':63 'like':54 'lot':24 'm':83 'mani':59 'might':87 'new':94 'oisteink@feddit.nl':1 'option':100 'permiss':48 'possibl':57,90 'prefer':13 'process':40 'program':51 'requir':22,79 'root':72 'see':84 'social.vivaldi.net':6 'social.vivaldi.net/users/nirogu/statuses/111342629815373353':5 'someth':53 'sudo':47,80 'thing':60 'think':43 'use':69 'user':18,73,95 'work':26,35 'would':21"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342672818386955"
+editedAt: null
+createdAt: DateTimeImmutable @1698954358 {#1629
date: 2023-11-02 20:45:58.0 +01:00
}
}
App\Entity\PostComment {#1740
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1707 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1687 …2}
+image: null
+body: "@Rustmilian@lemmy.world yeah, already tried it. The problem is that all of the apps in the instance are only installed for the root user (e.g. python and all it's libraries. So, when I use su -c all I get is a lot of command not found messages that would take a lot to solve. Besides I expect a lot more problems when the command needs access to some files and some processes (like a sql database) that would require me to do a lot of stuff to grant permissions to the new user. That would eventually work but given the work it requires I thought that some kind of "anti sudo" command or something like that could exist so I can still be the root user but pretend I am not a superadmin"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1698953702 {#1737
date: 2023-11-02 20:35:02.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@Rustmilian@lemmy.world"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#2465 …}
+nested: Doctrine\ORM\PersistentCollection {#2463 …}
+votes: Doctrine\ORM\PersistentCollection {#2411 …}
+reports: Doctrine\ORM\PersistentCollection {#2422 …}
+favourites: Doctrine\ORM\PersistentCollection {#2458 …}
+notifications: Doctrine\ORM\PersistentCollection {#2456 …}
-id: 618
-bodyTs: "'access':66 'alreadi':3 'anti':110 'app':13 'besid':55 'c':36 'command':44,64,112 'could':117 'databas':76 'e.g':24 'eventu':96 'exist':118 'expect':57 'file':69 'found':46 'get':39 'given':99 'grant':88 'instal':19 'instanc':16 'kind':108 'librari':30 'like':73,115 'lot':42,52,59,84 'messag':47 'need':65 'new':92 'permiss':89 'pretend':128 'problem':7,61 'process':72 'python':25 'requir':79,103 'root':22,125 'rustmilian@lemmy.world':1 'solv':54 'someth':114 'sql':75 'still':122 'stuff':86 'su':35 'sudo':111 'superadmin':133 'take':50 'thought':105 'tri':4 'use':34 'user':23,93,126 'work':97,101 'would':49,78,95 'yeah':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342629815373353"
+editedAt: null
+createdAt: DateTimeImmutable @1698953702 {#1730
date: 2023-11-02 20:35:02.0 +01:00
}
}
Proxies\__CG__\App\Entity\PostComment {#1687 …2}
App\Entity\PostComment {#2359
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1698 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1698 …}
+image: null
+body: "@astray@lemm.ee yeah, that could be an option, but if more users exist in that machine then other processes might fail as that instance is part of a bigger cluster that has several processes running. It might not be a big deal, but checking that may still need some work. I'd prefer a way to do it without creating new users, if it exists"
+lang: "en"
+favouriteCount: 5
+score: 0
+lastActive: DateTime @1698951415 {#2452
date: 2023-11-02 19:56:55.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@astray@lemm.ee"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#2361 …}
+nested: Doctrine\ORM\PersistentCollection {#2372 …}
+votes: Doctrine\ORM\PersistentCollection {#2386 …}
+reports: Doctrine\ORM\PersistentCollection {#2385 …}
+favourites: Doctrine\ORM\PersistentCollection {#2378 …}
+notifications: Doctrine\ORM\PersistentCollection {#2381 …}
-id: 623
-bodyTs: "'astray@lemm.ee':1 'big':40 'bigger':28 'check':43 'cluster':29 'could':4 'creat':59 'd':51 'deal':41 'exist':12,64 'fail':20 'instanc':23 'machin':15 'may':45 'might':19,36 'need':47 'new':60 'option':7 'part':25 'prefer':52 'process':18,33 'run':34 'sever':32 'still':46 'user':11,61 'way':54 'without':58 'work':49 'yeah':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342479953246218"
+editedAt: null
+createdAt: DateTimeImmutable @1698951415 {#2453
date: 2023-11-02 19:56:55.0 +01:00
}
}
]
-id: 286
-bodyTs: "'advanc':103 'anyon':95 'aw':19 'block':65 'break':54 'command':2,16,31,73 'disabl':67 'everyon':8 'execut':35,40 'exist':26,81 'hi':7 'instanc':20,24 'know':96 'linux@lemmy.ml':104 'machin':52 'mention':77 'might':53 'mpirun':41 'not-root':4 'option':93 'particular':23 'privileg':38,70 'recommend':45 'root':6,28,37,84 'run':1,14,47,75 'sudo':49,69,88 'suppos':87 'thank':101 'u':89 'user':29,80 'way':63 'wonder':58 'work':10"
+upVotes: 0
+downVotes: 0
+ranking: 1699037071
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342431186356628"
+editedAt: null
+createdAt: DateTimeImmutable @1698950671 {#2915
date: 2023-11-02 19:44:31.0 +01:00
}
+__isInitialized__: true
…2
} |
|
Show voter details
|
| 4 |
DENIED
|
moderate
|
Proxies\__CG__\App\Entity\Post {#1464
+user: App\Entity\User {#264 …}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+image: null
+slug: "Run-command-as-not-root-Hi-everyone-At-work-I-have"
+body: """
Run command as not-root\n
\n
Hi everyone\n
\n
At work, I have to run a command in an AWS instance. In that particular instance only exists the root user. The command should not be executed with root privileges (it executes mpirun, which is not recommended to run as sudo or the machine might break), so I was wondering if there is a way to block or disable the sudo privileges while the command is running. As mentioned, the only user existing there is root, so I suppose "sudo -u" is not an option.\n
\n
Does anyone know how to do it? Thanks in advance!\n
\n
@linux@lemmy.ml
"""
+lang: "en"
+commentCount: 30
+favouriteCount: 36
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1699069034 {#2916
date: 2023-11-04 04:37:14.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
]
+comments: Doctrine\ORM\PersistentCollection {#2917 …}
+votes: Doctrine\ORM\PersistentCollection {#2926 …}
+reports: Doctrine\ORM\PersistentCollection {#2928 …}
+favourites: Doctrine\ORM\PersistentCollection {#2960 …}
+notifications: Doctrine\ORM\PersistentCollection {#2956 …}
+children: [
App\Entity\PostComment {#1422
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1690 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1698 …}
+image: null
+body: """
@elscallr@lemmy.world I agree about the instance configuration, fixing that is the real solution \n
My question was not about running something as another user, but about hiding the superadmin privileges from a single command I'd execute without switching users. However it is clear that something like that doesn't exist so I'll do the right thing and set everything to work with a new user
"""
+lang: "en"
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1699022526 {#1785
date: 2023-11-03 15:42:06.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@astray@lemm.ee"
"@elscallr@lemmy.world"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1709 …}
+nested: Doctrine\ORM\PersistentCollection {#1458 …}
+votes: Doctrine\ORM\PersistentCollection {#1428 …}
+reports: Doctrine\ORM\PersistentCollection {#1765 …}
+favourites: Doctrine\ORM\PersistentCollection {#1584 …}
+notifications: Doctrine\ORM\PersistentCollection {#1583 …}
-id: 635
-bodyTs: "'agre':3 'anoth':22 'clear':43 'command':33 'configur':7 'd':35 'doesn':48 'elscallr@lemmy.world':1 'everyth':60 'execut':36 'exist':50 'fix':8 'hide':26 'howev':40 'instanc':6 'like':46 'll':53 'new':65 'privileg':29 'question':15 'real':12 'right':56 'run':19 'set':59 'singl':32 'solut':13 'someth':20,45 'superadmin':28 'switch':38 'thing':57 'user':23,39,66 'without':37 'work':62"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111347140288436938"
+editedAt: null
+createdAt: DateTimeImmutable @1699022526 {#1413
date: 2023-11-03 15:42:06.0 +01:00
}
}
App\Entity\PostComment {#1549
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1576 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1586 …}
+image: null
+body: "@ursakhiin@beehaw.org honestly, I didn't even know an aws instance could be a docker image. Everything I did was creating the instance normally so I assumed it was just a regular vm. But already double checked and it is not a docker image, so no problem there 🙂"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1699021862 {#1447
date: 2023-11-03 15:31:02.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@ursakhiin@beehaw.org"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1573 …}
+nested: Doctrine\ORM\PersistentCollection {#1568 …}
+votes: Doctrine\ORM\PersistentCollection {#1528 …}
+reports: Doctrine\ORM\PersistentCollection {#1561 …}
+favourites: Doctrine\ORM\PersistentCollection {#1567 …}
+notifications: Doctrine\ORM\PersistentCollection {#1559 …}
-id: 633
-bodyTs: "'alreadi':34 'assum':26 'aw':9 'check':36 'could':11 'creat':20 'didn':4 'docker':14,42 'doubl':35 'even':6 'everyth':16 'honest':2 'imag':15,43 'instanc':10,22 'know':7 'normal':23 'problem':46 'regular':31 'ursakhiin@beehaw.org':1 'vm':32"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111347096751430470"
+editedAt: null
+createdAt: DateTimeImmutable @1699021862 {#1423
date: 2023-11-03 15:31:02.0 +01:00
}
}
App\Entity\PostComment {#1563
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1586 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1586 …}
+image: null
+body: "@ursakhiin@beehaw.org honestly, didn't consider it. Just checked and the "docker" command doesn't even exist so I assume that is not the case. Do you know if the is any other way I can be certain?"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1698980683 {#1551
date: 2023-11-03 04:04:43.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@ursakhiin@beehaw.org"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1562 …}
+nested: Doctrine\ORM\PersistentCollection {#1554 …}
+votes: Doctrine\ORM\PersistentCollection {#1556 …}
+reports: Doctrine\ORM\PersistentCollection {#1555 …}
+favourites: Doctrine\ORM\PersistentCollection {#1620 …}
+notifications: Doctrine\ORM\PersistentCollection {#1604 …}
-id: 629
-bodyTs: "'assum':19 'case':24 'certain':37 'check':8 'command':12 'consid':5 'didn':3 'docker':11 'doesn':13 'even':15 'exist':16 'honest':2 'know':27 'ursakhiin@beehaw.org':1 'way':33"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111344398050955313"
+editedAt: null
+createdAt: DateTimeImmutable @1698980683 {#1427
date: 2023-11-03 04:04:43.0 +01:00
}
}
App\Entity\PostComment {#1701
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1683 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1687
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: null
+root: null
+image: null
+body: """
Forgot to mention that creating a new user brings a lot of problems because of how that machine is configured and all the tools that would need to be added the new user's permission. In theory it would eventually work after some time working on it, but I'd like to know if there's a way to do it without creating users (or if it's impossible, so I can just go on with that only option) \n
@linux@lemmy.ml
"""
+lang: "en"
+favouriteCount: 4
+score: 0
+lastActive: DateTime @1698951882 {#1741
date: 2023-11-02 20:04:42.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#2457 …}
+nested: Doctrine\ORM\PersistentCollection {#2455 …}
+votes: Doctrine\ORM\PersistentCollection {#2468 …}
+reports: Doctrine\ORM\PersistentCollection {#2469 …}
+favourites: Doctrine\ORM\PersistentCollection {#2471 …}
+notifications: Doctrine\ORM\PersistentCollection {#2363 …}
-id: 608
-bodyTs: "'ad':30 'bring':9 'configur':20 'creat':5,63 'd':50 'eventu':40 'forgot':1 'go':74 'imposs':69 'know':53 'like':51 'linux@lemmy.ml':80 'lot':11 'machin':18 'mention':3 'need':27 'new':7,32 'option':79 'permiss':35 'problem':13 'theori':37 'time':44 'tool':24 'user':8,33,64 'way':58 'without':62 'work':41,45 'would':26,39"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342510555544223"
+editedAt: null
+createdAt: DateTimeImmutable @1698951882 {#1739
date: 2023-11-02 20:04:42.0 +01:00
}
+__isInitialized__: true
…2
}
+image: null
+body: """
@Oisteink@feddit.nl yep, that seems the right thing to do. Honestly, most of the real problem was lazyness to reconfigure everything, and that's why I published the question. But now I'm convinced that that's the only way lol \n
Thanks for the help!
"""
+lang: "en"
+favouriteCount: 2
+score: 0
+lastActive: DateTime @1698958797 {#1566
date: 2023-11-02 21:59:57.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@Oisteink@feddit.nl"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1680 …}
+nested: Doctrine\ORM\PersistentCollection {#1686 …}
+votes: Doctrine\ORM\PersistentCollection {#1692 …}
+reports: Doctrine\ORM\PersistentCollection {#1705 …}
+favourites: Doctrine\ORM\PersistentCollection {#1616 …}
+notifications: Doctrine\ORM\PersistentCollection {#1598 …}
-id: 620
-bodyTs: "'convinc':33 'everyth':20 'help':44 'honest':10 'lazy':17 'lol':40 'm':32 'oisteink@feddit.nl':1 'problem':15 'publish':26 'question':28 'real':14 'reconfigur':19 'right':6 'seem':4 'thank':41 'thing':7 'way':39 'yep':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342963738833873"
+editedAt: null
+createdAt: DateTimeImmutable @1698958797 {#1564
date: 2023-11-02 21:59:57.0 +01:00
}
}
App\Entity\PostComment {#1626
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1599 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1599 …}
+image: null
+body: """
@astraeus@programming.dev yep, completely agree on the security issues, that is a mistake that should be fixed. But for the moment I confirmed that root is the only user, and every file and program in the instance can only be used by root (I just created a new user and tried to run the command with su -c but got a lot of permission denials and command not found) \n
If I could hide or disable my own sudo permissions that would save me a lot of work, but I'm starting to think that something like that doesn't exist 🙁
"""
+lang: "en"
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1698954643 {#1702
date: 2023-11-02 20:50:43.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@astraeus@programming.dev"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1618 …}
+nested: Doctrine\ORM\PersistentCollection {#1597 …}
+votes: Doctrine\ORM\PersistentCollection {#1731 …}
+reports: Doctrine\ORM\PersistentCollection {#1723 …}
+favourites: Doctrine\ORM\PersistentCollection {#1721 …}
+notifications: Doctrine\ORM\PersistentCollection {#1728 …}
-id: 616
-bodyTs: "'agre':4 'astraeus@programming.dev':1 'c':57 'command':54,66 'complet':3 'confirm':22 'could':71 'creat':45 'denial':64 'disabl':74 'doesn':97 'everi':30 'exist':99 'file':31 'fix':16 'found':68 'got':59 'hide':72 'instanc':36 'issu':8 'like':95 'lot':61,84 'm':89 'mistak':12 'moment':20 'new':47 'permiss':63,78 'program':33 'root':24,42 'run':52 'save':81 'secur':7 'someth':94 'start':90 'su':56 'sudo':77 'think':92 'tri':50 'use':40 'user':28,48 'work':86 'would':80 'yep':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342691529612536"
+editedAt: null
+createdAt: DateTimeImmutable @1698954643 {#1619
date: 2023-11-02 20:50:43.0 +01:00
}
}
App\Entity\PostComment {#1734
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1732 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1687 …2}
+image: null
+body: "@Oisteink@feddit.nl in another comment (<https://social.vivaldi.net/users/nirogu/statuses/111342629815373353>) I explained why I'd prefer not to create another user, as it would require a lot of work to configure everything again for that command to work (it's a big process). I was thinking of hiding my sudo permissions from the program or something like that, if possible, because many things in the instance are only configured to be used with the root user, even if they don't require sudo. Anyway, I'm seeing that it might not be possible so creating a new user could be the only option 🙁"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1698954358 {#1628
date: 2023-11-02 20:45:58.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@Oisteink@feddit.nl"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1727 …}
+nested: Doctrine\ORM\PersistentCollection {#1733 …}
+votes: Doctrine\ORM\PersistentCollection {#1724 …}
+reports: Doctrine\ORM\PersistentCollection {#1715 …}
+favourites: Doctrine\ORM\PersistentCollection {#1718 …}
+notifications: Doctrine\ORM\PersistentCollection {#1716 …}
-id: 612
-bodyTs: "'/users/nirogu/statuses/111342629815373353':7 'anoth':3,17 'anyway':81 'big':39 'command':33 'comment':4 'configur':28,66 'could':96 'creat':16,92 'd':12 'even':74 'everyth':29 'explain':9 'hide':45 'instanc':63 'like':54 'lot':24 'm':83 'mani':59 'might':87 'new':94 'oisteink@feddit.nl':1 'option':100 'permiss':48 'possibl':57,90 'prefer':13 'process':40 'program':51 'requir':22,79 'root':72 'see':84 'social.vivaldi.net':6 'social.vivaldi.net/users/nirogu/statuses/111342629815373353':5 'someth':53 'sudo':47,80 'thing':60 'think':43 'use':69 'user':18,73,95 'work':26,35 'would':21"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342672818386955"
+editedAt: null
+createdAt: DateTimeImmutable @1698954358 {#1629
date: 2023-11-02 20:45:58.0 +01:00
}
}
App\Entity\PostComment {#1740
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1707 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1687 …2}
+image: null
+body: "@Rustmilian@lemmy.world yeah, already tried it. The problem is that all of the apps in the instance are only installed for the root user (e.g. python and all it's libraries. So, when I use su -c all I get is a lot of command not found messages that would take a lot to solve. Besides I expect a lot more problems when the command needs access to some files and some processes (like a sql database) that would require me to do a lot of stuff to grant permissions to the new user. That would eventually work but given the work it requires I thought that some kind of "anti sudo" command or something like that could exist so I can still be the root user but pretend I am not a superadmin"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1698953702 {#1737
date: 2023-11-02 20:35:02.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@Rustmilian@lemmy.world"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#2465 …}
+nested: Doctrine\ORM\PersistentCollection {#2463 …}
+votes: Doctrine\ORM\PersistentCollection {#2411 …}
+reports: Doctrine\ORM\PersistentCollection {#2422 …}
+favourites: Doctrine\ORM\PersistentCollection {#2458 …}
+notifications: Doctrine\ORM\PersistentCollection {#2456 …}
-id: 618
-bodyTs: "'access':66 'alreadi':3 'anti':110 'app':13 'besid':55 'c':36 'command':44,64,112 'could':117 'databas':76 'e.g':24 'eventu':96 'exist':118 'expect':57 'file':69 'found':46 'get':39 'given':99 'grant':88 'instal':19 'instanc':16 'kind':108 'librari':30 'like':73,115 'lot':42,52,59,84 'messag':47 'need':65 'new':92 'permiss':89 'pretend':128 'problem':7,61 'process':72 'python':25 'requir':79,103 'root':22,125 'rustmilian@lemmy.world':1 'solv':54 'someth':114 'sql':75 'still':122 'stuff':86 'su':35 'sudo':111 'superadmin':133 'take':50 'thought':105 'tri':4 'use':34 'user':23,93,126 'work':97,101 'would':49,78,95 'yeah':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342629815373353"
+editedAt: null
+createdAt: DateTimeImmutable @1698953702 {#1730
date: 2023-11-02 20:35:02.0 +01:00
}
}
Proxies\__CG__\App\Entity\PostComment {#1687 …2}
App\Entity\PostComment {#2359
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1698 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1698 …}
+image: null
+body: "@astray@lemm.ee yeah, that could be an option, but if more users exist in that machine then other processes might fail as that instance is part of a bigger cluster that has several processes running. It might not be a big deal, but checking that may still need some work. I'd prefer a way to do it without creating new users, if it exists"
+lang: "en"
+favouriteCount: 5
+score: 0
+lastActive: DateTime @1698951415 {#2452
date: 2023-11-02 19:56:55.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@astray@lemm.ee"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#2361 …}
+nested: Doctrine\ORM\PersistentCollection {#2372 …}
+votes: Doctrine\ORM\PersistentCollection {#2386 …}
+reports: Doctrine\ORM\PersistentCollection {#2385 …}
+favourites: Doctrine\ORM\PersistentCollection {#2378 …}
+notifications: Doctrine\ORM\PersistentCollection {#2381 …}
-id: 623
-bodyTs: "'astray@lemm.ee':1 'big':40 'bigger':28 'check':43 'cluster':29 'could':4 'creat':59 'd':51 'deal':41 'exist':12,64 'fail':20 'instanc':23 'machin':15 'may':45 'might':19,36 'need':47 'new':60 'option':7 'part':25 'prefer':52 'process':18,33 'run':34 'sever':32 'still':46 'user':11,61 'way':54 'without':58 'work':49 'yeah':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342479953246218"
+editedAt: null
+createdAt: DateTimeImmutable @1698951415 {#2453
date: 2023-11-02 19:56:55.0 +01:00
}
}
]
-id: 286
-bodyTs: "'advanc':103 'anyon':95 'aw':19 'block':65 'break':54 'command':2,16,31,73 'disabl':67 'everyon':8 'execut':35,40 'exist':26,81 'hi':7 'instanc':20,24 'know':96 'linux@lemmy.ml':104 'machin':52 'mention':77 'might':53 'mpirun':41 'not-root':4 'option':93 'particular':23 'privileg':38,70 'recommend':45 'root':6,28,37,84 'run':1,14,47,75 'sudo':49,69,88 'suppos':87 'thank':101 'u':89 'user':29,80 'way':63 'wonder':58 'work':10"
+upVotes: 0
+downVotes: 0
+ranking: 1699037071
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342431186356628"
+editedAt: null
+createdAt: DateTimeImmutable @1698950671 {#2915
date: 2023-11-02 19:44:31.0 +01:00
}
+__isInitialized__: true
…2
} |
|
Show voter details
|
| 5 |
DENIED
|
ROLE_USER
|
null |
|
Show voter details
|
| 6 |
DENIED
|
moderate
|
App\Entity\PostComment {#2359
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464
+user: App\Entity\User {#264 …}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+image: null
+slug: "Run-command-as-not-root-Hi-everyone-At-work-I-have"
+body: """
Run command as not-root\n
\n
Hi everyone\n
\n
At work, I have to run a command in an AWS instance. In that particular instance only exists the root user. The command should not be executed with root privileges (it executes mpirun, which is not recommended to run as sudo or the machine might break), so I was wondering if there is a way to block or disable the sudo privileges while the command is running. As mentioned, the only user existing there is root, so I suppose "sudo -u" is not an option.\n
\n
Does anyone know how to do it? Thanks in advance!\n
\n
@linux@lemmy.ml
"""
+lang: "en"
+commentCount: 30
+favouriteCount: 36
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1699069034 {#2916
date: 2023-11-04 04:37:14.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
]
+comments: Doctrine\ORM\PersistentCollection {#2917 …}
+votes: Doctrine\ORM\PersistentCollection {#2926 …}
+reports: Doctrine\ORM\PersistentCollection {#2928 …}
+favourites: Doctrine\ORM\PersistentCollection {#2960 …}
+notifications: Doctrine\ORM\PersistentCollection {#2956 …}
+children: [
App\Entity\PostComment {#1422
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1690 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1698 …}
+image: null
+body: """
@elscallr@lemmy.world I agree about the instance configuration, fixing that is the real solution \n
My question was not about running something as another user, but about hiding the superadmin privileges from a single command I'd execute without switching users. However it is clear that something like that doesn't exist so I'll do the right thing and set everything to work with a new user
"""
+lang: "en"
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1699022526 {#1785
date: 2023-11-03 15:42:06.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@astray@lemm.ee"
"@elscallr@lemmy.world"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1709 …}
+nested: Doctrine\ORM\PersistentCollection {#1458 …}
+votes: Doctrine\ORM\PersistentCollection {#1428 …}
+reports: Doctrine\ORM\PersistentCollection {#1765 …}
+favourites: Doctrine\ORM\PersistentCollection {#1584 …}
+notifications: Doctrine\ORM\PersistentCollection {#1583 …}
-id: 635
-bodyTs: "'agre':3 'anoth':22 'clear':43 'command':33 'configur':7 'd':35 'doesn':48 'elscallr@lemmy.world':1 'everyth':60 'execut':36 'exist':50 'fix':8 'hide':26 'howev':40 'instanc':6 'like':46 'll':53 'new':65 'privileg':29 'question':15 'real':12 'right':56 'run':19 'set':59 'singl':32 'solut':13 'someth':20,45 'superadmin':28 'switch':38 'thing':57 'user':23,39,66 'without':37 'work':62"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111347140288436938"
+editedAt: null
+createdAt: DateTimeImmutable @1699022526 {#1413
date: 2023-11-03 15:42:06.0 +01:00
}
}
App\Entity\PostComment {#1549
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1576 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1586 …}
+image: null
+body: "@ursakhiin@beehaw.org honestly, I didn't even know an aws instance could be a docker image. Everything I did was creating the instance normally so I assumed it was just a regular vm. But already double checked and it is not a docker image, so no problem there 🙂"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1699021862 {#1447
date: 2023-11-03 15:31:02.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@ursakhiin@beehaw.org"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1573 …}
+nested: Doctrine\ORM\PersistentCollection {#1568 …}
+votes: Doctrine\ORM\PersistentCollection {#1528 …}
+reports: Doctrine\ORM\PersistentCollection {#1561 …}
+favourites: Doctrine\ORM\PersistentCollection {#1567 …}
+notifications: Doctrine\ORM\PersistentCollection {#1559 …}
-id: 633
-bodyTs: "'alreadi':34 'assum':26 'aw':9 'check':36 'could':11 'creat':20 'didn':4 'docker':14,42 'doubl':35 'even':6 'everyth':16 'honest':2 'imag':15,43 'instanc':10,22 'know':7 'normal':23 'problem':46 'regular':31 'ursakhiin@beehaw.org':1 'vm':32"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111347096751430470"
+editedAt: null
+createdAt: DateTimeImmutable @1699021862 {#1423
date: 2023-11-03 15:31:02.0 +01:00
}
}
App\Entity\PostComment {#1563
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1586 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1586 …}
+image: null
+body: "@ursakhiin@beehaw.org honestly, didn't consider it. Just checked and the "docker" command doesn't even exist so I assume that is not the case. Do you know if the is any other way I can be certain?"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1698980683 {#1551
date: 2023-11-03 04:04:43.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@ursakhiin@beehaw.org"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1562 …}
+nested: Doctrine\ORM\PersistentCollection {#1554 …}
+votes: Doctrine\ORM\PersistentCollection {#1556 …}
+reports: Doctrine\ORM\PersistentCollection {#1555 …}
+favourites: Doctrine\ORM\PersistentCollection {#1620 …}
+notifications: Doctrine\ORM\PersistentCollection {#1604 …}
-id: 629
-bodyTs: "'assum':19 'case':24 'certain':37 'check':8 'command':12 'consid':5 'didn':3 'docker':11 'doesn':13 'even':15 'exist':16 'honest':2 'know':27 'ursakhiin@beehaw.org':1 'way':33"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111344398050955313"
+editedAt: null
+createdAt: DateTimeImmutable @1698980683 {#1427
date: 2023-11-03 04:04:43.0 +01:00
}
}
App\Entity\PostComment {#1701
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1683 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1687
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: null
+root: null
+image: null
+body: """
Forgot to mention that creating a new user brings a lot of problems because of how that machine is configured and all the tools that would need to be added the new user's permission. In theory it would eventually work after some time working on it, but I'd like to know if there's a way to do it without creating users (or if it's impossible, so I can just go on with that only option) \n
@linux@lemmy.ml
"""
+lang: "en"
+favouriteCount: 4
+score: 0
+lastActive: DateTime @1698951882 {#1741
date: 2023-11-02 20:04:42.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#2457 …}
+nested: Doctrine\ORM\PersistentCollection {#2455 …}
+votes: Doctrine\ORM\PersistentCollection {#2468 …}
+reports: Doctrine\ORM\PersistentCollection {#2469 …}
+favourites: Doctrine\ORM\PersistentCollection {#2471 …}
+notifications: Doctrine\ORM\PersistentCollection {#2363 …}
-id: 608
-bodyTs: "'ad':30 'bring':9 'configur':20 'creat':5,63 'd':50 'eventu':40 'forgot':1 'go':74 'imposs':69 'know':53 'like':51 'linux@lemmy.ml':80 'lot':11 'machin':18 'mention':3 'need':27 'new':7,32 'option':79 'permiss':35 'problem':13 'theori':37 'time':44 'tool':24 'user':8,33,64 'way':58 'without':62 'work':41,45 'would':26,39"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342510555544223"
+editedAt: null
+createdAt: DateTimeImmutable @1698951882 {#1739
date: 2023-11-02 20:04:42.0 +01:00
}
+__isInitialized__: true
…2
}
+image: null
+body: """
@Oisteink@feddit.nl yep, that seems the right thing to do. Honestly, most of the real problem was lazyness to reconfigure everything, and that's why I published the question. But now I'm convinced that that's the only way lol \n
Thanks for the help!
"""
+lang: "en"
+favouriteCount: 2
+score: 0
+lastActive: DateTime @1698958797 {#1566
date: 2023-11-02 21:59:57.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@Oisteink@feddit.nl"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1680 …}
+nested: Doctrine\ORM\PersistentCollection {#1686 …}
+votes: Doctrine\ORM\PersistentCollection {#1692 …}
+reports: Doctrine\ORM\PersistentCollection {#1705 …}
+favourites: Doctrine\ORM\PersistentCollection {#1616 …}
+notifications: Doctrine\ORM\PersistentCollection {#1598 …}
-id: 620
-bodyTs: "'convinc':33 'everyth':20 'help':44 'honest':10 'lazy':17 'lol':40 'm':32 'oisteink@feddit.nl':1 'problem':15 'publish':26 'question':28 'real':14 'reconfigur':19 'right':6 'seem':4 'thank':41 'thing':7 'way':39 'yep':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342963738833873"
+editedAt: null
+createdAt: DateTimeImmutable @1698958797 {#1564
date: 2023-11-02 21:59:57.0 +01:00
}
}
App\Entity\PostComment {#1626
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1599 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1599 …}
+image: null
+body: """
@astraeus@programming.dev yep, completely agree on the security issues, that is a mistake that should be fixed. But for the moment I confirmed that root is the only user, and every file and program in the instance can only be used by root (I just created a new user and tried to run the command with su -c but got a lot of permission denials and command not found) \n
If I could hide or disable my own sudo permissions that would save me a lot of work, but I'm starting to think that something like that doesn't exist 🙁
"""
+lang: "en"
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1698954643 {#1702
date: 2023-11-02 20:50:43.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@astraeus@programming.dev"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1618 …}
+nested: Doctrine\ORM\PersistentCollection {#1597 …}
+votes: Doctrine\ORM\PersistentCollection {#1731 …}
+reports: Doctrine\ORM\PersistentCollection {#1723 …}
+favourites: Doctrine\ORM\PersistentCollection {#1721 …}
+notifications: Doctrine\ORM\PersistentCollection {#1728 …}
-id: 616
-bodyTs: "'agre':4 'astraeus@programming.dev':1 'c':57 'command':54,66 'complet':3 'confirm':22 'could':71 'creat':45 'denial':64 'disabl':74 'doesn':97 'everi':30 'exist':99 'file':31 'fix':16 'found':68 'got':59 'hide':72 'instanc':36 'issu':8 'like':95 'lot':61,84 'm':89 'mistak':12 'moment':20 'new':47 'permiss':63,78 'program':33 'root':24,42 'run':52 'save':81 'secur':7 'someth':94 'start':90 'su':56 'sudo':77 'think':92 'tri':50 'use':40 'user':28,48 'work':86 'would':80 'yep':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342691529612536"
+editedAt: null
+createdAt: DateTimeImmutable @1698954643 {#1619
date: 2023-11-02 20:50:43.0 +01:00
}
}
App\Entity\PostComment {#1734
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1732 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1687 …2}
+image: null
+body: "@Oisteink@feddit.nl in another comment (<https://social.vivaldi.net/users/nirogu/statuses/111342629815373353>) I explained why I'd prefer not to create another user, as it would require a lot of work to configure everything again for that command to work (it's a big process). I was thinking of hiding my sudo permissions from the program or something like that, if possible, because many things in the instance are only configured to be used with the root user, even if they don't require sudo. Anyway, I'm seeing that it might not be possible so creating a new user could be the only option 🙁"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1698954358 {#1628
date: 2023-11-02 20:45:58.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@Oisteink@feddit.nl"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1727 …}
+nested: Doctrine\ORM\PersistentCollection {#1733 …}
+votes: Doctrine\ORM\PersistentCollection {#1724 …}
+reports: Doctrine\ORM\PersistentCollection {#1715 …}
+favourites: Doctrine\ORM\PersistentCollection {#1718 …}
+notifications: Doctrine\ORM\PersistentCollection {#1716 …}
-id: 612
-bodyTs: "'/users/nirogu/statuses/111342629815373353':7 'anoth':3,17 'anyway':81 'big':39 'command':33 'comment':4 'configur':28,66 'could':96 'creat':16,92 'd':12 'even':74 'everyth':29 'explain':9 'hide':45 'instanc':63 'like':54 'lot':24 'm':83 'mani':59 'might':87 'new':94 'oisteink@feddit.nl':1 'option':100 'permiss':48 'possibl':57,90 'prefer':13 'process':40 'program':51 'requir':22,79 'root':72 'see':84 'social.vivaldi.net':6 'social.vivaldi.net/users/nirogu/statuses/111342629815373353':5 'someth':53 'sudo':47,80 'thing':60 'think':43 'use':69 'user':18,73,95 'work':26,35 'would':21"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342672818386955"
+editedAt: null
+createdAt: DateTimeImmutable @1698954358 {#1629
date: 2023-11-02 20:45:58.0 +01:00
}
}
App\Entity\PostComment {#1740
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1707 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1687 …2}
+image: null
+body: "@Rustmilian@lemmy.world yeah, already tried it. The problem is that all of the apps in the instance are only installed for the root user (e.g. python and all it's libraries. So, when I use su -c all I get is a lot of command not found messages that would take a lot to solve. Besides I expect a lot more problems when the command needs access to some files and some processes (like a sql database) that would require me to do a lot of stuff to grant permissions to the new user. That would eventually work but given the work it requires I thought that some kind of "anti sudo" command or something like that could exist so I can still be the root user but pretend I am not a superadmin"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1698953702 {#1737
date: 2023-11-02 20:35:02.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@Rustmilian@lemmy.world"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#2465 …}
+nested: Doctrine\ORM\PersistentCollection {#2463 …}
+votes: Doctrine\ORM\PersistentCollection {#2411 …}
+reports: Doctrine\ORM\PersistentCollection {#2422 …}
+favourites: Doctrine\ORM\PersistentCollection {#2458 …}
+notifications: Doctrine\ORM\PersistentCollection {#2456 …}
-id: 618
-bodyTs: "'access':66 'alreadi':3 'anti':110 'app':13 'besid':55 'c':36 'command':44,64,112 'could':117 'databas':76 'e.g':24 'eventu':96 'exist':118 'expect':57 'file':69 'found':46 'get':39 'given':99 'grant':88 'instal':19 'instanc':16 'kind':108 'librari':30 'like':73,115 'lot':42,52,59,84 'messag':47 'need':65 'new':92 'permiss':89 'pretend':128 'problem':7,61 'process':72 'python':25 'requir':79,103 'root':22,125 'rustmilian@lemmy.world':1 'solv':54 'someth':114 'sql':75 'still':122 'stuff':86 'su':35 'sudo':111 'superadmin':133 'take':50 'thought':105 'tri':4 'use':34 'user':23,93,126 'work':97,101 'would':49,78,95 'yeah':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342629815373353"
+editedAt: null
+createdAt: DateTimeImmutable @1698953702 {#1730
date: 2023-11-02 20:35:02.0 +01:00
}
}
Proxies\__CG__\App\Entity\PostComment {#1687 …2}
App\Entity\PostComment {#2359}
]
-id: 286
-bodyTs: "'advanc':103 'anyon':95 'aw':19 'block':65 'break':54 'command':2,16,31,73 'disabl':67 'everyon':8 'execut':35,40 'exist':26,81 'hi':7 'instanc':20,24 'know':96 'linux@lemmy.ml':104 'machin':52 'mention':77 'might':53 'mpirun':41 'not-root':4 'option':93 'particular':23 'privileg':38,70 'recommend':45 'root':6,28,37,84 'run':1,14,47,75 'sudo':49,69,88 'suppos':87 'thank':101 'u':89 'user':29,80 'way':63 'wonder':58 'work':10"
+upVotes: 0
+downVotes: 0
+ranking: 1699037071
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342431186356628"
+editedAt: null
+createdAt: DateTimeImmutable @1698950671 {#2915
date: 2023-11-02 19:44:31.0 +01:00
}
+__isInitialized__: true
…2
}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1698 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1698 …}
+image: null
+body: "@astray@lemm.ee yeah, that could be an option, but if more users exist in that machine then other processes might fail as that instance is part of a bigger cluster that has several processes running. It might not be a big deal, but checking that may still need some work. I'd prefer a way to do it without creating new users, if it exists"
+lang: "en"
+favouriteCount: 5
+score: 0
+lastActive: DateTime @1698951415 {#2452
date: 2023-11-02 19:56:55.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@astray@lemm.ee"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#2361 …}
+nested: Doctrine\ORM\PersistentCollection {#2372 …}
+votes: Doctrine\ORM\PersistentCollection {#2386 …}
+reports: Doctrine\ORM\PersistentCollection {#2385 …}
+favourites: Doctrine\ORM\PersistentCollection {#2378 …}
+notifications: Doctrine\ORM\PersistentCollection {#2381 …}
-id: 623
-bodyTs: "'astray@lemm.ee':1 'big':40 'bigger':28 'check':43 'cluster':29 'could':4 'creat':59 'd':51 'deal':41 'exist':12,64 'fail':20 'instanc':23 'machin':15 'may':45 'might':19,36 'need':47 'new':60 'option':7 'part':25 'prefer':52 'process':18,33 'run':34 'sever':32 'still':46 'user':11,61 'way':54 'without':58 'work':49 'yeah':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342479953246218"
+editedAt: null
+createdAt: DateTimeImmutable @1698951415 {#2453
date: 2023-11-02 19:56:55.0 +01:00
}
} |
|
Show voter details
|
| 7 |
DENIED
|
edit
|
App\Entity\PostComment {#2359
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464
+user: App\Entity\User {#264 …}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+image: null
+slug: "Run-command-as-not-root-Hi-everyone-At-work-I-have"
+body: """
Run command as not-root\n
\n
Hi everyone\n
\n
At work, I have to run a command in an AWS instance. In that particular instance only exists the root user. The command should not be executed with root privileges (it executes mpirun, which is not recommended to run as sudo or the machine might break), so I was wondering if there is a way to block or disable the sudo privileges while the command is running. As mentioned, the only user existing there is root, so I suppose "sudo -u" is not an option.\n
\n
Does anyone know how to do it? Thanks in advance!\n
\n
@linux@lemmy.ml
"""
+lang: "en"
+commentCount: 30
+favouriteCount: 36
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1699069034 {#2916
date: 2023-11-04 04:37:14.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
]
+comments: Doctrine\ORM\PersistentCollection {#2917 …}
+votes: Doctrine\ORM\PersistentCollection {#2926 …}
+reports: Doctrine\ORM\PersistentCollection {#2928 …}
+favourites: Doctrine\ORM\PersistentCollection {#2960 …}
+notifications: Doctrine\ORM\PersistentCollection {#2956 …}
+children: [
App\Entity\PostComment {#1422
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1690 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1698 …}
+image: null
+body: """
@elscallr@lemmy.world I agree about the instance configuration, fixing that is the real solution \n
My question was not about running something as another user, but about hiding the superadmin privileges from a single command I'd execute without switching users. However it is clear that something like that doesn't exist so I'll do the right thing and set everything to work with a new user
"""
+lang: "en"
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1699022526 {#1785
date: 2023-11-03 15:42:06.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@astray@lemm.ee"
"@elscallr@lemmy.world"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1709 …}
+nested: Doctrine\ORM\PersistentCollection {#1458 …}
+votes: Doctrine\ORM\PersistentCollection {#1428 …}
+reports: Doctrine\ORM\PersistentCollection {#1765 …}
+favourites: Doctrine\ORM\PersistentCollection {#1584 …}
+notifications: Doctrine\ORM\PersistentCollection {#1583 …}
-id: 635
-bodyTs: "'agre':3 'anoth':22 'clear':43 'command':33 'configur':7 'd':35 'doesn':48 'elscallr@lemmy.world':1 'everyth':60 'execut':36 'exist':50 'fix':8 'hide':26 'howev':40 'instanc':6 'like':46 'll':53 'new':65 'privileg':29 'question':15 'real':12 'right':56 'run':19 'set':59 'singl':32 'solut':13 'someth':20,45 'superadmin':28 'switch':38 'thing':57 'user':23,39,66 'without':37 'work':62"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111347140288436938"
+editedAt: null
+createdAt: DateTimeImmutable @1699022526 {#1413
date: 2023-11-03 15:42:06.0 +01:00
}
}
App\Entity\PostComment {#1549
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1576 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1586 …}
+image: null
+body: "@ursakhiin@beehaw.org honestly, I didn't even know an aws instance could be a docker image. Everything I did was creating the instance normally so I assumed it was just a regular vm. But already double checked and it is not a docker image, so no problem there 🙂"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1699021862 {#1447
date: 2023-11-03 15:31:02.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@ursakhiin@beehaw.org"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1573 …}
+nested: Doctrine\ORM\PersistentCollection {#1568 …}
+votes: Doctrine\ORM\PersistentCollection {#1528 …}
+reports: Doctrine\ORM\PersistentCollection {#1561 …}
+favourites: Doctrine\ORM\PersistentCollection {#1567 …}
+notifications: Doctrine\ORM\PersistentCollection {#1559 …}
-id: 633
-bodyTs: "'alreadi':34 'assum':26 'aw':9 'check':36 'could':11 'creat':20 'didn':4 'docker':14,42 'doubl':35 'even':6 'everyth':16 'honest':2 'imag':15,43 'instanc':10,22 'know':7 'normal':23 'problem':46 'regular':31 'ursakhiin@beehaw.org':1 'vm':32"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111347096751430470"
+editedAt: null
+createdAt: DateTimeImmutable @1699021862 {#1423
date: 2023-11-03 15:31:02.0 +01:00
}
}
App\Entity\PostComment {#1563
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1586 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1586 …}
+image: null
+body: "@ursakhiin@beehaw.org honestly, didn't consider it. Just checked and the "docker" command doesn't even exist so I assume that is not the case. Do you know if the is any other way I can be certain?"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1698980683 {#1551
date: 2023-11-03 04:04:43.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@ursakhiin@beehaw.org"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1562 …}
+nested: Doctrine\ORM\PersistentCollection {#1554 …}
+votes: Doctrine\ORM\PersistentCollection {#1556 …}
+reports: Doctrine\ORM\PersistentCollection {#1555 …}
+favourites: Doctrine\ORM\PersistentCollection {#1620 …}
+notifications: Doctrine\ORM\PersistentCollection {#1604 …}
-id: 629
-bodyTs: "'assum':19 'case':24 'certain':37 'check':8 'command':12 'consid':5 'didn':3 'docker':11 'doesn':13 'even':15 'exist':16 'honest':2 'know':27 'ursakhiin@beehaw.org':1 'way':33"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111344398050955313"
+editedAt: null
+createdAt: DateTimeImmutable @1698980683 {#1427
date: 2023-11-03 04:04:43.0 +01:00
}
}
App\Entity\PostComment {#1701
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1683 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1687
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: null
+root: null
+image: null
+body: """
Forgot to mention that creating a new user brings a lot of problems because of how that machine is configured and all the tools that would need to be added the new user's permission. In theory it would eventually work after some time working on it, but I'd like to know if there's a way to do it without creating users (or if it's impossible, so I can just go on with that only option) \n
@linux@lemmy.ml
"""
+lang: "en"
+favouriteCount: 4
+score: 0
+lastActive: DateTime @1698951882 {#1741
date: 2023-11-02 20:04:42.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#2457 …}
+nested: Doctrine\ORM\PersistentCollection {#2455 …}
+votes: Doctrine\ORM\PersistentCollection {#2468 …}
+reports: Doctrine\ORM\PersistentCollection {#2469 …}
+favourites: Doctrine\ORM\PersistentCollection {#2471 …}
+notifications: Doctrine\ORM\PersistentCollection {#2363 …}
-id: 608
-bodyTs: "'ad':30 'bring':9 'configur':20 'creat':5,63 'd':50 'eventu':40 'forgot':1 'go':74 'imposs':69 'know':53 'like':51 'linux@lemmy.ml':80 'lot':11 'machin':18 'mention':3 'need':27 'new':7,32 'option':79 'permiss':35 'problem':13 'theori':37 'time':44 'tool':24 'user':8,33,64 'way':58 'without':62 'work':41,45 'would':26,39"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342510555544223"
+editedAt: null
+createdAt: DateTimeImmutable @1698951882 {#1739
date: 2023-11-02 20:04:42.0 +01:00
}
+__isInitialized__: true
…2
}
+image: null
+body: """
@Oisteink@feddit.nl yep, that seems the right thing to do. Honestly, most of the real problem was lazyness to reconfigure everything, and that's why I published the question. But now I'm convinced that that's the only way lol \n
Thanks for the help!
"""
+lang: "en"
+favouriteCount: 2
+score: 0
+lastActive: DateTime @1698958797 {#1566
date: 2023-11-02 21:59:57.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@Oisteink@feddit.nl"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1680 …}
+nested: Doctrine\ORM\PersistentCollection {#1686 …}
+votes: Doctrine\ORM\PersistentCollection {#1692 …}
+reports: Doctrine\ORM\PersistentCollection {#1705 …}
+favourites: Doctrine\ORM\PersistentCollection {#1616 …}
+notifications: Doctrine\ORM\PersistentCollection {#1598 …}
-id: 620
-bodyTs: "'convinc':33 'everyth':20 'help':44 'honest':10 'lazy':17 'lol':40 'm':32 'oisteink@feddit.nl':1 'problem':15 'publish':26 'question':28 'real':14 'reconfigur':19 'right':6 'seem':4 'thank':41 'thing':7 'way':39 'yep':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342963738833873"
+editedAt: null
+createdAt: DateTimeImmutable @1698958797 {#1564
date: 2023-11-02 21:59:57.0 +01:00
}
}
App\Entity\PostComment {#1626
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1599 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1599 …}
+image: null
+body: """
@astraeus@programming.dev yep, completely agree on the security issues, that is a mistake that should be fixed. But for the moment I confirmed that root is the only user, and every file and program in the instance can only be used by root (I just created a new user and tried to run the command with su -c but got a lot of permission denials and command not found) \n
If I could hide or disable my own sudo permissions that would save me a lot of work, but I'm starting to think that something like that doesn't exist 🙁
"""
+lang: "en"
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1698954643 {#1702
date: 2023-11-02 20:50:43.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@astraeus@programming.dev"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1618 …}
+nested: Doctrine\ORM\PersistentCollection {#1597 …}
+votes: Doctrine\ORM\PersistentCollection {#1731 …}
+reports: Doctrine\ORM\PersistentCollection {#1723 …}
+favourites: Doctrine\ORM\PersistentCollection {#1721 …}
+notifications: Doctrine\ORM\PersistentCollection {#1728 …}
-id: 616
-bodyTs: "'agre':4 'astraeus@programming.dev':1 'c':57 'command':54,66 'complet':3 'confirm':22 'could':71 'creat':45 'denial':64 'disabl':74 'doesn':97 'everi':30 'exist':99 'file':31 'fix':16 'found':68 'got':59 'hide':72 'instanc':36 'issu':8 'like':95 'lot':61,84 'm':89 'mistak':12 'moment':20 'new':47 'permiss':63,78 'program':33 'root':24,42 'run':52 'save':81 'secur':7 'someth':94 'start':90 'su':56 'sudo':77 'think':92 'tri':50 'use':40 'user':28,48 'work':86 'would':80 'yep':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342691529612536"
+editedAt: null
+createdAt: DateTimeImmutable @1698954643 {#1619
date: 2023-11-02 20:50:43.0 +01:00
}
}
App\Entity\PostComment {#1734
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1732 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1687 …2}
+image: null
+body: "@Oisteink@feddit.nl in another comment (<https://social.vivaldi.net/users/nirogu/statuses/111342629815373353>) I explained why I'd prefer not to create another user, as it would require a lot of work to configure everything again for that command to work (it's a big process). I was thinking of hiding my sudo permissions from the program or something like that, if possible, because many things in the instance are only configured to be used with the root user, even if they don't require sudo. Anyway, I'm seeing that it might not be possible so creating a new user could be the only option 🙁"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1698954358 {#1628
date: 2023-11-02 20:45:58.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@Oisteink@feddit.nl"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1727 …}
+nested: Doctrine\ORM\PersistentCollection {#1733 …}
+votes: Doctrine\ORM\PersistentCollection {#1724 …}
+reports: Doctrine\ORM\PersistentCollection {#1715 …}
+favourites: Doctrine\ORM\PersistentCollection {#1718 …}
+notifications: Doctrine\ORM\PersistentCollection {#1716 …}
-id: 612
-bodyTs: "'/users/nirogu/statuses/111342629815373353':7 'anoth':3,17 'anyway':81 'big':39 'command':33 'comment':4 'configur':28,66 'could':96 'creat':16,92 'd':12 'even':74 'everyth':29 'explain':9 'hide':45 'instanc':63 'like':54 'lot':24 'm':83 'mani':59 'might':87 'new':94 'oisteink@feddit.nl':1 'option':100 'permiss':48 'possibl':57,90 'prefer':13 'process':40 'program':51 'requir':22,79 'root':72 'see':84 'social.vivaldi.net':6 'social.vivaldi.net/users/nirogu/statuses/111342629815373353':5 'someth':53 'sudo':47,80 'thing':60 'think':43 'use':69 'user':18,73,95 'work':26,35 'would':21"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342672818386955"
+editedAt: null
+createdAt: DateTimeImmutable @1698954358 {#1629
date: 2023-11-02 20:45:58.0 +01:00
}
}
App\Entity\PostComment {#1740
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1707 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1687 …2}
+image: null
+body: "@Rustmilian@lemmy.world yeah, already tried it. The problem is that all of the apps in the instance are only installed for the root user (e.g. python and all it's libraries. So, when I use su -c all I get is a lot of command not found messages that would take a lot to solve. Besides I expect a lot more problems when the command needs access to some files and some processes (like a sql database) that would require me to do a lot of stuff to grant permissions to the new user. That would eventually work but given the work it requires I thought that some kind of "anti sudo" command or something like that could exist so I can still be the root user but pretend I am not a superadmin"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1698953702 {#1737
date: 2023-11-02 20:35:02.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@Rustmilian@lemmy.world"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#2465 …}
+nested: Doctrine\ORM\PersistentCollection {#2463 …}
+votes: Doctrine\ORM\PersistentCollection {#2411 …}
+reports: Doctrine\ORM\PersistentCollection {#2422 …}
+favourites: Doctrine\ORM\PersistentCollection {#2458 …}
+notifications: Doctrine\ORM\PersistentCollection {#2456 …}
-id: 618
-bodyTs: "'access':66 'alreadi':3 'anti':110 'app':13 'besid':55 'c':36 'command':44,64,112 'could':117 'databas':76 'e.g':24 'eventu':96 'exist':118 'expect':57 'file':69 'found':46 'get':39 'given':99 'grant':88 'instal':19 'instanc':16 'kind':108 'librari':30 'like':73,115 'lot':42,52,59,84 'messag':47 'need':65 'new':92 'permiss':89 'pretend':128 'problem':7,61 'process':72 'python':25 'requir':79,103 'root':22,125 'rustmilian@lemmy.world':1 'solv':54 'someth':114 'sql':75 'still':122 'stuff':86 'su':35 'sudo':111 'superadmin':133 'take':50 'thought':105 'tri':4 'use':34 'user':23,93,126 'work':97,101 'would':49,78,95 'yeah':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342629815373353"
+editedAt: null
+createdAt: DateTimeImmutable @1698953702 {#1730
date: 2023-11-02 20:35:02.0 +01:00
}
}
Proxies\__CG__\App\Entity\PostComment {#1687 …2}
App\Entity\PostComment {#2359}
]
-id: 286
-bodyTs: "'advanc':103 'anyon':95 'aw':19 'block':65 'break':54 'command':2,16,31,73 'disabl':67 'everyon':8 'execut':35,40 'exist':26,81 'hi':7 'instanc':20,24 'know':96 'linux@lemmy.ml':104 'machin':52 'mention':77 'might':53 'mpirun':41 'not-root':4 'option':93 'particular':23 'privileg':38,70 'recommend':45 'root':6,28,37,84 'run':1,14,47,75 'sudo':49,69,88 'suppos':87 'thank':101 'u':89 'user':29,80 'way':63 'wonder':58 'work':10"
+upVotes: 0
+downVotes: 0
+ranking: 1699037071
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342431186356628"
+editedAt: null
+createdAt: DateTimeImmutable @1698950671 {#2915
date: 2023-11-02 19:44:31.0 +01:00
}
+__isInitialized__: true
…2
}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1698 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1698 …}
+image: null
+body: "@astray@lemm.ee yeah, that could be an option, but if more users exist in that machine then other processes might fail as that instance is part of a bigger cluster that has several processes running. It might not be a big deal, but checking that may still need some work. I'd prefer a way to do it without creating new users, if it exists"
+lang: "en"
+favouriteCount: 5
+score: 0
+lastActive: DateTime @1698951415 {#2452
date: 2023-11-02 19:56:55.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@astray@lemm.ee"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#2361 …}
+nested: Doctrine\ORM\PersistentCollection {#2372 …}
+votes: Doctrine\ORM\PersistentCollection {#2386 …}
+reports: Doctrine\ORM\PersistentCollection {#2385 …}
+favourites: Doctrine\ORM\PersistentCollection {#2378 …}
+notifications: Doctrine\ORM\PersistentCollection {#2381 …}
-id: 623
-bodyTs: "'astray@lemm.ee':1 'big':40 'bigger':28 'check':43 'cluster':29 'could':4 'creat':59 'd':51 'deal':41 'exist':12,64 'fail':20 'instanc':23 'machin':15 'may':45 'might':19,36 'need':47 'new':60 'option':7 'part':25 'prefer':52 'process':18,33 'run':34 'sever':32 'still':46 'user':11,61 'way':54 'without':58 'work':49 'yeah':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342479953246218"
+editedAt: null
+createdAt: DateTimeImmutable @1698951415 {#2453
date: 2023-11-02 19:56:55.0 +01:00
}
} |
|
Show voter details
|
| 8 |
DENIED
|
moderate
|
App\Entity\PostComment {#2359
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464
+user: App\Entity\User {#264 …}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+image: null
+slug: "Run-command-as-not-root-Hi-everyone-At-work-I-have"
+body: """
Run command as not-root\n
\n
Hi everyone\n
\n
At work, I have to run a command in an AWS instance. In that particular instance only exists the root user. The command should not be executed with root privileges (it executes mpirun, which is not recommended to run as sudo or the machine might break), so I was wondering if there is a way to block or disable the sudo privileges while the command is running. As mentioned, the only user existing there is root, so I suppose "sudo -u" is not an option.\n
\n
Does anyone know how to do it? Thanks in advance!\n
\n
@linux@lemmy.ml
"""
+lang: "en"
+commentCount: 30
+favouriteCount: 36
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1699069034 {#2916
date: 2023-11-04 04:37:14.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
]
+comments: Doctrine\ORM\PersistentCollection {#2917 …}
+votes: Doctrine\ORM\PersistentCollection {#2926 …}
+reports: Doctrine\ORM\PersistentCollection {#2928 …}
+favourites: Doctrine\ORM\PersistentCollection {#2960 …}
+notifications: Doctrine\ORM\PersistentCollection {#2956 …}
+children: [
App\Entity\PostComment {#1422
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1690 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1698 …}
+image: null
+body: """
@elscallr@lemmy.world I agree about the instance configuration, fixing that is the real solution \n
My question was not about running something as another user, but about hiding the superadmin privileges from a single command I'd execute without switching users. However it is clear that something like that doesn't exist so I'll do the right thing and set everything to work with a new user
"""
+lang: "en"
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1699022526 {#1785
date: 2023-11-03 15:42:06.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@astray@lemm.ee"
"@elscallr@lemmy.world"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1709 …}
+nested: Doctrine\ORM\PersistentCollection {#1458 …}
+votes: Doctrine\ORM\PersistentCollection {#1428 …}
+reports: Doctrine\ORM\PersistentCollection {#1765 …}
+favourites: Doctrine\ORM\PersistentCollection {#1584 …}
+notifications: Doctrine\ORM\PersistentCollection {#1583 …}
-id: 635
-bodyTs: "'agre':3 'anoth':22 'clear':43 'command':33 'configur':7 'd':35 'doesn':48 'elscallr@lemmy.world':1 'everyth':60 'execut':36 'exist':50 'fix':8 'hide':26 'howev':40 'instanc':6 'like':46 'll':53 'new':65 'privileg':29 'question':15 'real':12 'right':56 'run':19 'set':59 'singl':32 'solut':13 'someth':20,45 'superadmin':28 'switch':38 'thing':57 'user':23,39,66 'without':37 'work':62"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111347140288436938"
+editedAt: null
+createdAt: DateTimeImmutable @1699022526 {#1413
date: 2023-11-03 15:42:06.0 +01:00
}
}
App\Entity\PostComment {#1549
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1576 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1586 …}
+image: null
+body: "@ursakhiin@beehaw.org honestly, I didn't even know an aws instance could be a docker image. Everything I did was creating the instance normally so I assumed it was just a regular vm. But already double checked and it is not a docker image, so no problem there 🙂"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1699021862 {#1447
date: 2023-11-03 15:31:02.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@ursakhiin@beehaw.org"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1573 …}
+nested: Doctrine\ORM\PersistentCollection {#1568 …}
+votes: Doctrine\ORM\PersistentCollection {#1528 …}
+reports: Doctrine\ORM\PersistentCollection {#1561 …}
+favourites: Doctrine\ORM\PersistentCollection {#1567 …}
+notifications: Doctrine\ORM\PersistentCollection {#1559 …}
-id: 633
-bodyTs: "'alreadi':34 'assum':26 'aw':9 'check':36 'could':11 'creat':20 'didn':4 'docker':14,42 'doubl':35 'even':6 'everyth':16 'honest':2 'imag':15,43 'instanc':10,22 'know':7 'normal':23 'problem':46 'regular':31 'ursakhiin@beehaw.org':1 'vm':32"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111347096751430470"
+editedAt: null
+createdAt: DateTimeImmutable @1699021862 {#1423
date: 2023-11-03 15:31:02.0 +01:00
}
}
App\Entity\PostComment {#1563
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1586 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1586 …}
+image: null
+body: "@ursakhiin@beehaw.org honestly, didn't consider it. Just checked and the "docker" command doesn't even exist so I assume that is not the case. Do you know if the is any other way I can be certain?"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1698980683 {#1551
date: 2023-11-03 04:04:43.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@ursakhiin@beehaw.org"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1562 …}
+nested: Doctrine\ORM\PersistentCollection {#1554 …}
+votes: Doctrine\ORM\PersistentCollection {#1556 …}
+reports: Doctrine\ORM\PersistentCollection {#1555 …}
+favourites: Doctrine\ORM\PersistentCollection {#1620 …}
+notifications: Doctrine\ORM\PersistentCollection {#1604 …}
-id: 629
-bodyTs: "'assum':19 'case':24 'certain':37 'check':8 'command':12 'consid':5 'didn':3 'docker':11 'doesn':13 'even':15 'exist':16 'honest':2 'know':27 'ursakhiin@beehaw.org':1 'way':33"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111344398050955313"
+editedAt: null
+createdAt: DateTimeImmutable @1698980683 {#1427
date: 2023-11-03 04:04:43.0 +01:00
}
}
App\Entity\PostComment {#1701
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1683 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1687
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: null
+root: null
+image: null
+body: """
Forgot to mention that creating a new user brings a lot of problems because of how that machine is configured and all the tools that would need to be added the new user's permission. In theory it would eventually work after some time working on it, but I'd like to know if there's a way to do it without creating users (or if it's impossible, so I can just go on with that only option) \n
@linux@lemmy.ml
"""
+lang: "en"
+favouriteCount: 4
+score: 0
+lastActive: DateTime @1698951882 {#1741
date: 2023-11-02 20:04:42.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#2457 …}
+nested: Doctrine\ORM\PersistentCollection {#2455 …}
+votes: Doctrine\ORM\PersistentCollection {#2468 …}
+reports: Doctrine\ORM\PersistentCollection {#2469 …}
+favourites: Doctrine\ORM\PersistentCollection {#2471 …}
+notifications: Doctrine\ORM\PersistentCollection {#2363 …}
-id: 608
-bodyTs: "'ad':30 'bring':9 'configur':20 'creat':5,63 'd':50 'eventu':40 'forgot':1 'go':74 'imposs':69 'know':53 'like':51 'linux@lemmy.ml':80 'lot':11 'machin':18 'mention':3 'need':27 'new':7,32 'option':79 'permiss':35 'problem':13 'theori':37 'time':44 'tool':24 'user':8,33,64 'way':58 'without':62 'work':41,45 'would':26,39"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342510555544223"
+editedAt: null
+createdAt: DateTimeImmutable @1698951882 {#1739
date: 2023-11-02 20:04:42.0 +01:00
}
+__isInitialized__: true
…2
}
+image: null
+body: """
@Oisteink@feddit.nl yep, that seems the right thing to do. Honestly, most of the real problem was lazyness to reconfigure everything, and that's why I published the question. But now I'm convinced that that's the only way lol \n
Thanks for the help!
"""
+lang: "en"
+favouriteCount: 2
+score: 0
+lastActive: DateTime @1698958797 {#1566
date: 2023-11-02 21:59:57.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@Oisteink@feddit.nl"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1680 …}
+nested: Doctrine\ORM\PersistentCollection {#1686 …}
+votes: Doctrine\ORM\PersistentCollection {#1692 …}
+reports: Doctrine\ORM\PersistentCollection {#1705 …}
+favourites: Doctrine\ORM\PersistentCollection {#1616 …}
+notifications: Doctrine\ORM\PersistentCollection {#1598 …}
-id: 620
-bodyTs: "'convinc':33 'everyth':20 'help':44 'honest':10 'lazy':17 'lol':40 'm':32 'oisteink@feddit.nl':1 'problem':15 'publish':26 'question':28 'real':14 'reconfigur':19 'right':6 'seem':4 'thank':41 'thing':7 'way':39 'yep':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342963738833873"
+editedAt: null
+createdAt: DateTimeImmutable @1698958797 {#1564
date: 2023-11-02 21:59:57.0 +01:00
}
}
App\Entity\PostComment {#1626
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1599 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1599 …}
+image: null
+body: """
@astraeus@programming.dev yep, completely agree on the security issues, that is a mistake that should be fixed. But for the moment I confirmed that root is the only user, and every file and program in the instance can only be used by root (I just created a new user and tried to run the command with su -c but got a lot of permission denials and command not found) \n
If I could hide or disable my own sudo permissions that would save me a lot of work, but I'm starting to think that something like that doesn't exist 🙁
"""
+lang: "en"
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1698954643 {#1702
date: 2023-11-02 20:50:43.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@astraeus@programming.dev"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1618 …}
+nested: Doctrine\ORM\PersistentCollection {#1597 …}
+votes: Doctrine\ORM\PersistentCollection {#1731 …}
+reports: Doctrine\ORM\PersistentCollection {#1723 …}
+favourites: Doctrine\ORM\PersistentCollection {#1721 …}
+notifications: Doctrine\ORM\PersistentCollection {#1728 …}
-id: 616
-bodyTs: "'agre':4 'astraeus@programming.dev':1 'c':57 'command':54,66 'complet':3 'confirm':22 'could':71 'creat':45 'denial':64 'disabl':74 'doesn':97 'everi':30 'exist':99 'file':31 'fix':16 'found':68 'got':59 'hide':72 'instanc':36 'issu':8 'like':95 'lot':61,84 'm':89 'mistak':12 'moment':20 'new':47 'permiss':63,78 'program':33 'root':24,42 'run':52 'save':81 'secur':7 'someth':94 'start':90 'su':56 'sudo':77 'think':92 'tri':50 'use':40 'user':28,48 'work':86 'would':80 'yep':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342691529612536"
+editedAt: null
+createdAt: DateTimeImmutable @1698954643 {#1619
date: 2023-11-02 20:50:43.0 +01:00
}
}
App\Entity\PostComment {#1734
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1732 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1687 …2}
+image: null
+body: "@Oisteink@feddit.nl in another comment (<https://social.vivaldi.net/users/nirogu/statuses/111342629815373353>) I explained why I'd prefer not to create another user, as it would require a lot of work to configure everything again for that command to work (it's a big process). I was thinking of hiding my sudo permissions from the program or something like that, if possible, because many things in the instance are only configured to be used with the root user, even if they don't require sudo. Anyway, I'm seeing that it might not be possible so creating a new user could be the only option 🙁"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1698954358 {#1628
date: 2023-11-02 20:45:58.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@Oisteink@feddit.nl"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1727 …}
+nested: Doctrine\ORM\PersistentCollection {#1733 …}
+votes: Doctrine\ORM\PersistentCollection {#1724 …}
+reports: Doctrine\ORM\PersistentCollection {#1715 …}
+favourites: Doctrine\ORM\PersistentCollection {#1718 …}
+notifications: Doctrine\ORM\PersistentCollection {#1716 …}
-id: 612
-bodyTs: "'/users/nirogu/statuses/111342629815373353':7 'anoth':3,17 'anyway':81 'big':39 'command':33 'comment':4 'configur':28,66 'could':96 'creat':16,92 'd':12 'even':74 'everyth':29 'explain':9 'hide':45 'instanc':63 'like':54 'lot':24 'm':83 'mani':59 'might':87 'new':94 'oisteink@feddit.nl':1 'option':100 'permiss':48 'possibl':57,90 'prefer':13 'process':40 'program':51 'requir':22,79 'root':72 'see':84 'social.vivaldi.net':6 'social.vivaldi.net/users/nirogu/statuses/111342629815373353':5 'someth':53 'sudo':47,80 'thing':60 'think':43 'use':69 'user':18,73,95 'work':26,35 'would':21"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342672818386955"
+editedAt: null
+createdAt: DateTimeImmutable @1698954358 {#1629
date: 2023-11-02 20:45:58.0 +01:00
}
}
App\Entity\PostComment {#1740
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1707 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1687 …2}
+image: null
+body: "@Rustmilian@lemmy.world yeah, already tried it. The problem is that all of the apps in the instance are only installed for the root user (e.g. python and all it's libraries. So, when I use su -c all I get is a lot of command not found messages that would take a lot to solve. Besides I expect a lot more problems when the command needs access to some files and some processes (like a sql database) that would require me to do a lot of stuff to grant permissions to the new user. That would eventually work but given the work it requires I thought that some kind of "anti sudo" command or something like that could exist so I can still be the root user but pretend I am not a superadmin"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1698953702 {#1737
date: 2023-11-02 20:35:02.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@Rustmilian@lemmy.world"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#2465 …}
+nested: Doctrine\ORM\PersistentCollection {#2463 …}
+votes: Doctrine\ORM\PersistentCollection {#2411 …}
+reports: Doctrine\ORM\PersistentCollection {#2422 …}
+favourites: Doctrine\ORM\PersistentCollection {#2458 …}
+notifications: Doctrine\ORM\PersistentCollection {#2456 …}
-id: 618
-bodyTs: "'access':66 'alreadi':3 'anti':110 'app':13 'besid':55 'c':36 'command':44,64,112 'could':117 'databas':76 'e.g':24 'eventu':96 'exist':118 'expect':57 'file':69 'found':46 'get':39 'given':99 'grant':88 'instal':19 'instanc':16 'kind':108 'librari':30 'like':73,115 'lot':42,52,59,84 'messag':47 'need':65 'new':92 'permiss':89 'pretend':128 'problem':7,61 'process':72 'python':25 'requir':79,103 'root':22,125 'rustmilian@lemmy.world':1 'solv':54 'someth':114 'sql':75 'still':122 'stuff':86 'su':35 'sudo':111 'superadmin':133 'take':50 'thought':105 'tri':4 'use':34 'user':23,93,126 'work':97,101 'would':49,78,95 'yeah':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342629815373353"
+editedAt: null
+createdAt: DateTimeImmutable @1698953702 {#1730
date: 2023-11-02 20:35:02.0 +01:00
}
}
Proxies\__CG__\App\Entity\PostComment {#1687 …2}
App\Entity\PostComment {#2359}
]
-id: 286
-bodyTs: "'advanc':103 'anyon':95 'aw':19 'block':65 'break':54 'command':2,16,31,73 'disabl':67 'everyon':8 'execut':35,40 'exist':26,81 'hi':7 'instanc':20,24 'know':96 'linux@lemmy.ml':104 'machin':52 'mention':77 'might':53 'mpirun':41 'not-root':4 'option':93 'particular':23 'privileg':38,70 'recommend':45 'root':6,28,37,84 'run':1,14,47,75 'sudo':49,69,88 'suppos':87 'thank':101 'u':89 'user':29,80 'way':63 'wonder':58 'work':10"
+upVotes: 0
+downVotes: 0
+ranking: 1699037071
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342431186356628"
+editedAt: null
+createdAt: DateTimeImmutable @1698950671 {#2915
date: 2023-11-02 19:44:31.0 +01:00
}
+__isInitialized__: true
…2
}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1698 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1698 …}
+image: null
+body: "@astray@lemm.ee yeah, that could be an option, but if more users exist in that machine then other processes might fail as that instance is part of a bigger cluster that has several processes running. It might not be a big deal, but checking that may still need some work. I'd prefer a way to do it without creating new users, if it exists"
+lang: "en"
+favouriteCount: 5
+score: 0
+lastActive: DateTime @1698951415 {#2452
date: 2023-11-02 19:56:55.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@astray@lemm.ee"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#2361 …}
+nested: Doctrine\ORM\PersistentCollection {#2372 …}
+votes: Doctrine\ORM\PersistentCollection {#2386 …}
+reports: Doctrine\ORM\PersistentCollection {#2385 …}
+favourites: Doctrine\ORM\PersistentCollection {#2378 …}
+notifications: Doctrine\ORM\PersistentCollection {#2381 …}
-id: 623
-bodyTs: "'astray@lemm.ee':1 'big':40 'bigger':28 'check':43 'cluster':29 'could':4 'creat':59 'd':51 'deal':41 'exist':12,64 'fail':20 'instanc':23 'machin':15 'may':45 'might':19,36 'need':47 'new':60 'option':7 'part':25 'prefer':52 'process':18,33 'run':34 'sever':32 'still':46 'user':11,61 'way':54 'without':58 'work':49 'yeah':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342479953246218"
+editedAt: null
+createdAt: DateTimeImmutable @1698951415 {#2453
date: 2023-11-02 19:56:55.0 +01:00
}
} |
|
Show voter details
|
| 9 |
DENIED
|
ROLE_USER
|
null |
|
Show voter details
|
| 10 |
DENIED
|
moderate
|
Proxies\__CG__\App\Entity\PostComment {#1687
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464
+user: App\Entity\User {#264 …}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+image: null
+slug: "Run-command-as-not-root-Hi-everyone-At-work-I-have"
+body: """
Run command as not-root\n
\n
Hi everyone\n
\n
At work, I have to run a command in an AWS instance. In that particular instance only exists the root user. The command should not be executed with root privileges (it executes mpirun, which is not recommended to run as sudo or the machine might break), so I was wondering if there is a way to block or disable the sudo privileges while the command is running. As mentioned, the only user existing there is root, so I suppose "sudo -u" is not an option.\n
\n
Does anyone know how to do it? Thanks in advance!\n
\n
@linux@lemmy.ml
"""
+lang: "en"
+commentCount: 30
+favouriteCount: 36
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1699069034 {#2916
date: 2023-11-04 04:37:14.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
]
+comments: Doctrine\ORM\PersistentCollection {#2917 …}
+votes: Doctrine\ORM\PersistentCollection {#2926 …}
+reports: Doctrine\ORM\PersistentCollection {#2928 …}
+favourites: Doctrine\ORM\PersistentCollection {#2960 …}
+notifications: Doctrine\ORM\PersistentCollection {#2956 …}
+children: [
App\Entity\PostComment {#1422
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1690 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1698 …}
+image: null
+body: """
@elscallr@lemmy.world I agree about the instance configuration, fixing that is the real solution \n
My question was not about running something as another user, but about hiding the superadmin privileges from a single command I'd execute without switching users. However it is clear that something like that doesn't exist so I'll do the right thing and set everything to work with a new user
"""
+lang: "en"
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1699022526 {#1785
date: 2023-11-03 15:42:06.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@astray@lemm.ee"
"@elscallr@lemmy.world"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1709 …}
+nested: Doctrine\ORM\PersistentCollection {#1458 …}
+votes: Doctrine\ORM\PersistentCollection {#1428 …}
+reports: Doctrine\ORM\PersistentCollection {#1765 …}
+favourites: Doctrine\ORM\PersistentCollection {#1584 …}
+notifications: Doctrine\ORM\PersistentCollection {#1583 …}
-id: 635
-bodyTs: "'agre':3 'anoth':22 'clear':43 'command':33 'configur':7 'd':35 'doesn':48 'elscallr@lemmy.world':1 'everyth':60 'execut':36 'exist':50 'fix':8 'hide':26 'howev':40 'instanc':6 'like':46 'll':53 'new':65 'privileg':29 'question':15 'real':12 'right':56 'run':19 'set':59 'singl':32 'solut':13 'someth':20,45 'superadmin':28 'switch':38 'thing':57 'user':23,39,66 'without':37 'work':62"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111347140288436938"
+editedAt: null
+createdAt: DateTimeImmutable @1699022526 {#1413
date: 2023-11-03 15:42:06.0 +01:00
}
}
App\Entity\PostComment {#1549
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1576 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1586 …}
+image: null
+body: "@ursakhiin@beehaw.org honestly, I didn't even know an aws instance could be a docker image. Everything I did was creating the instance normally so I assumed it was just a regular vm. But already double checked and it is not a docker image, so no problem there 🙂"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1699021862 {#1447
date: 2023-11-03 15:31:02.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@ursakhiin@beehaw.org"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1573 …}
+nested: Doctrine\ORM\PersistentCollection {#1568 …}
+votes: Doctrine\ORM\PersistentCollection {#1528 …}
+reports: Doctrine\ORM\PersistentCollection {#1561 …}
+favourites: Doctrine\ORM\PersistentCollection {#1567 …}
+notifications: Doctrine\ORM\PersistentCollection {#1559 …}
-id: 633
-bodyTs: "'alreadi':34 'assum':26 'aw':9 'check':36 'could':11 'creat':20 'didn':4 'docker':14,42 'doubl':35 'even':6 'everyth':16 'honest':2 'imag':15,43 'instanc':10,22 'know':7 'normal':23 'problem':46 'regular':31 'ursakhiin@beehaw.org':1 'vm':32"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111347096751430470"
+editedAt: null
+createdAt: DateTimeImmutable @1699021862 {#1423
date: 2023-11-03 15:31:02.0 +01:00
}
}
App\Entity\PostComment {#1563
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1586 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1586 …}
+image: null
+body: "@ursakhiin@beehaw.org honestly, didn't consider it. Just checked and the "docker" command doesn't even exist so I assume that is not the case. Do you know if the is any other way I can be certain?"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1698980683 {#1551
date: 2023-11-03 04:04:43.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@ursakhiin@beehaw.org"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1562 …}
+nested: Doctrine\ORM\PersistentCollection {#1554 …}
+votes: Doctrine\ORM\PersistentCollection {#1556 …}
+reports: Doctrine\ORM\PersistentCollection {#1555 …}
+favourites: Doctrine\ORM\PersistentCollection {#1620 …}
+notifications: Doctrine\ORM\PersistentCollection {#1604 …}
-id: 629
-bodyTs: "'assum':19 'case':24 'certain':37 'check':8 'command':12 'consid':5 'didn':3 'docker':11 'doesn':13 'even':15 'exist':16 'honest':2 'know':27 'ursakhiin@beehaw.org':1 'way':33"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111344398050955313"
+editedAt: null
+createdAt: DateTimeImmutable @1698980683 {#1427
date: 2023-11-03 04:04:43.0 +01:00
}
}
App\Entity\PostComment {#1701
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1683 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1687 …2}
+image: null
+body: """
@Oisteink@feddit.nl yep, that seems the right thing to do. Honestly, most of the real problem was lazyness to reconfigure everything, and that's why I published the question. But now I'm convinced that that's the only way lol \n
Thanks for the help!
"""
+lang: "en"
+favouriteCount: 2
+score: 0
+lastActive: DateTime @1698958797 {#1566
date: 2023-11-02 21:59:57.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@Oisteink@feddit.nl"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1680 …}
+nested: Doctrine\ORM\PersistentCollection {#1686 …}
+votes: Doctrine\ORM\PersistentCollection {#1692 …}
+reports: Doctrine\ORM\PersistentCollection {#1705 …}
+favourites: Doctrine\ORM\PersistentCollection {#1616 …}
+notifications: Doctrine\ORM\PersistentCollection {#1598 …}
-id: 620
-bodyTs: "'convinc':33 'everyth':20 'help':44 'honest':10 'lazy':17 'lol':40 'm':32 'oisteink@feddit.nl':1 'problem':15 'publish':26 'question':28 'real':14 'reconfigur':19 'right':6 'seem':4 'thank':41 'thing':7 'way':39 'yep':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342963738833873"
+editedAt: null
+createdAt: DateTimeImmutable @1698958797 {#1564
date: 2023-11-02 21:59:57.0 +01:00
}
}
App\Entity\PostComment {#1626
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1599 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1599 …}
+image: null
+body: """
@astraeus@programming.dev yep, completely agree on the security issues, that is a mistake that should be fixed. But for the moment I confirmed that root is the only user, and every file and program in the instance can only be used by root (I just created a new user and tried to run the command with su -c but got a lot of permission denials and command not found) \n
If I could hide or disable my own sudo permissions that would save me a lot of work, but I'm starting to think that something like that doesn't exist 🙁
"""
+lang: "en"
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1698954643 {#1702
date: 2023-11-02 20:50:43.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@astraeus@programming.dev"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1618 …}
+nested: Doctrine\ORM\PersistentCollection {#1597 …}
+votes: Doctrine\ORM\PersistentCollection {#1731 …}
+reports: Doctrine\ORM\PersistentCollection {#1723 …}
+favourites: Doctrine\ORM\PersistentCollection {#1721 …}
+notifications: Doctrine\ORM\PersistentCollection {#1728 …}
-id: 616
-bodyTs: "'agre':4 'astraeus@programming.dev':1 'c':57 'command':54,66 'complet':3 'confirm':22 'could':71 'creat':45 'denial':64 'disabl':74 'doesn':97 'everi':30 'exist':99 'file':31 'fix':16 'found':68 'got':59 'hide':72 'instanc':36 'issu':8 'like':95 'lot':61,84 'm':89 'mistak':12 'moment':20 'new':47 'permiss':63,78 'program':33 'root':24,42 'run':52 'save':81 'secur':7 'someth':94 'start':90 'su':56 'sudo':77 'think':92 'tri':50 'use':40 'user':28,48 'work':86 'would':80 'yep':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342691529612536"
+editedAt: null
+createdAt: DateTimeImmutable @1698954643 {#1619
date: 2023-11-02 20:50:43.0 +01:00
}
}
App\Entity\PostComment {#1734
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1732 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1687 …2}
+image: null
+body: "@Oisteink@feddit.nl in another comment (<https://social.vivaldi.net/users/nirogu/statuses/111342629815373353>) I explained why I'd prefer not to create another user, as it would require a lot of work to configure everything again for that command to work (it's a big process). I was thinking of hiding my sudo permissions from the program or something like that, if possible, because many things in the instance are only configured to be used with the root user, even if they don't require sudo. Anyway, I'm seeing that it might not be possible so creating a new user could be the only option 🙁"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1698954358 {#1628
date: 2023-11-02 20:45:58.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@Oisteink@feddit.nl"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1727 …}
+nested: Doctrine\ORM\PersistentCollection {#1733 …}
+votes: Doctrine\ORM\PersistentCollection {#1724 …}
+reports: Doctrine\ORM\PersistentCollection {#1715 …}
+favourites: Doctrine\ORM\PersistentCollection {#1718 …}
+notifications: Doctrine\ORM\PersistentCollection {#1716 …}
-id: 612
-bodyTs: "'/users/nirogu/statuses/111342629815373353':7 'anoth':3,17 'anyway':81 'big':39 'command':33 'comment':4 'configur':28,66 'could':96 'creat':16,92 'd':12 'even':74 'everyth':29 'explain':9 'hide':45 'instanc':63 'like':54 'lot':24 'm':83 'mani':59 'might':87 'new':94 'oisteink@feddit.nl':1 'option':100 'permiss':48 'possibl':57,90 'prefer':13 'process':40 'program':51 'requir':22,79 'root':72 'see':84 'social.vivaldi.net':6 'social.vivaldi.net/users/nirogu/statuses/111342629815373353':5 'someth':53 'sudo':47,80 'thing':60 'think':43 'use':69 'user':18,73,95 'work':26,35 'would':21"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342672818386955"
+editedAt: null
+createdAt: DateTimeImmutable @1698954358 {#1629
date: 2023-11-02 20:45:58.0 +01:00
}
}
App\Entity\PostComment {#1740
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1707 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1687 …2}
+image: null
+body: "@Rustmilian@lemmy.world yeah, already tried it. The problem is that all of the apps in the instance are only installed for the root user (e.g. python and all it's libraries. So, when I use su -c all I get is a lot of command not found messages that would take a lot to solve. Besides I expect a lot more problems when the command needs access to some files and some processes (like a sql database) that would require me to do a lot of stuff to grant permissions to the new user. That would eventually work but given the work it requires I thought that some kind of "anti sudo" command or something like that could exist so I can still be the root user but pretend I am not a superadmin"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1698953702 {#1737
date: 2023-11-02 20:35:02.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@Rustmilian@lemmy.world"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#2465 …}
+nested: Doctrine\ORM\PersistentCollection {#2463 …}
+votes: Doctrine\ORM\PersistentCollection {#2411 …}
+reports: Doctrine\ORM\PersistentCollection {#2422 …}
+favourites: Doctrine\ORM\PersistentCollection {#2458 …}
+notifications: Doctrine\ORM\PersistentCollection {#2456 …}
-id: 618
-bodyTs: "'access':66 'alreadi':3 'anti':110 'app':13 'besid':55 'c':36 'command':44,64,112 'could':117 'databas':76 'e.g':24 'eventu':96 'exist':118 'expect':57 'file':69 'found':46 'get':39 'given':99 'grant':88 'instal':19 'instanc':16 'kind':108 'librari':30 'like':73,115 'lot':42,52,59,84 'messag':47 'need':65 'new':92 'permiss':89 'pretend':128 'problem':7,61 'process':72 'python':25 'requir':79,103 'root':22,125 'rustmilian@lemmy.world':1 'solv':54 'someth':114 'sql':75 'still':122 'stuff':86 'su':35 'sudo':111 'superadmin':133 'take':50 'thought':105 'tri':4 'use':34 'user':23,93,126 'work':97,101 'would':49,78,95 'yeah':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342629815373353"
+editedAt: null
+createdAt: DateTimeImmutable @1698953702 {#1730
date: 2023-11-02 20:35:02.0 +01:00
}
}
Proxies\__CG__\App\Entity\PostComment {#1687 …2}
App\Entity\PostComment {#2359
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1698 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1698 …}
+image: null
+body: "@astray@lemm.ee yeah, that could be an option, but if more users exist in that machine then other processes might fail as that instance is part of a bigger cluster that has several processes running. It might not be a big deal, but checking that may still need some work. I'd prefer a way to do it without creating new users, if it exists"
+lang: "en"
+favouriteCount: 5
+score: 0
+lastActive: DateTime @1698951415 {#2452
date: 2023-11-02 19:56:55.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@astray@lemm.ee"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#2361 …}
+nested: Doctrine\ORM\PersistentCollection {#2372 …}
+votes: Doctrine\ORM\PersistentCollection {#2386 …}
+reports: Doctrine\ORM\PersistentCollection {#2385 …}
+favourites: Doctrine\ORM\PersistentCollection {#2378 …}
+notifications: Doctrine\ORM\PersistentCollection {#2381 …}
-id: 623
-bodyTs: "'astray@lemm.ee':1 'big':40 'bigger':28 'check':43 'cluster':29 'could':4 'creat':59 'd':51 'deal':41 'exist':12,64 'fail':20 'instanc':23 'machin':15 'may':45 'might':19,36 'need':47 'new':60 'option':7 'part':25 'prefer':52 'process':18,33 'run':34 'sever':32 'still':46 'user':11,61 'way':54 'without':58 'work':49 'yeah':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342479953246218"
+editedAt: null
+createdAt: DateTimeImmutable @1698951415 {#2453
date: 2023-11-02 19:56:55.0 +01:00
}
}
]
-id: 286
-bodyTs: "'advanc':103 'anyon':95 'aw':19 'block':65 'break':54 'command':2,16,31,73 'disabl':67 'everyon':8 'execut':35,40 'exist':26,81 'hi':7 'instanc':20,24 'know':96 'linux@lemmy.ml':104 'machin':52 'mention':77 'might':53 'mpirun':41 'not-root':4 'option':93 'particular':23 'privileg':38,70 'recommend':45 'root':6,28,37,84 'run':1,14,47,75 'sudo':49,69,88 'suppos':87 'thank':101 'u':89 'user':29,80 'way':63 'wonder':58 'work':10"
+upVotes: 0
+downVotes: 0
+ranking: 1699037071
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342431186356628"
+editedAt: null
+createdAt: DateTimeImmutable @1698950671 {#2915
date: 2023-11-02 19:44:31.0 +01:00
}
+__isInitialized__: true
…2
}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: null
+root: null
+image: null
+body: """
Forgot to mention that creating a new user brings a lot of problems because of how that machine is configured and all the tools that would need to be added the new user's permission. In theory it would eventually work after some time working on it, but I'd like to know if there's a way to do it without creating users (or if it's impossible, so I can just go on with that only option) \n
@linux@lemmy.ml
"""
+lang: "en"
+favouriteCount: 4
+score: 0
+lastActive: DateTime @1698951882 {#1741
date: 2023-11-02 20:04:42.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#2457 …}
+nested: Doctrine\ORM\PersistentCollection {#2455 …}
+votes: Doctrine\ORM\PersistentCollection {#2468 …}
+reports: Doctrine\ORM\PersistentCollection {#2469 …}
+favourites: Doctrine\ORM\PersistentCollection {#2471 …}
+notifications: Doctrine\ORM\PersistentCollection {#2363 …}
-id: 608
-bodyTs: "'ad':30 'bring':9 'configur':20 'creat':5,63 'd':50 'eventu':40 'forgot':1 'go':74 'imposs':69 'know':53 'like':51 'linux@lemmy.ml':80 'lot':11 'machin':18 'mention':3 'need':27 'new':7,32 'option':79 'permiss':35 'problem':13 'theori':37 'time':44 'tool':24 'user':8,33,64 'way':58 'without':62 'work':41,45 'would':26,39"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342510555544223"
+editedAt: null
+createdAt: DateTimeImmutable @1698951882 {#1739
date: 2023-11-02 20:04:42.0 +01:00
}
+__isInitialized__: true
…2
} |
|
Show voter details
|
| 11 |
DENIED
|
edit
|
Proxies\__CG__\App\Entity\PostComment {#1687
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464
+user: App\Entity\User {#264 …}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+image: null
+slug: "Run-command-as-not-root-Hi-everyone-At-work-I-have"
+body: """
Run command as not-root\n
\n
Hi everyone\n
\n
At work, I have to run a command in an AWS instance. In that particular instance only exists the root user. The command should not be executed with root privileges (it executes mpirun, which is not recommended to run as sudo or the machine might break), so I was wondering if there is a way to block or disable the sudo privileges while the command is running. As mentioned, the only user existing there is root, so I suppose "sudo -u" is not an option.\n
\n
Does anyone know how to do it? Thanks in advance!\n
\n
@linux@lemmy.ml
"""
+lang: "en"
+commentCount: 30
+favouriteCount: 36
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1699069034 {#2916
date: 2023-11-04 04:37:14.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
]
+comments: Doctrine\ORM\PersistentCollection {#2917 …}
+votes: Doctrine\ORM\PersistentCollection {#2926 …}
+reports: Doctrine\ORM\PersistentCollection {#2928 …}
+favourites: Doctrine\ORM\PersistentCollection {#2960 …}
+notifications: Doctrine\ORM\PersistentCollection {#2956 …}
+children: [
App\Entity\PostComment {#1422
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1690 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1698 …}
+image: null
+body: """
@elscallr@lemmy.world I agree about the instance configuration, fixing that is the real solution \n
My question was not about running something as another user, but about hiding the superadmin privileges from a single command I'd execute without switching users. However it is clear that something like that doesn't exist so I'll do the right thing and set everything to work with a new user
"""
+lang: "en"
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1699022526 {#1785
date: 2023-11-03 15:42:06.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@astray@lemm.ee"
"@elscallr@lemmy.world"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1709 …}
+nested: Doctrine\ORM\PersistentCollection {#1458 …}
+votes: Doctrine\ORM\PersistentCollection {#1428 …}
+reports: Doctrine\ORM\PersistentCollection {#1765 …}
+favourites: Doctrine\ORM\PersistentCollection {#1584 …}
+notifications: Doctrine\ORM\PersistentCollection {#1583 …}
-id: 635
-bodyTs: "'agre':3 'anoth':22 'clear':43 'command':33 'configur':7 'd':35 'doesn':48 'elscallr@lemmy.world':1 'everyth':60 'execut':36 'exist':50 'fix':8 'hide':26 'howev':40 'instanc':6 'like':46 'll':53 'new':65 'privileg':29 'question':15 'real':12 'right':56 'run':19 'set':59 'singl':32 'solut':13 'someth':20,45 'superadmin':28 'switch':38 'thing':57 'user':23,39,66 'without':37 'work':62"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111347140288436938"
+editedAt: null
+createdAt: DateTimeImmutable @1699022526 {#1413
date: 2023-11-03 15:42:06.0 +01:00
}
}
App\Entity\PostComment {#1549
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1576 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1586 …}
+image: null
+body: "@ursakhiin@beehaw.org honestly, I didn't even know an aws instance could be a docker image. Everything I did was creating the instance normally so I assumed it was just a regular vm. But already double checked and it is not a docker image, so no problem there 🙂"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1699021862 {#1447
date: 2023-11-03 15:31:02.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@ursakhiin@beehaw.org"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1573 …}
+nested: Doctrine\ORM\PersistentCollection {#1568 …}
+votes: Doctrine\ORM\PersistentCollection {#1528 …}
+reports: Doctrine\ORM\PersistentCollection {#1561 …}
+favourites: Doctrine\ORM\PersistentCollection {#1567 …}
+notifications: Doctrine\ORM\PersistentCollection {#1559 …}
-id: 633
-bodyTs: "'alreadi':34 'assum':26 'aw':9 'check':36 'could':11 'creat':20 'didn':4 'docker':14,42 'doubl':35 'even':6 'everyth':16 'honest':2 'imag':15,43 'instanc':10,22 'know':7 'normal':23 'problem':46 'regular':31 'ursakhiin@beehaw.org':1 'vm':32"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111347096751430470"
+editedAt: null
+createdAt: DateTimeImmutable @1699021862 {#1423
date: 2023-11-03 15:31:02.0 +01:00
}
}
App\Entity\PostComment {#1563
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1586 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1586 …}
+image: null
+body: "@ursakhiin@beehaw.org honestly, didn't consider it. Just checked and the "docker" command doesn't even exist so I assume that is not the case. Do you know if the is any other way I can be certain?"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1698980683 {#1551
date: 2023-11-03 04:04:43.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@ursakhiin@beehaw.org"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1562 …}
+nested: Doctrine\ORM\PersistentCollection {#1554 …}
+votes: Doctrine\ORM\PersistentCollection {#1556 …}
+reports: Doctrine\ORM\PersistentCollection {#1555 …}
+favourites: Doctrine\ORM\PersistentCollection {#1620 …}
+notifications: Doctrine\ORM\PersistentCollection {#1604 …}
-id: 629
-bodyTs: "'assum':19 'case':24 'certain':37 'check':8 'command':12 'consid':5 'didn':3 'docker':11 'doesn':13 'even':15 'exist':16 'honest':2 'know':27 'ursakhiin@beehaw.org':1 'way':33"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111344398050955313"
+editedAt: null
+createdAt: DateTimeImmutable @1698980683 {#1427
date: 2023-11-03 04:04:43.0 +01:00
}
}
App\Entity\PostComment {#1701
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1683 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1687 …2}
+image: null
+body: """
@Oisteink@feddit.nl yep, that seems the right thing to do. Honestly, most of the real problem was lazyness to reconfigure everything, and that's why I published the question. But now I'm convinced that that's the only way lol \n
Thanks for the help!
"""
+lang: "en"
+favouriteCount: 2
+score: 0
+lastActive: DateTime @1698958797 {#1566
date: 2023-11-02 21:59:57.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@Oisteink@feddit.nl"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1680 …}
+nested: Doctrine\ORM\PersistentCollection {#1686 …}
+votes: Doctrine\ORM\PersistentCollection {#1692 …}
+reports: Doctrine\ORM\PersistentCollection {#1705 …}
+favourites: Doctrine\ORM\PersistentCollection {#1616 …}
+notifications: Doctrine\ORM\PersistentCollection {#1598 …}
-id: 620
-bodyTs: "'convinc':33 'everyth':20 'help':44 'honest':10 'lazy':17 'lol':40 'm':32 'oisteink@feddit.nl':1 'problem':15 'publish':26 'question':28 'real':14 'reconfigur':19 'right':6 'seem':4 'thank':41 'thing':7 'way':39 'yep':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342963738833873"
+editedAt: null
+createdAt: DateTimeImmutable @1698958797 {#1564
date: 2023-11-02 21:59:57.0 +01:00
}
}
App\Entity\PostComment {#1626
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1599 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1599 …}
+image: null
+body: """
@astraeus@programming.dev yep, completely agree on the security issues, that is a mistake that should be fixed. But for the moment I confirmed that root is the only user, and every file and program in the instance can only be used by root (I just created a new user and tried to run the command with su -c but got a lot of permission denials and command not found) \n
If I could hide or disable my own sudo permissions that would save me a lot of work, but I'm starting to think that something like that doesn't exist 🙁
"""
+lang: "en"
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1698954643 {#1702
date: 2023-11-02 20:50:43.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@astraeus@programming.dev"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1618 …}
+nested: Doctrine\ORM\PersistentCollection {#1597 …}
+votes: Doctrine\ORM\PersistentCollection {#1731 …}
+reports: Doctrine\ORM\PersistentCollection {#1723 …}
+favourites: Doctrine\ORM\PersistentCollection {#1721 …}
+notifications: Doctrine\ORM\PersistentCollection {#1728 …}
-id: 616
-bodyTs: "'agre':4 'astraeus@programming.dev':1 'c':57 'command':54,66 'complet':3 'confirm':22 'could':71 'creat':45 'denial':64 'disabl':74 'doesn':97 'everi':30 'exist':99 'file':31 'fix':16 'found':68 'got':59 'hide':72 'instanc':36 'issu':8 'like':95 'lot':61,84 'm':89 'mistak':12 'moment':20 'new':47 'permiss':63,78 'program':33 'root':24,42 'run':52 'save':81 'secur':7 'someth':94 'start':90 'su':56 'sudo':77 'think':92 'tri':50 'use':40 'user':28,48 'work':86 'would':80 'yep':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342691529612536"
+editedAt: null
+createdAt: DateTimeImmutable @1698954643 {#1619
date: 2023-11-02 20:50:43.0 +01:00
}
}
App\Entity\PostComment {#1734
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1732 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1687 …2}
+image: null
+body: "@Oisteink@feddit.nl in another comment (<https://social.vivaldi.net/users/nirogu/statuses/111342629815373353>) I explained why I'd prefer not to create another user, as it would require a lot of work to configure everything again for that command to work (it's a big process). I was thinking of hiding my sudo permissions from the program or something like that, if possible, because many things in the instance are only configured to be used with the root user, even if they don't require sudo. Anyway, I'm seeing that it might not be possible so creating a new user could be the only option 🙁"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1698954358 {#1628
date: 2023-11-02 20:45:58.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@Oisteink@feddit.nl"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1727 …}
+nested: Doctrine\ORM\PersistentCollection {#1733 …}
+votes: Doctrine\ORM\PersistentCollection {#1724 …}
+reports: Doctrine\ORM\PersistentCollection {#1715 …}
+favourites: Doctrine\ORM\PersistentCollection {#1718 …}
+notifications: Doctrine\ORM\PersistentCollection {#1716 …}
-id: 612
-bodyTs: "'/users/nirogu/statuses/111342629815373353':7 'anoth':3,17 'anyway':81 'big':39 'command':33 'comment':4 'configur':28,66 'could':96 'creat':16,92 'd':12 'even':74 'everyth':29 'explain':9 'hide':45 'instanc':63 'like':54 'lot':24 'm':83 'mani':59 'might':87 'new':94 'oisteink@feddit.nl':1 'option':100 'permiss':48 'possibl':57,90 'prefer':13 'process':40 'program':51 'requir':22,79 'root':72 'see':84 'social.vivaldi.net':6 'social.vivaldi.net/users/nirogu/statuses/111342629815373353':5 'someth':53 'sudo':47,80 'thing':60 'think':43 'use':69 'user':18,73,95 'work':26,35 'would':21"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342672818386955"
+editedAt: null
+createdAt: DateTimeImmutable @1698954358 {#1629
date: 2023-11-02 20:45:58.0 +01:00
}
}
App\Entity\PostComment {#1740
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1707 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1687 …2}
+image: null
+body: "@Rustmilian@lemmy.world yeah, already tried it. The problem is that all of the apps in the instance are only installed for the root user (e.g. python and all it's libraries. So, when I use su -c all I get is a lot of command not found messages that would take a lot to solve. Besides I expect a lot more problems when the command needs access to some files and some processes (like a sql database) that would require me to do a lot of stuff to grant permissions to the new user. That would eventually work but given the work it requires I thought that some kind of "anti sudo" command or something like that could exist so I can still be the root user but pretend I am not a superadmin"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1698953702 {#1737
date: 2023-11-02 20:35:02.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@Rustmilian@lemmy.world"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#2465 …}
+nested: Doctrine\ORM\PersistentCollection {#2463 …}
+votes: Doctrine\ORM\PersistentCollection {#2411 …}
+reports: Doctrine\ORM\PersistentCollection {#2422 …}
+favourites: Doctrine\ORM\PersistentCollection {#2458 …}
+notifications: Doctrine\ORM\PersistentCollection {#2456 …}
-id: 618
-bodyTs: "'access':66 'alreadi':3 'anti':110 'app':13 'besid':55 'c':36 'command':44,64,112 'could':117 'databas':76 'e.g':24 'eventu':96 'exist':118 'expect':57 'file':69 'found':46 'get':39 'given':99 'grant':88 'instal':19 'instanc':16 'kind':108 'librari':30 'like':73,115 'lot':42,52,59,84 'messag':47 'need':65 'new':92 'permiss':89 'pretend':128 'problem':7,61 'process':72 'python':25 'requir':79,103 'root':22,125 'rustmilian@lemmy.world':1 'solv':54 'someth':114 'sql':75 'still':122 'stuff':86 'su':35 'sudo':111 'superadmin':133 'take':50 'thought':105 'tri':4 'use':34 'user':23,93,126 'work':97,101 'would':49,78,95 'yeah':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342629815373353"
+editedAt: null
+createdAt: DateTimeImmutable @1698953702 {#1730
date: 2023-11-02 20:35:02.0 +01:00
}
}
Proxies\__CG__\App\Entity\PostComment {#1687 …2}
App\Entity\PostComment {#2359
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1698 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1698 …}
+image: null
+body: "@astray@lemm.ee yeah, that could be an option, but if more users exist in that machine then other processes might fail as that instance is part of a bigger cluster that has several processes running. It might not be a big deal, but checking that may still need some work. I'd prefer a way to do it without creating new users, if it exists"
+lang: "en"
+favouriteCount: 5
+score: 0
+lastActive: DateTime @1698951415 {#2452
date: 2023-11-02 19:56:55.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@astray@lemm.ee"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#2361 …}
+nested: Doctrine\ORM\PersistentCollection {#2372 …}
+votes: Doctrine\ORM\PersistentCollection {#2386 …}
+reports: Doctrine\ORM\PersistentCollection {#2385 …}
+favourites: Doctrine\ORM\PersistentCollection {#2378 …}
+notifications: Doctrine\ORM\PersistentCollection {#2381 …}
-id: 623
-bodyTs: "'astray@lemm.ee':1 'big':40 'bigger':28 'check':43 'cluster':29 'could':4 'creat':59 'd':51 'deal':41 'exist':12,64 'fail':20 'instanc':23 'machin':15 'may':45 'might':19,36 'need':47 'new':60 'option':7 'part':25 'prefer':52 'process':18,33 'run':34 'sever':32 'still':46 'user':11,61 'way':54 'without':58 'work':49 'yeah':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342479953246218"
+editedAt: null
+createdAt: DateTimeImmutable @1698951415 {#2453
date: 2023-11-02 19:56:55.0 +01:00
}
}
]
-id: 286
-bodyTs: "'advanc':103 'anyon':95 'aw':19 'block':65 'break':54 'command':2,16,31,73 'disabl':67 'everyon':8 'execut':35,40 'exist':26,81 'hi':7 'instanc':20,24 'know':96 'linux@lemmy.ml':104 'machin':52 'mention':77 'might':53 'mpirun':41 'not-root':4 'option':93 'particular':23 'privileg':38,70 'recommend':45 'root':6,28,37,84 'run':1,14,47,75 'sudo':49,69,88 'suppos':87 'thank':101 'u':89 'user':29,80 'way':63 'wonder':58 'work':10"
+upVotes: 0
+downVotes: 0
+ranking: 1699037071
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342431186356628"
+editedAt: null
+createdAt: DateTimeImmutable @1698950671 {#2915
date: 2023-11-02 19:44:31.0 +01:00
}
+__isInitialized__: true
…2
}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: null
+root: null
+image: null
+body: """
Forgot to mention that creating a new user brings a lot of problems because of how that machine is configured and all the tools that would need to be added the new user's permission. In theory it would eventually work after some time working on it, but I'd like to know if there's a way to do it without creating users (or if it's impossible, so I can just go on with that only option) \n
@linux@lemmy.ml
"""
+lang: "en"
+favouriteCount: 4
+score: 0
+lastActive: DateTime @1698951882 {#1741
date: 2023-11-02 20:04:42.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#2457 …}
+nested: Doctrine\ORM\PersistentCollection {#2455 …}
+votes: Doctrine\ORM\PersistentCollection {#2468 …}
+reports: Doctrine\ORM\PersistentCollection {#2469 …}
+favourites: Doctrine\ORM\PersistentCollection {#2471 …}
+notifications: Doctrine\ORM\PersistentCollection {#2363 …}
-id: 608
-bodyTs: "'ad':30 'bring':9 'configur':20 'creat':5,63 'd':50 'eventu':40 'forgot':1 'go':74 'imposs':69 'know':53 'like':51 'linux@lemmy.ml':80 'lot':11 'machin':18 'mention':3 'need':27 'new':7,32 'option':79 'permiss':35 'problem':13 'theori':37 'time':44 'tool':24 'user':8,33,64 'way':58 'without':62 'work':41,45 'would':26,39"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342510555544223"
+editedAt: null
+createdAt: DateTimeImmutable @1698951882 {#1739
date: 2023-11-02 20:04:42.0 +01:00
}
+__isInitialized__: true
…2
} |
|
Show voter details
|
| 12 |
DENIED
|
moderate
|
Proxies\__CG__\App\Entity\PostComment {#1687
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464
+user: App\Entity\User {#264 …}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+image: null
+slug: "Run-command-as-not-root-Hi-everyone-At-work-I-have"
+body: """
Run command as not-root\n
\n
Hi everyone\n
\n
At work, I have to run a command in an AWS instance. In that particular instance only exists the root user. The command should not be executed with root privileges (it executes mpirun, which is not recommended to run as sudo or the machine might break), so I was wondering if there is a way to block or disable the sudo privileges while the command is running. As mentioned, the only user existing there is root, so I suppose "sudo -u" is not an option.\n
\n
Does anyone know how to do it? Thanks in advance!\n
\n
@linux@lemmy.ml
"""
+lang: "en"
+commentCount: 30
+favouriteCount: 36
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1699069034 {#2916
date: 2023-11-04 04:37:14.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
]
+comments: Doctrine\ORM\PersistentCollection {#2917 …}
+votes: Doctrine\ORM\PersistentCollection {#2926 …}
+reports: Doctrine\ORM\PersistentCollection {#2928 …}
+favourites: Doctrine\ORM\PersistentCollection {#2960 …}
+notifications: Doctrine\ORM\PersistentCollection {#2956 …}
+children: [
App\Entity\PostComment {#1422
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1690 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1698 …}
+image: null
+body: """
@elscallr@lemmy.world I agree about the instance configuration, fixing that is the real solution \n
My question was not about running something as another user, but about hiding the superadmin privileges from a single command I'd execute without switching users. However it is clear that something like that doesn't exist so I'll do the right thing and set everything to work with a new user
"""
+lang: "en"
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1699022526 {#1785
date: 2023-11-03 15:42:06.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@astray@lemm.ee"
"@elscallr@lemmy.world"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1709 …}
+nested: Doctrine\ORM\PersistentCollection {#1458 …}
+votes: Doctrine\ORM\PersistentCollection {#1428 …}
+reports: Doctrine\ORM\PersistentCollection {#1765 …}
+favourites: Doctrine\ORM\PersistentCollection {#1584 …}
+notifications: Doctrine\ORM\PersistentCollection {#1583 …}
-id: 635
-bodyTs: "'agre':3 'anoth':22 'clear':43 'command':33 'configur':7 'd':35 'doesn':48 'elscallr@lemmy.world':1 'everyth':60 'execut':36 'exist':50 'fix':8 'hide':26 'howev':40 'instanc':6 'like':46 'll':53 'new':65 'privileg':29 'question':15 'real':12 'right':56 'run':19 'set':59 'singl':32 'solut':13 'someth':20,45 'superadmin':28 'switch':38 'thing':57 'user':23,39,66 'without':37 'work':62"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111347140288436938"
+editedAt: null
+createdAt: DateTimeImmutable @1699022526 {#1413
date: 2023-11-03 15:42:06.0 +01:00
}
}
App\Entity\PostComment {#1549
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1576 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1586 …}
+image: null
+body: "@ursakhiin@beehaw.org honestly, I didn't even know an aws instance could be a docker image. Everything I did was creating the instance normally so I assumed it was just a regular vm. But already double checked and it is not a docker image, so no problem there 🙂"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1699021862 {#1447
date: 2023-11-03 15:31:02.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@ursakhiin@beehaw.org"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1573 …}
+nested: Doctrine\ORM\PersistentCollection {#1568 …}
+votes: Doctrine\ORM\PersistentCollection {#1528 …}
+reports: Doctrine\ORM\PersistentCollection {#1561 …}
+favourites: Doctrine\ORM\PersistentCollection {#1567 …}
+notifications: Doctrine\ORM\PersistentCollection {#1559 …}
-id: 633
-bodyTs: "'alreadi':34 'assum':26 'aw':9 'check':36 'could':11 'creat':20 'didn':4 'docker':14,42 'doubl':35 'even':6 'everyth':16 'honest':2 'imag':15,43 'instanc':10,22 'know':7 'normal':23 'problem':46 'regular':31 'ursakhiin@beehaw.org':1 'vm':32"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111347096751430470"
+editedAt: null
+createdAt: DateTimeImmutable @1699021862 {#1423
date: 2023-11-03 15:31:02.0 +01:00
}
}
App\Entity\PostComment {#1563
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1586 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1586 …}
+image: null
+body: "@ursakhiin@beehaw.org honestly, didn't consider it. Just checked and the "docker" command doesn't even exist so I assume that is not the case. Do you know if the is any other way I can be certain?"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1698980683 {#1551
date: 2023-11-03 04:04:43.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@ursakhiin@beehaw.org"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1562 …}
+nested: Doctrine\ORM\PersistentCollection {#1554 …}
+votes: Doctrine\ORM\PersistentCollection {#1556 …}
+reports: Doctrine\ORM\PersistentCollection {#1555 …}
+favourites: Doctrine\ORM\PersistentCollection {#1620 …}
+notifications: Doctrine\ORM\PersistentCollection {#1604 …}
-id: 629
-bodyTs: "'assum':19 'case':24 'certain':37 'check':8 'command':12 'consid':5 'didn':3 'docker':11 'doesn':13 'even':15 'exist':16 'honest':2 'know':27 'ursakhiin@beehaw.org':1 'way':33"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111344398050955313"
+editedAt: null
+createdAt: DateTimeImmutable @1698980683 {#1427
date: 2023-11-03 04:04:43.0 +01:00
}
}
App\Entity\PostComment {#1701
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1683 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1687 …2}
+image: null
+body: """
@Oisteink@feddit.nl yep, that seems the right thing to do. Honestly, most of the real problem was lazyness to reconfigure everything, and that's why I published the question. But now I'm convinced that that's the only way lol \n
Thanks for the help!
"""
+lang: "en"
+favouriteCount: 2
+score: 0
+lastActive: DateTime @1698958797 {#1566
date: 2023-11-02 21:59:57.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@Oisteink@feddit.nl"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1680 …}
+nested: Doctrine\ORM\PersistentCollection {#1686 …}
+votes: Doctrine\ORM\PersistentCollection {#1692 …}
+reports: Doctrine\ORM\PersistentCollection {#1705 …}
+favourites: Doctrine\ORM\PersistentCollection {#1616 …}
+notifications: Doctrine\ORM\PersistentCollection {#1598 …}
-id: 620
-bodyTs: "'convinc':33 'everyth':20 'help':44 'honest':10 'lazy':17 'lol':40 'm':32 'oisteink@feddit.nl':1 'problem':15 'publish':26 'question':28 'real':14 'reconfigur':19 'right':6 'seem':4 'thank':41 'thing':7 'way':39 'yep':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342963738833873"
+editedAt: null
+createdAt: DateTimeImmutable @1698958797 {#1564
date: 2023-11-02 21:59:57.0 +01:00
}
}
App\Entity\PostComment {#1626
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1599 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1599 …}
+image: null
+body: """
@astraeus@programming.dev yep, completely agree on the security issues, that is a mistake that should be fixed. But for the moment I confirmed that root is the only user, and every file and program in the instance can only be used by root (I just created a new user and tried to run the command with su -c but got a lot of permission denials and command not found) \n
If I could hide or disable my own sudo permissions that would save me a lot of work, but I'm starting to think that something like that doesn't exist 🙁
"""
+lang: "en"
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1698954643 {#1702
date: 2023-11-02 20:50:43.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@astraeus@programming.dev"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1618 …}
+nested: Doctrine\ORM\PersistentCollection {#1597 …}
+votes: Doctrine\ORM\PersistentCollection {#1731 …}
+reports: Doctrine\ORM\PersistentCollection {#1723 …}
+favourites: Doctrine\ORM\PersistentCollection {#1721 …}
+notifications: Doctrine\ORM\PersistentCollection {#1728 …}
-id: 616
-bodyTs: "'agre':4 'astraeus@programming.dev':1 'c':57 'command':54,66 'complet':3 'confirm':22 'could':71 'creat':45 'denial':64 'disabl':74 'doesn':97 'everi':30 'exist':99 'file':31 'fix':16 'found':68 'got':59 'hide':72 'instanc':36 'issu':8 'like':95 'lot':61,84 'm':89 'mistak':12 'moment':20 'new':47 'permiss':63,78 'program':33 'root':24,42 'run':52 'save':81 'secur':7 'someth':94 'start':90 'su':56 'sudo':77 'think':92 'tri':50 'use':40 'user':28,48 'work':86 'would':80 'yep':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342691529612536"
+editedAt: null
+createdAt: DateTimeImmutable @1698954643 {#1619
date: 2023-11-02 20:50:43.0 +01:00
}
}
App\Entity\PostComment {#1734
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1732 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1687 …2}
+image: null
+body: "@Oisteink@feddit.nl in another comment (<https://social.vivaldi.net/users/nirogu/statuses/111342629815373353>) I explained why I'd prefer not to create another user, as it would require a lot of work to configure everything again for that command to work (it's a big process). I was thinking of hiding my sudo permissions from the program or something like that, if possible, because many things in the instance are only configured to be used with the root user, even if they don't require sudo. Anyway, I'm seeing that it might not be possible so creating a new user could be the only option 🙁"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1698954358 {#1628
date: 2023-11-02 20:45:58.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@Oisteink@feddit.nl"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1727 …}
+nested: Doctrine\ORM\PersistentCollection {#1733 …}
+votes: Doctrine\ORM\PersistentCollection {#1724 …}
+reports: Doctrine\ORM\PersistentCollection {#1715 …}
+favourites: Doctrine\ORM\PersistentCollection {#1718 …}
+notifications: Doctrine\ORM\PersistentCollection {#1716 …}
-id: 612
-bodyTs: "'/users/nirogu/statuses/111342629815373353':7 'anoth':3,17 'anyway':81 'big':39 'command':33 'comment':4 'configur':28,66 'could':96 'creat':16,92 'd':12 'even':74 'everyth':29 'explain':9 'hide':45 'instanc':63 'like':54 'lot':24 'm':83 'mani':59 'might':87 'new':94 'oisteink@feddit.nl':1 'option':100 'permiss':48 'possibl':57,90 'prefer':13 'process':40 'program':51 'requir':22,79 'root':72 'see':84 'social.vivaldi.net':6 'social.vivaldi.net/users/nirogu/statuses/111342629815373353':5 'someth':53 'sudo':47,80 'thing':60 'think':43 'use':69 'user':18,73,95 'work':26,35 'would':21"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342672818386955"
+editedAt: null
+createdAt: DateTimeImmutable @1698954358 {#1629
date: 2023-11-02 20:45:58.0 +01:00
}
}
App\Entity\PostComment {#1740
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1707 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1687 …2}
+image: null
+body: "@Rustmilian@lemmy.world yeah, already tried it. The problem is that all of the apps in the instance are only installed for the root user (e.g. python and all it's libraries. So, when I use su -c all I get is a lot of command not found messages that would take a lot to solve. Besides I expect a lot more problems when the command needs access to some files and some processes (like a sql database) that would require me to do a lot of stuff to grant permissions to the new user. That would eventually work but given the work it requires I thought that some kind of "anti sudo" command or something like that could exist so I can still be the root user but pretend I am not a superadmin"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1698953702 {#1737
date: 2023-11-02 20:35:02.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@Rustmilian@lemmy.world"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#2465 …}
+nested: Doctrine\ORM\PersistentCollection {#2463 …}
+votes: Doctrine\ORM\PersistentCollection {#2411 …}
+reports: Doctrine\ORM\PersistentCollection {#2422 …}
+favourites: Doctrine\ORM\PersistentCollection {#2458 …}
+notifications: Doctrine\ORM\PersistentCollection {#2456 …}
-id: 618
-bodyTs: "'access':66 'alreadi':3 'anti':110 'app':13 'besid':55 'c':36 'command':44,64,112 'could':117 'databas':76 'e.g':24 'eventu':96 'exist':118 'expect':57 'file':69 'found':46 'get':39 'given':99 'grant':88 'instal':19 'instanc':16 'kind':108 'librari':30 'like':73,115 'lot':42,52,59,84 'messag':47 'need':65 'new':92 'permiss':89 'pretend':128 'problem':7,61 'process':72 'python':25 'requir':79,103 'root':22,125 'rustmilian@lemmy.world':1 'solv':54 'someth':114 'sql':75 'still':122 'stuff':86 'su':35 'sudo':111 'superadmin':133 'take':50 'thought':105 'tri':4 'use':34 'user':23,93,126 'work':97,101 'would':49,78,95 'yeah':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342629815373353"
+editedAt: null
+createdAt: DateTimeImmutable @1698953702 {#1730
date: 2023-11-02 20:35:02.0 +01:00
}
}
Proxies\__CG__\App\Entity\PostComment {#1687 …2}
App\Entity\PostComment {#2359
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1698 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1698 …}
+image: null
+body: "@astray@lemm.ee yeah, that could be an option, but if more users exist in that machine then other processes might fail as that instance is part of a bigger cluster that has several processes running. It might not be a big deal, but checking that may still need some work. I'd prefer a way to do it without creating new users, if it exists"
+lang: "en"
+favouriteCount: 5
+score: 0
+lastActive: DateTime @1698951415 {#2452
date: 2023-11-02 19:56:55.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@astray@lemm.ee"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#2361 …}
+nested: Doctrine\ORM\PersistentCollection {#2372 …}
+votes: Doctrine\ORM\PersistentCollection {#2386 …}
+reports: Doctrine\ORM\PersistentCollection {#2385 …}
+favourites: Doctrine\ORM\PersistentCollection {#2378 …}
+notifications: Doctrine\ORM\PersistentCollection {#2381 …}
-id: 623
-bodyTs: "'astray@lemm.ee':1 'big':40 'bigger':28 'check':43 'cluster':29 'could':4 'creat':59 'd':51 'deal':41 'exist':12,64 'fail':20 'instanc':23 'machin':15 'may':45 'might':19,36 'need':47 'new':60 'option':7 'part':25 'prefer':52 'process':18,33 'run':34 'sever':32 'still':46 'user':11,61 'way':54 'without':58 'work':49 'yeah':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342479953246218"
+editedAt: null
+createdAt: DateTimeImmutable @1698951415 {#2453
date: 2023-11-02 19:56:55.0 +01:00
}
}
]
-id: 286
-bodyTs: "'advanc':103 'anyon':95 'aw':19 'block':65 'break':54 'command':2,16,31,73 'disabl':67 'everyon':8 'execut':35,40 'exist':26,81 'hi':7 'instanc':20,24 'know':96 'linux@lemmy.ml':104 'machin':52 'mention':77 'might':53 'mpirun':41 'not-root':4 'option':93 'particular':23 'privileg':38,70 'recommend':45 'root':6,28,37,84 'run':1,14,47,75 'sudo':49,69,88 'suppos':87 'thank':101 'u':89 'user':29,80 'way':63 'wonder':58 'work':10"
+upVotes: 0
+downVotes: 0
+ranking: 1699037071
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342431186356628"
+editedAt: null
+createdAt: DateTimeImmutable @1698950671 {#2915
date: 2023-11-02 19:44:31.0 +01:00
}
+__isInitialized__: true
…2
}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: null
+root: null
+image: null
+body: """
Forgot to mention that creating a new user brings a lot of problems because of how that machine is configured and all the tools that would need to be added the new user's permission. In theory it would eventually work after some time working on it, but I'd like to know if there's a way to do it without creating users (or if it's impossible, so I can just go on with that only option) \n
@linux@lemmy.ml
"""
+lang: "en"
+favouriteCount: 4
+score: 0
+lastActive: DateTime @1698951882 {#1741
date: 2023-11-02 20:04:42.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#2457 …}
+nested: Doctrine\ORM\PersistentCollection {#2455 …}
+votes: Doctrine\ORM\PersistentCollection {#2468 …}
+reports: Doctrine\ORM\PersistentCollection {#2469 …}
+favourites: Doctrine\ORM\PersistentCollection {#2471 …}
+notifications: Doctrine\ORM\PersistentCollection {#2363 …}
-id: 608
-bodyTs: "'ad':30 'bring':9 'configur':20 'creat':5,63 'd':50 'eventu':40 'forgot':1 'go':74 'imposs':69 'know':53 'like':51 'linux@lemmy.ml':80 'lot':11 'machin':18 'mention':3 'need':27 'new':7,32 'option':79 'permiss':35 'problem':13 'theori':37 'time':44 'tool':24 'user':8,33,64 'way':58 'without':62 'work':41,45 'would':26,39"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342510555544223"
+editedAt: null
+createdAt: DateTimeImmutable @1698951882 {#1739
date: 2023-11-02 20:04:42.0 +01:00
}
+__isInitialized__: true
…2
} |
|
Show voter details
|
| 13 |
DENIED
|
ROLE_USER
|
null |
|
Show voter details
|
| 14 |
DENIED
|
moderate
|
App\Entity\PostComment {#1740
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464
+user: App\Entity\User {#264 …}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+image: null
+slug: "Run-command-as-not-root-Hi-everyone-At-work-I-have"
+body: """
Run command as not-root\n
\n
Hi everyone\n
\n
At work, I have to run a command in an AWS instance. In that particular instance only exists the root user. The command should not be executed with root privileges (it executes mpirun, which is not recommended to run as sudo or the machine might break), so I was wondering if there is a way to block or disable the sudo privileges while the command is running. As mentioned, the only user existing there is root, so I suppose "sudo -u" is not an option.\n
\n
Does anyone know how to do it? Thanks in advance!\n
\n
@linux@lemmy.ml
"""
+lang: "en"
+commentCount: 30
+favouriteCount: 36
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1699069034 {#2916
date: 2023-11-04 04:37:14.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
]
+comments: Doctrine\ORM\PersistentCollection {#2917 …}
+votes: Doctrine\ORM\PersistentCollection {#2926 …}
+reports: Doctrine\ORM\PersistentCollection {#2928 …}
+favourites: Doctrine\ORM\PersistentCollection {#2960 …}
+notifications: Doctrine\ORM\PersistentCollection {#2956 …}
+children: [
App\Entity\PostComment {#1422
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1690 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1698 …}
+image: null
+body: """
@elscallr@lemmy.world I agree about the instance configuration, fixing that is the real solution \n
My question was not about running something as another user, but about hiding the superadmin privileges from a single command I'd execute without switching users. However it is clear that something like that doesn't exist so I'll do the right thing and set everything to work with a new user
"""
+lang: "en"
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1699022526 {#1785
date: 2023-11-03 15:42:06.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@astray@lemm.ee"
"@elscallr@lemmy.world"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1709 …}
+nested: Doctrine\ORM\PersistentCollection {#1458 …}
+votes: Doctrine\ORM\PersistentCollection {#1428 …}
+reports: Doctrine\ORM\PersistentCollection {#1765 …}
+favourites: Doctrine\ORM\PersistentCollection {#1584 …}
+notifications: Doctrine\ORM\PersistentCollection {#1583 …}
-id: 635
-bodyTs: "'agre':3 'anoth':22 'clear':43 'command':33 'configur':7 'd':35 'doesn':48 'elscallr@lemmy.world':1 'everyth':60 'execut':36 'exist':50 'fix':8 'hide':26 'howev':40 'instanc':6 'like':46 'll':53 'new':65 'privileg':29 'question':15 'real':12 'right':56 'run':19 'set':59 'singl':32 'solut':13 'someth':20,45 'superadmin':28 'switch':38 'thing':57 'user':23,39,66 'without':37 'work':62"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111347140288436938"
+editedAt: null
+createdAt: DateTimeImmutable @1699022526 {#1413
date: 2023-11-03 15:42:06.0 +01:00
}
}
App\Entity\PostComment {#1549
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1576 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1586 …}
+image: null
+body: "@ursakhiin@beehaw.org honestly, I didn't even know an aws instance could be a docker image. Everything I did was creating the instance normally so I assumed it was just a regular vm. But already double checked and it is not a docker image, so no problem there 🙂"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1699021862 {#1447
date: 2023-11-03 15:31:02.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@ursakhiin@beehaw.org"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1573 …}
+nested: Doctrine\ORM\PersistentCollection {#1568 …}
+votes: Doctrine\ORM\PersistentCollection {#1528 …}
+reports: Doctrine\ORM\PersistentCollection {#1561 …}
+favourites: Doctrine\ORM\PersistentCollection {#1567 …}
+notifications: Doctrine\ORM\PersistentCollection {#1559 …}
-id: 633
-bodyTs: "'alreadi':34 'assum':26 'aw':9 'check':36 'could':11 'creat':20 'didn':4 'docker':14,42 'doubl':35 'even':6 'everyth':16 'honest':2 'imag':15,43 'instanc':10,22 'know':7 'normal':23 'problem':46 'regular':31 'ursakhiin@beehaw.org':1 'vm':32"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111347096751430470"
+editedAt: null
+createdAt: DateTimeImmutable @1699021862 {#1423
date: 2023-11-03 15:31:02.0 +01:00
}
}
App\Entity\PostComment {#1563
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1586 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1586 …}
+image: null
+body: "@ursakhiin@beehaw.org honestly, didn't consider it. Just checked and the "docker" command doesn't even exist so I assume that is not the case. Do you know if the is any other way I can be certain?"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1698980683 {#1551
date: 2023-11-03 04:04:43.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@ursakhiin@beehaw.org"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1562 …}
+nested: Doctrine\ORM\PersistentCollection {#1554 …}
+votes: Doctrine\ORM\PersistentCollection {#1556 …}
+reports: Doctrine\ORM\PersistentCollection {#1555 …}
+favourites: Doctrine\ORM\PersistentCollection {#1620 …}
+notifications: Doctrine\ORM\PersistentCollection {#1604 …}
-id: 629
-bodyTs: "'assum':19 'case':24 'certain':37 'check':8 'command':12 'consid':5 'didn':3 'docker':11 'doesn':13 'even':15 'exist':16 'honest':2 'know':27 'ursakhiin@beehaw.org':1 'way':33"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111344398050955313"
+editedAt: null
+createdAt: DateTimeImmutable @1698980683 {#1427
date: 2023-11-03 04:04:43.0 +01:00
}
}
App\Entity\PostComment {#1701
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1683 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1687
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: null
+root: null
+image: null
+body: """
Forgot to mention that creating a new user brings a lot of problems because of how that machine is configured and all the tools that would need to be added the new user's permission. In theory it would eventually work after some time working on it, but I'd like to know if there's a way to do it without creating users (or if it's impossible, so I can just go on with that only option) \n
@linux@lemmy.ml
"""
+lang: "en"
+favouriteCount: 4
+score: 0
+lastActive: DateTime @1698951882 {#1741
date: 2023-11-02 20:04:42.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#2457 …}
+nested: Doctrine\ORM\PersistentCollection {#2455 …}
+votes: Doctrine\ORM\PersistentCollection {#2468 …}
+reports: Doctrine\ORM\PersistentCollection {#2469 …}
+favourites: Doctrine\ORM\PersistentCollection {#2471 …}
+notifications: Doctrine\ORM\PersistentCollection {#2363 …}
-id: 608
-bodyTs: "'ad':30 'bring':9 'configur':20 'creat':5,63 'd':50 'eventu':40 'forgot':1 'go':74 'imposs':69 'know':53 'like':51 'linux@lemmy.ml':80 'lot':11 'machin':18 'mention':3 'need':27 'new':7,32 'option':79 'permiss':35 'problem':13 'theori':37 'time':44 'tool':24 'user':8,33,64 'way':58 'without':62 'work':41,45 'would':26,39"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342510555544223"
+editedAt: null
+createdAt: DateTimeImmutable @1698951882 {#1739
date: 2023-11-02 20:04:42.0 +01:00
}
+__isInitialized__: true
…2
}
+image: null
+body: """
@Oisteink@feddit.nl yep, that seems the right thing to do. Honestly, most of the real problem was lazyness to reconfigure everything, and that's why I published the question. But now I'm convinced that that's the only way lol \n
Thanks for the help!
"""
+lang: "en"
+favouriteCount: 2
+score: 0
+lastActive: DateTime @1698958797 {#1566
date: 2023-11-02 21:59:57.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@Oisteink@feddit.nl"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1680 …}
+nested: Doctrine\ORM\PersistentCollection {#1686 …}
+votes: Doctrine\ORM\PersistentCollection {#1692 …}
+reports: Doctrine\ORM\PersistentCollection {#1705 …}
+favourites: Doctrine\ORM\PersistentCollection {#1616 …}
+notifications: Doctrine\ORM\PersistentCollection {#1598 …}
-id: 620
-bodyTs: "'convinc':33 'everyth':20 'help':44 'honest':10 'lazy':17 'lol':40 'm':32 'oisteink@feddit.nl':1 'problem':15 'publish':26 'question':28 'real':14 'reconfigur':19 'right':6 'seem':4 'thank':41 'thing':7 'way':39 'yep':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342963738833873"
+editedAt: null
+createdAt: DateTimeImmutable @1698958797 {#1564
date: 2023-11-02 21:59:57.0 +01:00
}
}
App\Entity\PostComment {#1626
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1599 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1599 …}
+image: null
+body: """
@astraeus@programming.dev yep, completely agree on the security issues, that is a mistake that should be fixed. But for the moment I confirmed that root is the only user, and every file and program in the instance can only be used by root (I just created a new user and tried to run the command with su -c but got a lot of permission denials and command not found) \n
If I could hide or disable my own sudo permissions that would save me a lot of work, but I'm starting to think that something like that doesn't exist 🙁
"""
+lang: "en"
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1698954643 {#1702
date: 2023-11-02 20:50:43.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@astraeus@programming.dev"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1618 …}
+nested: Doctrine\ORM\PersistentCollection {#1597 …}
+votes: Doctrine\ORM\PersistentCollection {#1731 …}
+reports: Doctrine\ORM\PersistentCollection {#1723 …}
+favourites: Doctrine\ORM\PersistentCollection {#1721 …}
+notifications: Doctrine\ORM\PersistentCollection {#1728 …}
-id: 616
-bodyTs: "'agre':4 'astraeus@programming.dev':1 'c':57 'command':54,66 'complet':3 'confirm':22 'could':71 'creat':45 'denial':64 'disabl':74 'doesn':97 'everi':30 'exist':99 'file':31 'fix':16 'found':68 'got':59 'hide':72 'instanc':36 'issu':8 'like':95 'lot':61,84 'm':89 'mistak':12 'moment':20 'new':47 'permiss':63,78 'program':33 'root':24,42 'run':52 'save':81 'secur':7 'someth':94 'start':90 'su':56 'sudo':77 'think':92 'tri':50 'use':40 'user':28,48 'work':86 'would':80 'yep':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342691529612536"
+editedAt: null
+createdAt: DateTimeImmutable @1698954643 {#1619
date: 2023-11-02 20:50:43.0 +01:00
}
}
App\Entity\PostComment {#1734
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1732 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1687 …2}
+image: null
+body: "@Oisteink@feddit.nl in another comment (<https://social.vivaldi.net/users/nirogu/statuses/111342629815373353>) I explained why I'd prefer not to create another user, as it would require a lot of work to configure everything again for that command to work (it's a big process). I was thinking of hiding my sudo permissions from the program or something like that, if possible, because many things in the instance are only configured to be used with the root user, even if they don't require sudo. Anyway, I'm seeing that it might not be possible so creating a new user could be the only option 🙁"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1698954358 {#1628
date: 2023-11-02 20:45:58.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@Oisteink@feddit.nl"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1727 …}
+nested: Doctrine\ORM\PersistentCollection {#1733 …}
+votes: Doctrine\ORM\PersistentCollection {#1724 …}
+reports: Doctrine\ORM\PersistentCollection {#1715 …}
+favourites: Doctrine\ORM\PersistentCollection {#1718 …}
+notifications: Doctrine\ORM\PersistentCollection {#1716 …}
-id: 612
-bodyTs: "'/users/nirogu/statuses/111342629815373353':7 'anoth':3,17 'anyway':81 'big':39 'command':33 'comment':4 'configur':28,66 'could':96 'creat':16,92 'd':12 'even':74 'everyth':29 'explain':9 'hide':45 'instanc':63 'like':54 'lot':24 'm':83 'mani':59 'might':87 'new':94 'oisteink@feddit.nl':1 'option':100 'permiss':48 'possibl':57,90 'prefer':13 'process':40 'program':51 'requir':22,79 'root':72 'see':84 'social.vivaldi.net':6 'social.vivaldi.net/users/nirogu/statuses/111342629815373353':5 'someth':53 'sudo':47,80 'thing':60 'think':43 'use':69 'user':18,73,95 'work':26,35 'would':21"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342672818386955"
+editedAt: null
+createdAt: DateTimeImmutable @1698954358 {#1629
date: 2023-11-02 20:45:58.0 +01:00
}
}
App\Entity\PostComment {#1740}
Proxies\__CG__\App\Entity\PostComment {#1687 …2}
App\Entity\PostComment {#2359
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1698 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1698 …}
+image: null
+body: "@astray@lemm.ee yeah, that could be an option, but if more users exist in that machine then other processes might fail as that instance is part of a bigger cluster that has several processes running. It might not be a big deal, but checking that may still need some work. I'd prefer a way to do it without creating new users, if it exists"
+lang: "en"
+favouriteCount: 5
+score: 0
+lastActive: DateTime @1698951415 {#2452
date: 2023-11-02 19:56:55.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@astray@lemm.ee"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#2361 …}
+nested: Doctrine\ORM\PersistentCollection {#2372 …}
+votes: Doctrine\ORM\PersistentCollection {#2386 …}
+reports: Doctrine\ORM\PersistentCollection {#2385 …}
+favourites: Doctrine\ORM\PersistentCollection {#2378 …}
+notifications: Doctrine\ORM\PersistentCollection {#2381 …}
-id: 623
-bodyTs: "'astray@lemm.ee':1 'big':40 'bigger':28 'check':43 'cluster':29 'could':4 'creat':59 'd':51 'deal':41 'exist':12,64 'fail':20 'instanc':23 'machin':15 'may':45 'might':19,36 'need':47 'new':60 'option':7 'part':25 'prefer':52 'process':18,33 'run':34 'sever':32 'still':46 'user':11,61 'way':54 'without':58 'work':49 'yeah':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342479953246218"
+editedAt: null
+createdAt: DateTimeImmutable @1698951415 {#2453
date: 2023-11-02 19:56:55.0 +01:00
}
}
]
-id: 286
-bodyTs: "'advanc':103 'anyon':95 'aw':19 'block':65 'break':54 'command':2,16,31,73 'disabl':67 'everyon':8 'execut':35,40 'exist':26,81 'hi':7 'instanc':20,24 'know':96 'linux@lemmy.ml':104 'machin':52 'mention':77 'might':53 'mpirun':41 'not-root':4 'option':93 'particular':23 'privileg':38,70 'recommend':45 'root':6,28,37,84 'run':1,14,47,75 'sudo':49,69,88 'suppos':87 'thank':101 'u':89 'user':29,80 'way':63 'wonder':58 'work':10"
+upVotes: 0
+downVotes: 0
+ranking: 1699037071
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342431186356628"
+editedAt: null
+createdAt: DateTimeImmutable @1698950671 {#2915
date: 2023-11-02 19:44:31.0 +01:00
}
+__isInitialized__: true
…2
}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1707 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1687 …2}
+image: null
+body: "@Rustmilian@lemmy.world yeah, already tried it. The problem is that all of the apps in the instance are only installed for the root user (e.g. python and all it's libraries. So, when I use su -c all I get is a lot of command not found messages that would take a lot to solve. Besides I expect a lot more problems when the command needs access to some files and some processes (like a sql database) that would require me to do a lot of stuff to grant permissions to the new user. That would eventually work but given the work it requires I thought that some kind of "anti sudo" command or something like that could exist so I can still be the root user but pretend I am not a superadmin"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1698953702 {#1737
date: 2023-11-02 20:35:02.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@Rustmilian@lemmy.world"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#2465 …}
+nested: Doctrine\ORM\PersistentCollection {#2463 …}
+votes: Doctrine\ORM\PersistentCollection {#2411 …}
+reports: Doctrine\ORM\PersistentCollection {#2422 …}
+favourites: Doctrine\ORM\PersistentCollection {#2458 …}
+notifications: Doctrine\ORM\PersistentCollection {#2456 …}
-id: 618
-bodyTs: "'access':66 'alreadi':3 'anti':110 'app':13 'besid':55 'c':36 'command':44,64,112 'could':117 'databas':76 'e.g':24 'eventu':96 'exist':118 'expect':57 'file':69 'found':46 'get':39 'given':99 'grant':88 'instal':19 'instanc':16 'kind':108 'librari':30 'like':73,115 'lot':42,52,59,84 'messag':47 'need':65 'new':92 'permiss':89 'pretend':128 'problem':7,61 'process':72 'python':25 'requir':79,103 'root':22,125 'rustmilian@lemmy.world':1 'solv':54 'someth':114 'sql':75 'still':122 'stuff':86 'su':35 'sudo':111 'superadmin':133 'take':50 'thought':105 'tri':4 'use':34 'user':23,93,126 'work':97,101 'would':49,78,95 'yeah':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342629815373353"
+editedAt: null
+createdAt: DateTimeImmutable @1698953702 {#1730
date: 2023-11-02 20:35:02.0 +01:00
}
} |
|
Show voter details
|
| 15 |
DENIED
|
edit
|
App\Entity\PostComment {#1740
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464
+user: App\Entity\User {#264 …}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+image: null
+slug: "Run-command-as-not-root-Hi-everyone-At-work-I-have"
+body: """
Run command as not-root\n
\n
Hi everyone\n
\n
At work, I have to run a command in an AWS instance. In that particular instance only exists the root user. The command should not be executed with root privileges (it executes mpirun, which is not recommended to run as sudo or the machine might break), so I was wondering if there is a way to block or disable the sudo privileges while the command is running. As mentioned, the only user existing there is root, so I suppose "sudo -u" is not an option.\n
\n
Does anyone know how to do it? Thanks in advance!\n
\n
@linux@lemmy.ml
"""
+lang: "en"
+commentCount: 30
+favouriteCount: 36
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1699069034 {#2916
date: 2023-11-04 04:37:14.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
]
+comments: Doctrine\ORM\PersistentCollection {#2917 …}
+votes: Doctrine\ORM\PersistentCollection {#2926 …}
+reports: Doctrine\ORM\PersistentCollection {#2928 …}
+favourites: Doctrine\ORM\PersistentCollection {#2960 …}
+notifications: Doctrine\ORM\PersistentCollection {#2956 …}
+children: [
App\Entity\PostComment {#1422
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1690 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1698 …}
+image: null
+body: """
@elscallr@lemmy.world I agree about the instance configuration, fixing that is the real solution \n
My question was not about running something as another user, but about hiding the superadmin privileges from a single command I'd execute without switching users. However it is clear that something like that doesn't exist so I'll do the right thing and set everything to work with a new user
"""
+lang: "en"
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1699022526 {#1785
date: 2023-11-03 15:42:06.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@astray@lemm.ee"
"@elscallr@lemmy.world"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1709 …}
+nested: Doctrine\ORM\PersistentCollection {#1458 …}
+votes: Doctrine\ORM\PersistentCollection {#1428 …}
+reports: Doctrine\ORM\PersistentCollection {#1765 …}
+favourites: Doctrine\ORM\PersistentCollection {#1584 …}
+notifications: Doctrine\ORM\PersistentCollection {#1583 …}
-id: 635
-bodyTs: "'agre':3 'anoth':22 'clear':43 'command':33 'configur':7 'd':35 'doesn':48 'elscallr@lemmy.world':1 'everyth':60 'execut':36 'exist':50 'fix':8 'hide':26 'howev':40 'instanc':6 'like':46 'll':53 'new':65 'privileg':29 'question':15 'real':12 'right':56 'run':19 'set':59 'singl':32 'solut':13 'someth':20,45 'superadmin':28 'switch':38 'thing':57 'user':23,39,66 'without':37 'work':62"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111347140288436938"
+editedAt: null
+createdAt: DateTimeImmutable @1699022526 {#1413
date: 2023-11-03 15:42:06.0 +01:00
}
}
App\Entity\PostComment {#1549
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1576 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1586 …}
+image: null
+body: "@ursakhiin@beehaw.org honestly, I didn't even know an aws instance could be a docker image. Everything I did was creating the instance normally so I assumed it was just a regular vm. But already double checked and it is not a docker image, so no problem there 🙂"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1699021862 {#1447
date: 2023-11-03 15:31:02.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@ursakhiin@beehaw.org"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1573 …}
+nested: Doctrine\ORM\PersistentCollection {#1568 …}
+votes: Doctrine\ORM\PersistentCollection {#1528 …}
+reports: Doctrine\ORM\PersistentCollection {#1561 …}
+favourites: Doctrine\ORM\PersistentCollection {#1567 …}
+notifications: Doctrine\ORM\PersistentCollection {#1559 …}
-id: 633
-bodyTs: "'alreadi':34 'assum':26 'aw':9 'check':36 'could':11 'creat':20 'didn':4 'docker':14,42 'doubl':35 'even':6 'everyth':16 'honest':2 'imag':15,43 'instanc':10,22 'know':7 'normal':23 'problem':46 'regular':31 'ursakhiin@beehaw.org':1 'vm':32"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111347096751430470"
+editedAt: null
+createdAt: DateTimeImmutable @1699021862 {#1423
date: 2023-11-03 15:31:02.0 +01:00
}
}
App\Entity\PostComment {#1563
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1586 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1586 …}
+image: null
+body: "@ursakhiin@beehaw.org honestly, didn't consider it. Just checked and the "docker" command doesn't even exist so I assume that is not the case. Do you know if the is any other way I can be certain?"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1698980683 {#1551
date: 2023-11-03 04:04:43.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@ursakhiin@beehaw.org"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1562 …}
+nested: Doctrine\ORM\PersistentCollection {#1554 …}
+votes: Doctrine\ORM\PersistentCollection {#1556 …}
+reports: Doctrine\ORM\PersistentCollection {#1555 …}
+favourites: Doctrine\ORM\PersistentCollection {#1620 …}
+notifications: Doctrine\ORM\PersistentCollection {#1604 …}
-id: 629
-bodyTs: "'assum':19 'case':24 'certain':37 'check':8 'command':12 'consid':5 'didn':3 'docker':11 'doesn':13 'even':15 'exist':16 'honest':2 'know':27 'ursakhiin@beehaw.org':1 'way':33"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111344398050955313"
+editedAt: null
+createdAt: DateTimeImmutable @1698980683 {#1427
date: 2023-11-03 04:04:43.0 +01:00
}
}
App\Entity\PostComment {#1701
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1683 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1687
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: null
+root: null
+image: null
+body: """
Forgot to mention that creating a new user brings a lot of problems because of how that machine is configured and all the tools that would need to be added the new user's permission. In theory it would eventually work after some time working on it, but I'd like to know if there's a way to do it without creating users (or if it's impossible, so I can just go on with that only option) \n
@linux@lemmy.ml
"""
+lang: "en"
+favouriteCount: 4
+score: 0
+lastActive: DateTime @1698951882 {#1741
date: 2023-11-02 20:04:42.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#2457 …}
+nested: Doctrine\ORM\PersistentCollection {#2455 …}
+votes: Doctrine\ORM\PersistentCollection {#2468 …}
+reports: Doctrine\ORM\PersistentCollection {#2469 …}
+favourites: Doctrine\ORM\PersistentCollection {#2471 …}
+notifications: Doctrine\ORM\PersistentCollection {#2363 …}
-id: 608
-bodyTs: "'ad':30 'bring':9 'configur':20 'creat':5,63 'd':50 'eventu':40 'forgot':1 'go':74 'imposs':69 'know':53 'like':51 'linux@lemmy.ml':80 'lot':11 'machin':18 'mention':3 'need':27 'new':7,32 'option':79 'permiss':35 'problem':13 'theori':37 'time':44 'tool':24 'user':8,33,64 'way':58 'without':62 'work':41,45 'would':26,39"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342510555544223"
+editedAt: null
+createdAt: DateTimeImmutable @1698951882 {#1739
date: 2023-11-02 20:04:42.0 +01:00
}
+__isInitialized__: true
…2
}
+image: null
+body: """
@Oisteink@feddit.nl yep, that seems the right thing to do. Honestly, most of the real problem was lazyness to reconfigure everything, and that's why I published the question. But now I'm convinced that that's the only way lol \n
Thanks for the help!
"""
+lang: "en"
+favouriteCount: 2
+score: 0
+lastActive: DateTime @1698958797 {#1566
date: 2023-11-02 21:59:57.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@Oisteink@feddit.nl"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1680 …}
+nested: Doctrine\ORM\PersistentCollection {#1686 …}
+votes: Doctrine\ORM\PersistentCollection {#1692 …}
+reports: Doctrine\ORM\PersistentCollection {#1705 …}
+favourites: Doctrine\ORM\PersistentCollection {#1616 …}
+notifications: Doctrine\ORM\PersistentCollection {#1598 …}
-id: 620
-bodyTs: "'convinc':33 'everyth':20 'help':44 'honest':10 'lazy':17 'lol':40 'm':32 'oisteink@feddit.nl':1 'problem':15 'publish':26 'question':28 'real':14 'reconfigur':19 'right':6 'seem':4 'thank':41 'thing':7 'way':39 'yep':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342963738833873"
+editedAt: null
+createdAt: DateTimeImmutable @1698958797 {#1564
date: 2023-11-02 21:59:57.0 +01:00
}
}
App\Entity\PostComment {#1626
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1599 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1599 …}
+image: null
+body: """
@astraeus@programming.dev yep, completely agree on the security issues, that is a mistake that should be fixed. But for the moment I confirmed that root is the only user, and every file and program in the instance can only be used by root (I just created a new user and tried to run the command with su -c but got a lot of permission denials and command not found) \n
If I could hide or disable my own sudo permissions that would save me a lot of work, but I'm starting to think that something like that doesn't exist 🙁
"""
+lang: "en"
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1698954643 {#1702
date: 2023-11-02 20:50:43.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@astraeus@programming.dev"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1618 …}
+nested: Doctrine\ORM\PersistentCollection {#1597 …}
+votes: Doctrine\ORM\PersistentCollection {#1731 …}
+reports: Doctrine\ORM\PersistentCollection {#1723 …}
+favourites: Doctrine\ORM\PersistentCollection {#1721 …}
+notifications: Doctrine\ORM\PersistentCollection {#1728 …}
-id: 616
-bodyTs: "'agre':4 'astraeus@programming.dev':1 'c':57 'command':54,66 'complet':3 'confirm':22 'could':71 'creat':45 'denial':64 'disabl':74 'doesn':97 'everi':30 'exist':99 'file':31 'fix':16 'found':68 'got':59 'hide':72 'instanc':36 'issu':8 'like':95 'lot':61,84 'm':89 'mistak':12 'moment':20 'new':47 'permiss':63,78 'program':33 'root':24,42 'run':52 'save':81 'secur':7 'someth':94 'start':90 'su':56 'sudo':77 'think':92 'tri':50 'use':40 'user':28,48 'work':86 'would':80 'yep':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342691529612536"
+editedAt: null
+createdAt: DateTimeImmutable @1698954643 {#1619
date: 2023-11-02 20:50:43.0 +01:00
}
}
App\Entity\PostComment {#1734
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1732 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1687 …2}
+image: null
+body: "@Oisteink@feddit.nl in another comment (<https://social.vivaldi.net/users/nirogu/statuses/111342629815373353>) I explained why I'd prefer not to create another user, as it would require a lot of work to configure everything again for that command to work (it's a big process). I was thinking of hiding my sudo permissions from the program or something like that, if possible, because many things in the instance are only configured to be used with the root user, even if they don't require sudo. Anyway, I'm seeing that it might not be possible so creating a new user could be the only option 🙁"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1698954358 {#1628
date: 2023-11-02 20:45:58.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@Oisteink@feddit.nl"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1727 …}
+nested: Doctrine\ORM\PersistentCollection {#1733 …}
+votes: Doctrine\ORM\PersistentCollection {#1724 …}
+reports: Doctrine\ORM\PersistentCollection {#1715 …}
+favourites: Doctrine\ORM\PersistentCollection {#1718 …}
+notifications: Doctrine\ORM\PersistentCollection {#1716 …}
-id: 612
-bodyTs: "'/users/nirogu/statuses/111342629815373353':7 'anoth':3,17 'anyway':81 'big':39 'command':33 'comment':4 'configur':28,66 'could':96 'creat':16,92 'd':12 'even':74 'everyth':29 'explain':9 'hide':45 'instanc':63 'like':54 'lot':24 'm':83 'mani':59 'might':87 'new':94 'oisteink@feddit.nl':1 'option':100 'permiss':48 'possibl':57,90 'prefer':13 'process':40 'program':51 'requir':22,79 'root':72 'see':84 'social.vivaldi.net':6 'social.vivaldi.net/users/nirogu/statuses/111342629815373353':5 'someth':53 'sudo':47,80 'thing':60 'think':43 'use':69 'user':18,73,95 'work':26,35 'would':21"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342672818386955"
+editedAt: null
+createdAt: DateTimeImmutable @1698954358 {#1629
date: 2023-11-02 20:45:58.0 +01:00
}
}
App\Entity\PostComment {#1740}
Proxies\__CG__\App\Entity\PostComment {#1687 …2}
App\Entity\PostComment {#2359
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1698 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1698 …}
+image: null
+body: "@astray@lemm.ee yeah, that could be an option, but if more users exist in that machine then other processes might fail as that instance is part of a bigger cluster that has several processes running. It might not be a big deal, but checking that may still need some work. I'd prefer a way to do it without creating new users, if it exists"
+lang: "en"
+favouriteCount: 5
+score: 0
+lastActive: DateTime @1698951415 {#2452
date: 2023-11-02 19:56:55.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@astray@lemm.ee"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#2361 …}
+nested: Doctrine\ORM\PersistentCollection {#2372 …}
+votes: Doctrine\ORM\PersistentCollection {#2386 …}
+reports: Doctrine\ORM\PersistentCollection {#2385 …}
+favourites: Doctrine\ORM\PersistentCollection {#2378 …}
+notifications: Doctrine\ORM\PersistentCollection {#2381 …}
-id: 623
-bodyTs: "'astray@lemm.ee':1 'big':40 'bigger':28 'check':43 'cluster':29 'could':4 'creat':59 'd':51 'deal':41 'exist':12,64 'fail':20 'instanc':23 'machin':15 'may':45 'might':19,36 'need':47 'new':60 'option':7 'part':25 'prefer':52 'process':18,33 'run':34 'sever':32 'still':46 'user':11,61 'way':54 'without':58 'work':49 'yeah':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342479953246218"
+editedAt: null
+createdAt: DateTimeImmutable @1698951415 {#2453
date: 2023-11-02 19:56:55.0 +01:00
}
}
]
-id: 286
-bodyTs: "'advanc':103 'anyon':95 'aw':19 'block':65 'break':54 'command':2,16,31,73 'disabl':67 'everyon':8 'execut':35,40 'exist':26,81 'hi':7 'instanc':20,24 'know':96 'linux@lemmy.ml':104 'machin':52 'mention':77 'might':53 'mpirun':41 'not-root':4 'option':93 'particular':23 'privileg':38,70 'recommend':45 'root':6,28,37,84 'run':1,14,47,75 'sudo':49,69,88 'suppos':87 'thank':101 'u':89 'user':29,80 'way':63 'wonder':58 'work':10"
+upVotes: 0
+downVotes: 0
+ranking: 1699037071
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342431186356628"
+editedAt: null
+createdAt: DateTimeImmutable @1698950671 {#2915
date: 2023-11-02 19:44:31.0 +01:00
}
+__isInitialized__: true
…2
}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1707 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1687 …2}
+image: null
+body: "@Rustmilian@lemmy.world yeah, already tried it. The problem is that all of the apps in the instance are only installed for the root user (e.g. python and all it's libraries. So, when I use su -c all I get is a lot of command not found messages that would take a lot to solve. Besides I expect a lot more problems when the command needs access to some files and some processes (like a sql database) that would require me to do a lot of stuff to grant permissions to the new user. That would eventually work but given the work it requires I thought that some kind of "anti sudo" command or something like that could exist so I can still be the root user but pretend I am not a superadmin"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1698953702 {#1737
date: 2023-11-02 20:35:02.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@Rustmilian@lemmy.world"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#2465 …}
+nested: Doctrine\ORM\PersistentCollection {#2463 …}
+votes: Doctrine\ORM\PersistentCollection {#2411 …}
+reports: Doctrine\ORM\PersistentCollection {#2422 …}
+favourites: Doctrine\ORM\PersistentCollection {#2458 …}
+notifications: Doctrine\ORM\PersistentCollection {#2456 …}
-id: 618
-bodyTs: "'access':66 'alreadi':3 'anti':110 'app':13 'besid':55 'c':36 'command':44,64,112 'could':117 'databas':76 'e.g':24 'eventu':96 'exist':118 'expect':57 'file':69 'found':46 'get':39 'given':99 'grant':88 'instal':19 'instanc':16 'kind':108 'librari':30 'like':73,115 'lot':42,52,59,84 'messag':47 'need':65 'new':92 'permiss':89 'pretend':128 'problem':7,61 'process':72 'python':25 'requir':79,103 'root':22,125 'rustmilian@lemmy.world':1 'solv':54 'someth':114 'sql':75 'still':122 'stuff':86 'su':35 'sudo':111 'superadmin':133 'take':50 'thought':105 'tri':4 'use':34 'user':23,93,126 'work':97,101 'would':49,78,95 'yeah':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342629815373353"
+editedAt: null
+createdAt: DateTimeImmutable @1698953702 {#1730
date: 2023-11-02 20:35:02.0 +01:00
}
} |
|
Show voter details
|
| 16 |
DENIED
|
moderate
|
App\Entity\PostComment {#1740
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464
+user: App\Entity\User {#264 …}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+image: null
+slug: "Run-command-as-not-root-Hi-everyone-At-work-I-have"
+body: """
Run command as not-root\n
\n
Hi everyone\n
\n
At work, I have to run a command in an AWS instance. In that particular instance only exists the root user. The command should not be executed with root privileges (it executes mpirun, which is not recommended to run as sudo or the machine might break), so I was wondering if there is a way to block or disable the sudo privileges while the command is running. As mentioned, the only user existing there is root, so I suppose "sudo -u" is not an option.\n
\n
Does anyone know how to do it? Thanks in advance!\n
\n
@linux@lemmy.ml
"""
+lang: "en"
+commentCount: 30
+favouriteCount: 36
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1699069034 {#2916
date: 2023-11-04 04:37:14.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
]
+comments: Doctrine\ORM\PersistentCollection {#2917 …}
+votes: Doctrine\ORM\PersistentCollection {#2926 …}
+reports: Doctrine\ORM\PersistentCollection {#2928 …}
+favourites: Doctrine\ORM\PersistentCollection {#2960 …}
+notifications: Doctrine\ORM\PersistentCollection {#2956 …}
+children: [
App\Entity\PostComment {#1422
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1690 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1698 …}
+image: null
+body: """
@elscallr@lemmy.world I agree about the instance configuration, fixing that is the real solution \n
My question was not about running something as another user, but about hiding the superadmin privileges from a single command I'd execute without switching users. However it is clear that something like that doesn't exist so I'll do the right thing and set everything to work with a new user
"""
+lang: "en"
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1699022526 {#1785
date: 2023-11-03 15:42:06.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@astray@lemm.ee"
"@elscallr@lemmy.world"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1709 …}
+nested: Doctrine\ORM\PersistentCollection {#1458 …}
+votes: Doctrine\ORM\PersistentCollection {#1428 …}
+reports: Doctrine\ORM\PersistentCollection {#1765 …}
+favourites: Doctrine\ORM\PersistentCollection {#1584 …}
+notifications: Doctrine\ORM\PersistentCollection {#1583 …}
-id: 635
-bodyTs: "'agre':3 'anoth':22 'clear':43 'command':33 'configur':7 'd':35 'doesn':48 'elscallr@lemmy.world':1 'everyth':60 'execut':36 'exist':50 'fix':8 'hide':26 'howev':40 'instanc':6 'like':46 'll':53 'new':65 'privileg':29 'question':15 'real':12 'right':56 'run':19 'set':59 'singl':32 'solut':13 'someth':20,45 'superadmin':28 'switch':38 'thing':57 'user':23,39,66 'without':37 'work':62"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111347140288436938"
+editedAt: null
+createdAt: DateTimeImmutable @1699022526 {#1413
date: 2023-11-03 15:42:06.0 +01:00
}
}
App\Entity\PostComment {#1549
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1576 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1586 …}
+image: null
+body: "@ursakhiin@beehaw.org honestly, I didn't even know an aws instance could be a docker image. Everything I did was creating the instance normally so I assumed it was just a regular vm. But already double checked and it is not a docker image, so no problem there 🙂"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1699021862 {#1447
date: 2023-11-03 15:31:02.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@ursakhiin@beehaw.org"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1573 …}
+nested: Doctrine\ORM\PersistentCollection {#1568 …}
+votes: Doctrine\ORM\PersistentCollection {#1528 …}
+reports: Doctrine\ORM\PersistentCollection {#1561 …}
+favourites: Doctrine\ORM\PersistentCollection {#1567 …}
+notifications: Doctrine\ORM\PersistentCollection {#1559 …}
-id: 633
-bodyTs: "'alreadi':34 'assum':26 'aw':9 'check':36 'could':11 'creat':20 'didn':4 'docker':14,42 'doubl':35 'even':6 'everyth':16 'honest':2 'imag':15,43 'instanc':10,22 'know':7 'normal':23 'problem':46 'regular':31 'ursakhiin@beehaw.org':1 'vm':32"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111347096751430470"
+editedAt: null
+createdAt: DateTimeImmutable @1699021862 {#1423
date: 2023-11-03 15:31:02.0 +01:00
}
}
App\Entity\PostComment {#1563
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1586 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1586 …}
+image: null
+body: "@ursakhiin@beehaw.org honestly, didn't consider it. Just checked and the "docker" command doesn't even exist so I assume that is not the case. Do you know if the is any other way I can be certain?"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1698980683 {#1551
date: 2023-11-03 04:04:43.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@ursakhiin@beehaw.org"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1562 …}
+nested: Doctrine\ORM\PersistentCollection {#1554 …}
+votes: Doctrine\ORM\PersistentCollection {#1556 …}
+reports: Doctrine\ORM\PersistentCollection {#1555 …}
+favourites: Doctrine\ORM\PersistentCollection {#1620 …}
+notifications: Doctrine\ORM\PersistentCollection {#1604 …}
-id: 629
-bodyTs: "'assum':19 'case':24 'certain':37 'check':8 'command':12 'consid':5 'didn':3 'docker':11 'doesn':13 'even':15 'exist':16 'honest':2 'know':27 'ursakhiin@beehaw.org':1 'way':33"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111344398050955313"
+editedAt: null
+createdAt: DateTimeImmutable @1698980683 {#1427
date: 2023-11-03 04:04:43.0 +01:00
}
}
App\Entity\PostComment {#1701
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1683 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1687
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: null
+root: null
+image: null
+body: """
Forgot to mention that creating a new user brings a lot of problems because of how that machine is configured and all the tools that would need to be added the new user's permission. In theory it would eventually work after some time working on it, but I'd like to know if there's a way to do it without creating users (or if it's impossible, so I can just go on with that only option) \n
@linux@lemmy.ml
"""
+lang: "en"
+favouriteCount: 4
+score: 0
+lastActive: DateTime @1698951882 {#1741
date: 2023-11-02 20:04:42.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#2457 …}
+nested: Doctrine\ORM\PersistentCollection {#2455 …}
+votes: Doctrine\ORM\PersistentCollection {#2468 …}
+reports: Doctrine\ORM\PersistentCollection {#2469 …}
+favourites: Doctrine\ORM\PersistentCollection {#2471 …}
+notifications: Doctrine\ORM\PersistentCollection {#2363 …}
-id: 608
-bodyTs: "'ad':30 'bring':9 'configur':20 'creat':5,63 'd':50 'eventu':40 'forgot':1 'go':74 'imposs':69 'know':53 'like':51 'linux@lemmy.ml':80 'lot':11 'machin':18 'mention':3 'need':27 'new':7,32 'option':79 'permiss':35 'problem':13 'theori':37 'time':44 'tool':24 'user':8,33,64 'way':58 'without':62 'work':41,45 'would':26,39"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342510555544223"
+editedAt: null
+createdAt: DateTimeImmutable @1698951882 {#1739
date: 2023-11-02 20:04:42.0 +01:00
}
+__isInitialized__: true
…2
}
+image: null
+body: """
@Oisteink@feddit.nl yep, that seems the right thing to do. Honestly, most of the real problem was lazyness to reconfigure everything, and that's why I published the question. But now I'm convinced that that's the only way lol \n
Thanks for the help!
"""
+lang: "en"
+favouriteCount: 2
+score: 0
+lastActive: DateTime @1698958797 {#1566
date: 2023-11-02 21:59:57.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@Oisteink@feddit.nl"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1680 …}
+nested: Doctrine\ORM\PersistentCollection {#1686 …}
+votes: Doctrine\ORM\PersistentCollection {#1692 …}
+reports: Doctrine\ORM\PersistentCollection {#1705 …}
+favourites: Doctrine\ORM\PersistentCollection {#1616 …}
+notifications: Doctrine\ORM\PersistentCollection {#1598 …}
-id: 620
-bodyTs: "'convinc':33 'everyth':20 'help':44 'honest':10 'lazy':17 'lol':40 'm':32 'oisteink@feddit.nl':1 'problem':15 'publish':26 'question':28 'real':14 'reconfigur':19 'right':6 'seem':4 'thank':41 'thing':7 'way':39 'yep':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342963738833873"
+editedAt: null
+createdAt: DateTimeImmutable @1698958797 {#1564
date: 2023-11-02 21:59:57.0 +01:00
}
}
App\Entity\PostComment {#1626
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1599 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1599 …}
+image: null
+body: """
@astraeus@programming.dev yep, completely agree on the security issues, that is a mistake that should be fixed. But for the moment I confirmed that root is the only user, and every file and program in the instance can only be used by root (I just created a new user and tried to run the command with su -c but got a lot of permission denials and command not found) \n
If I could hide or disable my own sudo permissions that would save me a lot of work, but I'm starting to think that something like that doesn't exist 🙁
"""
+lang: "en"
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1698954643 {#1702
date: 2023-11-02 20:50:43.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@astraeus@programming.dev"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1618 …}
+nested: Doctrine\ORM\PersistentCollection {#1597 …}
+votes: Doctrine\ORM\PersistentCollection {#1731 …}
+reports: Doctrine\ORM\PersistentCollection {#1723 …}
+favourites: Doctrine\ORM\PersistentCollection {#1721 …}
+notifications: Doctrine\ORM\PersistentCollection {#1728 …}
-id: 616
-bodyTs: "'agre':4 'astraeus@programming.dev':1 'c':57 'command':54,66 'complet':3 'confirm':22 'could':71 'creat':45 'denial':64 'disabl':74 'doesn':97 'everi':30 'exist':99 'file':31 'fix':16 'found':68 'got':59 'hide':72 'instanc':36 'issu':8 'like':95 'lot':61,84 'm':89 'mistak':12 'moment':20 'new':47 'permiss':63,78 'program':33 'root':24,42 'run':52 'save':81 'secur':7 'someth':94 'start':90 'su':56 'sudo':77 'think':92 'tri':50 'use':40 'user':28,48 'work':86 'would':80 'yep':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342691529612536"
+editedAt: null
+createdAt: DateTimeImmutable @1698954643 {#1619
date: 2023-11-02 20:50:43.0 +01:00
}
}
App\Entity\PostComment {#1734
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1732 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1687 …2}
+image: null
+body: "@Oisteink@feddit.nl in another comment (<https://social.vivaldi.net/users/nirogu/statuses/111342629815373353>) I explained why I'd prefer not to create another user, as it would require a lot of work to configure everything again for that command to work (it's a big process). I was thinking of hiding my sudo permissions from the program or something like that, if possible, because many things in the instance are only configured to be used with the root user, even if they don't require sudo. Anyway, I'm seeing that it might not be possible so creating a new user could be the only option 🙁"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1698954358 {#1628
date: 2023-11-02 20:45:58.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@Oisteink@feddit.nl"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1727 …}
+nested: Doctrine\ORM\PersistentCollection {#1733 …}
+votes: Doctrine\ORM\PersistentCollection {#1724 …}
+reports: Doctrine\ORM\PersistentCollection {#1715 …}
+favourites: Doctrine\ORM\PersistentCollection {#1718 …}
+notifications: Doctrine\ORM\PersistentCollection {#1716 …}
-id: 612
-bodyTs: "'/users/nirogu/statuses/111342629815373353':7 'anoth':3,17 'anyway':81 'big':39 'command':33 'comment':4 'configur':28,66 'could':96 'creat':16,92 'd':12 'even':74 'everyth':29 'explain':9 'hide':45 'instanc':63 'like':54 'lot':24 'm':83 'mani':59 'might':87 'new':94 'oisteink@feddit.nl':1 'option':100 'permiss':48 'possibl':57,90 'prefer':13 'process':40 'program':51 'requir':22,79 'root':72 'see':84 'social.vivaldi.net':6 'social.vivaldi.net/users/nirogu/statuses/111342629815373353':5 'someth':53 'sudo':47,80 'thing':60 'think':43 'use':69 'user':18,73,95 'work':26,35 'would':21"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342672818386955"
+editedAt: null
+createdAt: DateTimeImmutable @1698954358 {#1629
date: 2023-11-02 20:45:58.0 +01:00
}
}
App\Entity\PostComment {#1740}
Proxies\__CG__\App\Entity\PostComment {#1687 …2}
App\Entity\PostComment {#2359
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1698 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1698 …}
+image: null
+body: "@astray@lemm.ee yeah, that could be an option, but if more users exist in that machine then other processes might fail as that instance is part of a bigger cluster that has several processes running. It might not be a big deal, but checking that may still need some work. I'd prefer a way to do it without creating new users, if it exists"
+lang: "en"
+favouriteCount: 5
+score: 0
+lastActive: DateTime @1698951415 {#2452
date: 2023-11-02 19:56:55.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@astray@lemm.ee"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#2361 …}
+nested: Doctrine\ORM\PersistentCollection {#2372 …}
+votes: Doctrine\ORM\PersistentCollection {#2386 …}
+reports: Doctrine\ORM\PersistentCollection {#2385 …}
+favourites: Doctrine\ORM\PersistentCollection {#2378 …}
+notifications: Doctrine\ORM\PersistentCollection {#2381 …}
-id: 623
-bodyTs: "'astray@lemm.ee':1 'big':40 'bigger':28 'check':43 'cluster':29 'could':4 'creat':59 'd':51 'deal':41 'exist':12,64 'fail':20 'instanc':23 'machin':15 'may':45 'might':19,36 'need':47 'new':60 'option':7 'part':25 'prefer':52 'process':18,33 'run':34 'sever':32 'still':46 'user':11,61 'way':54 'without':58 'work':49 'yeah':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342479953246218"
+editedAt: null
+createdAt: DateTimeImmutable @1698951415 {#2453
date: 2023-11-02 19:56:55.0 +01:00
}
}
]
-id: 286
-bodyTs: "'advanc':103 'anyon':95 'aw':19 'block':65 'break':54 'command':2,16,31,73 'disabl':67 'everyon':8 'execut':35,40 'exist':26,81 'hi':7 'instanc':20,24 'know':96 'linux@lemmy.ml':104 'machin':52 'mention':77 'might':53 'mpirun':41 'not-root':4 'option':93 'particular':23 'privileg':38,70 'recommend':45 'root':6,28,37,84 'run':1,14,47,75 'sudo':49,69,88 'suppos':87 'thank':101 'u':89 'user':29,80 'way':63 'wonder':58 'work':10"
+upVotes: 0
+downVotes: 0
+ranking: 1699037071
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342431186356628"
+editedAt: null
+createdAt: DateTimeImmutable @1698950671 {#2915
date: 2023-11-02 19:44:31.0 +01:00
}
+__isInitialized__: true
…2
}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1707 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1687 …2}
+image: null
+body: "@Rustmilian@lemmy.world yeah, already tried it. The problem is that all of the apps in the instance are only installed for the root user (e.g. python and all it's libraries. So, when I use su -c all I get is a lot of command not found messages that would take a lot to solve. Besides I expect a lot more problems when the command needs access to some files and some processes (like a sql database) that would require me to do a lot of stuff to grant permissions to the new user. That would eventually work but given the work it requires I thought that some kind of "anti sudo" command or something like that could exist so I can still be the root user but pretend I am not a superadmin"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1698953702 {#1737
date: 2023-11-02 20:35:02.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@Rustmilian@lemmy.world"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#2465 …}
+nested: Doctrine\ORM\PersistentCollection {#2463 …}
+votes: Doctrine\ORM\PersistentCollection {#2411 …}
+reports: Doctrine\ORM\PersistentCollection {#2422 …}
+favourites: Doctrine\ORM\PersistentCollection {#2458 …}
+notifications: Doctrine\ORM\PersistentCollection {#2456 …}
-id: 618
-bodyTs: "'access':66 'alreadi':3 'anti':110 'app':13 'besid':55 'c':36 'command':44,64,112 'could':117 'databas':76 'e.g':24 'eventu':96 'exist':118 'expect':57 'file':69 'found':46 'get':39 'given':99 'grant':88 'instal':19 'instanc':16 'kind':108 'librari':30 'like':73,115 'lot':42,52,59,84 'messag':47 'need':65 'new':92 'permiss':89 'pretend':128 'problem':7,61 'process':72 'python':25 'requir':79,103 'root':22,125 'rustmilian@lemmy.world':1 'solv':54 'someth':114 'sql':75 'still':122 'stuff':86 'su':35 'sudo':111 'superadmin':133 'take':50 'thought':105 'tri':4 'use':34 'user':23,93,126 'work':97,101 'would':49,78,95 'yeah':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342629815373353"
+editedAt: null
+createdAt: DateTimeImmutable @1698953702 {#1730
date: 2023-11-02 20:35:02.0 +01:00
}
} |
|
Show voter details
|
| 17 |
DENIED
|
ROLE_USER
|
null |
|
Show voter details
|
| 18 |
DENIED
|
moderate
|
App\Entity\PostComment {#1734
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464
+user: App\Entity\User {#264 …}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+image: null
+slug: "Run-command-as-not-root-Hi-everyone-At-work-I-have"
+body: """
Run command as not-root\n
\n
Hi everyone\n
\n
At work, I have to run a command in an AWS instance. In that particular instance only exists the root user. The command should not be executed with root privileges (it executes mpirun, which is not recommended to run as sudo or the machine might break), so I was wondering if there is a way to block or disable the sudo privileges while the command is running. As mentioned, the only user existing there is root, so I suppose "sudo -u" is not an option.\n
\n
Does anyone know how to do it? Thanks in advance!\n
\n
@linux@lemmy.ml
"""
+lang: "en"
+commentCount: 30
+favouriteCount: 36
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1699069034 {#2916
date: 2023-11-04 04:37:14.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
]
+comments: Doctrine\ORM\PersistentCollection {#2917 …}
+votes: Doctrine\ORM\PersistentCollection {#2926 …}
+reports: Doctrine\ORM\PersistentCollection {#2928 …}
+favourites: Doctrine\ORM\PersistentCollection {#2960 …}
+notifications: Doctrine\ORM\PersistentCollection {#2956 …}
+children: [
App\Entity\PostComment {#1422
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1690 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1698 …}
+image: null
+body: """
@elscallr@lemmy.world I agree about the instance configuration, fixing that is the real solution \n
My question was not about running something as another user, but about hiding the superadmin privileges from a single command I'd execute without switching users. However it is clear that something like that doesn't exist so I'll do the right thing and set everything to work with a new user
"""
+lang: "en"
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1699022526 {#1785
date: 2023-11-03 15:42:06.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@astray@lemm.ee"
"@elscallr@lemmy.world"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1709 …}
+nested: Doctrine\ORM\PersistentCollection {#1458 …}
+votes: Doctrine\ORM\PersistentCollection {#1428 …}
+reports: Doctrine\ORM\PersistentCollection {#1765 …}
+favourites: Doctrine\ORM\PersistentCollection {#1584 …}
+notifications: Doctrine\ORM\PersistentCollection {#1583 …}
-id: 635
-bodyTs: "'agre':3 'anoth':22 'clear':43 'command':33 'configur':7 'd':35 'doesn':48 'elscallr@lemmy.world':1 'everyth':60 'execut':36 'exist':50 'fix':8 'hide':26 'howev':40 'instanc':6 'like':46 'll':53 'new':65 'privileg':29 'question':15 'real':12 'right':56 'run':19 'set':59 'singl':32 'solut':13 'someth':20,45 'superadmin':28 'switch':38 'thing':57 'user':23,39,66 'without':37 'work':62"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111347140288436938"
+editedAt: null
+createdAt: DateTimeImmutable @1699022526 {#1413
date: 2023-11-03 15:42:06.0 +01:00
}
}
App\Entity\PostComment {#1549
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1576 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1586 …}
+image: null
+body: "@ursakhiin@beehaw.org honestly, I didn't even know an aws instance could be a docker image. Everything I did was creating the instance normally so I assumed it was just a regular vm. But already double checked and it is not a docker image, so no problem there 🙂"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1699021862 {#1447
date: 2023-11-03 15:31:02.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@ursakhiin@beehaw.org"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1573 …}
+nested: Doctrine\ORM\PersistentCollection {#1568 …}
+votes: Doctrine\ORM\PersistentCollection {#1528 …}
+reports: Doctrine\ORM\PersistentCollection {#1561 …}
+favourites: Doctrine\ORM\PersistentCollection {#1567 …}
+notifications: Doctrine\ORM\PersistentCollection {#1559 …}
-id: 633
-bodyTs: "'alreadi':34 'assum':26 'aw':9 'check':36 'could':11 'creat':20 'didn':4 'docker':14,42 'doubl':35 'even':6 'everyth':16 'honest':2 'imag':15,43 'instanc':10,22 'know':7 'normal':23 'problem':46 'regular':31 'ursakhiin@beehaw.org':1 'vm':32"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111347096751430470"
+editedAt: null
+createdAt: DateTimeImmutable @1699021862 {#1423
date: 2023-11-03 15:31:02.0 +01:00
}
}
App\Entity\PostComment {#1563
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1586 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1586 …}
+image: null
+body: "@ursakhiin@beehaw.org honestly, didn't consider it. Just checked and the "docker" command doesn't even exist so I assume that is not the case. Do you know if the is any other way I can be certain?"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1698980683 {#1551
date: 2023-11-03 04:04:43.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@ursakhiin@beehaw.org"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1562 …}
+nested: Doctrine\ORM\PersistentCollection {#1554 …}
+votes: Doctrine\ORM\PersistentCollection {#1556 …}
+reports: Doctrine\ORM\PersistentCollection {#1555 …}
+favourites: Doctrine\ORM\PersistentCollection {#1620 …}
+notifications: Doctrine\ORM\PersistentCollection {#1604 …}
-id: 629
-bodyTs: "'assum':19 'case':24 'certain':37 'check':8 'command':12 'consid':5 'didn':3 'docker':11 'doesn':13 'even':15 'exist':16 'honest':2 'know':27 'ursakhiin@beehaw.org':1 'way':33"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111344398050955313"
+editedAt: null
+createdAt: DateTimeImmutable @1698980683 {#1427
date: 2023-11-03 04:04:43.0 +01:00
}
}
App\Entity\PostComment {#1701
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1683 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1687
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: null
+root: null
+image: null
+body: """
Forgot to mention that creating a new user brings a lot of problems because of how that machine is configured and all the tools that would need to be added the new user's permission. In theory it would eventually work after some time working on it, but I'd like to know if there's a way to do it without creating users (or if it's impossible, so I can just go on with that only option) \n
@linux@lemmy.ml
"""
+lang: "en"
+favouriteCount: 4
+score: 0
+lastActive: DateTime @1698951882 {#1741
date: 2023-11-02 20:04:42.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#2457 …}
+nested: Doctrine\ORM\PersistentCollection {#2455 …}
+votes: Doctrine\ORM\PersistentCollection {#2468 …}
+reports: Doctrine\ORM\PersistentCollection {#2469 …}
+favourites: Doctrine\ORM\PersistentCollection {#2471 …}
+notifications: Doctrine\ORM\PersistentCollection {#2363 …}
-id: 608
-bodyTs: "'ad':30 'bring':9 'configur':20 'creat':5,63 'd':50 'eventu':40 'forgot':1 'go':74 'imposs':69 'know':53 'like':51 'linux@lemmy.ml':80 'lot':11 'machin':18 'mention':3 'need':27 'new':7,32 'option':79 'permiss':35 'problem':13 'theori':37 'time':44 'tool':24 'user':8,33,64 'way':58 'without':62 'work':41,45 'would':26,39"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342510555544223"
+editedAt: null
+createdAt: DateTimeImmutable @1698951882 {#1739
date: 2023-11-02 20:04:42.0 +01:00
}
+__isInitialized__: true
…2
}
+image: null
+body: """
@Oisteink@feddit.nl yep, that seems the right thing to do. Honestly, most of the real problem was lazyness to reconfigure everything, and that's why I published the question. But now I'm convinced that that's the only way lol \n
Thanks for the help!
"""
+lang: "en"
+favouriteCount: 2
+score: 0
+lastActive: DateTime @1698958797 {#1566
date: 2023-11-02 21:59:57.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@Oisteink@feddit.nl"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1680 …}
+nested: Doctrine\ORM\PersistentCollection {#1686 …}
+votes: Doctrine\ORM\PersistentCollection {#1692 …}
+reports: Doctrine\ORM\PersistentCollection {#1705 …}
+favourites: Doctrine\ORM\PersistentCollection {#1616 …}
+notifications: Doctrine\ORM\PersistentCollection {#1598 …}
-id: 620
-bodyTs: "'convinc':33 'everyth':20 'help':44 'honest':10 'lazy':17 'lol':40 'm':32 'oisteink@feddit.nl':1 'problem':15 'publish':26 'question':28 'real':14 'reconfigur':19 'right':6 'seem':4 'thank':41 'thing':7 'way':39 'yep':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342963738833873"
+editedAt: null
+createdAt: DateTimeImmutable @1698958797 {#1564
date: 2023-11-02 21:59:57.0 +01:00
}
}
App\Entity\PostComment {#1626
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1599 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1599 …}
+image: null
+body: """
@astraeus@programming.dev yep, completely agree on the security issues, that is a mistake that should be fixed. But for the moment I confirmed that root is the only user, and every file and program in the instance can only be used by root (I just created a new user and tried to run the command with su -c but got a lot of permission denials and command not found) \n
If I could hide or disable my own sudo permissions that would save me a lot of work, but I'm starting to think that something like that doesn't exist 🙁
"""
+lang: "en"
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1698954643 {#1702
date: 2023-11-02 20:50:43.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@astraeus@programming.dev"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1618 …}
+nested: Doctrine\ORM\PersistentCollection {#1597 …}
+votes: Doctrine\ORM\PersistentCollection {#1731 …}
+reports: Doctrine\ORM\PersistentCollection {#1723 …}
+favourites: Doctrine\ORM\PersistentCollection {#1721 …}
+notifications: Doctrine\ORM\PersistentCollection {#1728 …}
-id: 616
-bodyTs: "'agre':4 'astraeus@programming.dev':1 'c':57 'command':54,66 'complet':3 'confirm':22 'could':71 'creat':45 'denial':64 'disabl':74 'doesn':97 'everi':30 'exist':99 'file':31 'fix':16 'found':68 'got':59 'hide':72 'instanc':36 'issu':8 'like':95 'lot':61,84 'm':89 'mistak':12 'moment':20 'new':47 'permiss':63,78 'program':33 'root':24,42 'run':52 'save':81 'secur':7 'someth':94 'start':90 'su':56 'sudo':77 'think':92 'tri':50 'use':40 'user':28,48 'work':86 'would':80 'yep':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342691529612536"
+editedAt: null
+createdAt: DateTimeImmutable @1698954643 {#1619
date: 2023-11-02 20:50:43.0 +01:00
}
}
App\Entity\PostComment {#1734}
App\Entity\PostComment {#1740
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1707 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1687 …2}
+image: null
+body: "@Rustmilian@lemmy.world yeah, already tried it. The problem is that all of the apps in the instance are only installed for the root user (e.g. python and all it's libraries. So, when I use su -c all I get is a lot of command not found messages that would take a lot to solve. Besides I expect a lot more problems when the command needs access to some files and some processes (like a sql database) that would require me to do a lot of stuff to grant permissions to the new user. That would eventually work but given the work it requires I thought that some kind of "anti sudo" command or something like that could exist so I can still be the root user but pretend I am not a superadmin"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1698953702 {#1737
date: 2023-11-02 20:35:02.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@Rustmilian@lemmy.world"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#2465 …}
+nested: Doctrine\ORM\PersistentCollection {#2463 …}
+votes: Doctrine\ORM\PersistentCollection {#2411 …}
+reports: Doctrine\ORM\PersistentCollection {#2422 …}
+favourites: Doctrine\ORM\PersistentCollection {#2458 …}
+notifications: Doctrine\ORM\PersistentCollection {#2456 …}
-id: 618
-bodyTs: "'access':66 'alreadi':3 'anti':110 'app':13 'besid':55 'c':36 'command':44,64,112 'could':117 'databas':76 'e.g':24 'eventu':96 'exist':118 'expect':57 'file':69 'found':46 'get':39 'given':99 'grant':88 'instal':19 'instanc':16 'kind':108 'librari':30 'like':73,115 'lot':42,52,59,84 'messag':47 'need':65 'new':92 'permiss':89 'pretend':128 'problem':7,61 'process':72 'python':25 'requir':79,103 'root':22,125 'rustmilian@lemmy.world':1 'solv':54 'someth':114 'sql':75 'still':122 'stuff':86 'su':35 'sudo':111 'superadmin':133 'take':50 'thought':105 'tri':4 'use':34 'user':23,93,126 'work':97,101 'would':49,78,95 'yeah':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342629815373353"
+editedAt: null
+createdAt: DateTimeImmutable @1698953702 {#1730
date: 2023-11-02 20:35:02.0 +01:00
}
}
Proxies\__CG__\App\Entity\PostComment {#1687 …2}
App\Entity\PostComment {#2359
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1698 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1698 …}
+image: null
+body: "@astray@lemm.ee yeah, that could be an option, but if more users exist in that machine then other processes might fail as that instance is part of a bigger cluster that has several processes running. It might not be a big deal, but checking that may still need some work. I'd prefer a way to do it without creating new users, if it exists"
+lang: "en"
+favouriteCount: 5
+score: 0
+lastActive: DateTime @1698951415 {#2452
date: 2023-11-02 19:56:55.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@astray@lemm.ee"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#2361 …}
+nested: Doctrine\ORM\PersistentCollection {#2372 …}
+votes: Doctrine\ORM\PersistentCollection {#2386 …}
+reports: Doctrine\ORM\PersistentCollection {#2385 …}
+favourites: Doctrine\ORM\PersistentCollection {#2378 …}
+notifications: Doctrine\ORM\PersistentCollection {#2381 …}
-id: 623
-bodyTs: "'astray@lemm.ee':1 'big':40 'bigger':28 'check':43 'cluster':29 'could':4 'creat':59 'd':51 'deal':41 'exist':12,64 'fail':20 'instanc':23 'machin':15 'may':45 'might':19,36 'need':47 'new':60 'option':7 'part':25 'prefer':52 'process':18,33 'run':34 'sever':32 'still':46 'user':11,61 'way':54 'without':58 'work':49 'yeah':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342479953246218"
+editedAt: null
+createdAt: DateTimeImmutable @1698951415 {#2453
date: 2023-11-02 19:56:55.0 +01:00
}
}
]
-id: 286
-bodyTs: "'advanc':103 'anyon':95 'aw':19 'block':65 'break':54 'command':2,16,31,73 'disabl':67 'everyon':8 'execut':35,40 'exist':26,81 'hi':7 'instanc':20,24 'know':96 'linux@lemmy.ml':104 'machin':52 'mention':77 'might':53 'mpirun':41 'not-root':4 'option':93 'particular':23 'privileg':38,70 'recommend':45 'root':6,28,37,84 'run':1,14,47,75 'sudo':49,69,88 'suppos':87 'thank':101 'u':89 'user':29,80 'way':63 'wonder':58 'work':10"
+upVotes: 0
+downVotes: 0
+ranking: 1699037071
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342431186356628"
+editedAt: null
+createdAt: DateTimeImmutable @1698950671 {#2915
date: 2023-11-02 19:44:31.0 +01:00
}
+__isInitialized__: true
…2
}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1732 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1687 …2}
+image: null
+body: "@Oisteink@feddit.nl in another comment (<https://social.vivaldi.net/users/nirogu/statuses/111342629815373353>) I explained why I'd prefer not to create another user, as it would require a lot of work to configure everything again for that command to work (it's a big process). I was thinking of hiding my sudo permissions from the program or something like that, if possible, because many things in the instance are only configured to be used with the root user, even if they don't require sudo. Anyway, I'm seeing that it might not be possible so creating a new user could be the only option 🙁"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1698954358 {#1628
date: 2023-11-02 20:45:58.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@Oisteink@feddit.nl"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1727 …}
+nested: Doctrine\ORM\PersistentCollection {#1733 …}
+votes: Doctrine\ORM\PersistentCollection {#1724 …}
+reports: Doctrine\ORM\PersistentCollection {#1715 …}
+favourites: Doctrine\ORM\PersistentCollection {#1718 …}
+notifications: Doctrine\ORM\PersistentCollection {#1716 …}
-id: 612
-bodyTs: "'/users/nirogu/statuses/111342629815373353':7 'anoth':3,17 'anyway':81 'big':39 'command':33 'comment':4 'configur':28,66 'could':96 'creat':16,92 'd':12 'even':74 'everyth':29 'explain':9 'hide':45 'instanc':63 'like':54 'lot':24 'm':83 'mani':59 'might':87 'new':94 'oisteink@feddit.nl':1 'option':100 'permiss':48 'possibl':57,90 'prefer':13 'process':40 'program':51 'requir':22,79 'root':72 'see':84 'social.vivaldi.net':6 'social.vivaldi.net/users/nirogu/statuses/111342629815373353':5 'someth':53 'sudo':47,80 'thing':60 'think':43 'use':69 'user':18,73,95 'work':26,35 'would':21"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342672818386955"
+editedAt: null
+createdAt: DateTimeImmutable @1698954358 {#1629
date: 2023-11-02 20:45:58.0 +01:00
}
} |
|
Show voter details
|
| 19 |
DENIED
|
edit
|
App\Entity\PostComment {#1734
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464
+user: App\Entity\User {#264 …}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+image: null
+slug: "Run-command-as-not-root-Hi-everyone-At-work-I-have"
+body: """
Run command as not-root\n
\n
Hi everyone\n
\n
At work, I have to run a command in an AWS instance. In that particular instance only exists the root user. The command should not be executed with root privileges (it executes mpirun, which is not recommended to run as sudo or the machine might break), so I was wondering if there is a way to block or disable the sudo privileges while the command is running. As mentioned, the only user existing there is root, so I suppose "sudo -u" is not an option.\n
\n
Does anyone know how to do it? Thanks in advance!\n
\n
@linux@lemmy.ml
"""
+lang: "en"
+commentCount: 30
+favouriteCount: 36
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1699069034 {#2916
date: 2023-11-04 04:37:14.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
]
+comments: Doctrine\ORM\PersistentCollection {#2917 …}
+votes: Doctrine\ORM\PersistentCollection {#2926 …}
+reports: Doctrine\ORM\PersistentCollection {#2928 …}
+favourites: Doctrine\ORM\PersistentCollection {#2960 …}
+notifications: Doctrine\ORM\PersistentCollection {#2956 …}
+children: [
App\Entity\PostComment {#1422
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1690 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1698 …}
+image: null
+body: """
@elscallr@lemmy.world I agree about the instance configuration, fixing that is the real solution \n
My question was not about running something as another user, but about hiding the superadmin privileges from a single command I'd execute without switching users. However it is clear that something like that doesn't exist so I'll do the right thing and set everything to work with a new user
"""
+lang: "en"
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1699022526 {#1785
date: 2023-11-03 15:42:06.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@astray@lemm.ee"
"@elscallr@lemmy.world"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1709 …}
+nested: Doctrine\ORM\PersistentCollection {#1458 …}
+votes: Doctrine\ORM\PersistentCollection {#1428 …}
+reports: Doctrine\ORM\PersistentCollection {#1765 …}
+favourites: Doctrine\ORM\PersistentCollection {#1584 …}
+notifications: Doctrine\ORM\PersistentCollection {#1583 …}
-id: 635
-bodyTs: "'agre':3 'anoth':22 'clear':43 'command':33 'configur':7 'd':35 'doesn':48 'elscallr@lemmy.world':1 'everyth':60 'execut':36 'exist':50 'fix':8 'hide':26 'howev':40 'instanc':6 'like':46 'll':53 'new':65 'privileg':29 'question':15 'real':12 'right':56 'run':19 'set':59 'singl':32 'solut':13 'someth':20,45 'superadmin':28 'switch':38 'thing':57 'user':23,39,66 'without':37 'work':62"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111347140288436938"
+editedAt: null
+createdAt: DateTimeImmutable @1699022526 {#1413
date: 2023-11-03 15:42:06.0 +01:00
}
}
App\Entity\PostComment {#1549
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1576 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1586 …}
+image: null
+body: "@ursakhiin@beehaw.org honestly, I didn't even know an aws instance could be a docker image. Everything I did was creating the instance normally so I assumed it was just a regular vm. But already double checked and it is not a docker image, so no problem there 🙂"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1699021862 {#1447
date: 2023-11-03 15:31:02.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@ursakhiin@beehaw.org"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1573 …}
+nested: Doctrine\ORM\PersistentCollection {#1568 …}
+votes: Doctrine\ORM\PersistentCollection {#1528 …}
+reports: Doctrine\ORM\PersistentCollection {#1561 …}
+favourites: Doctrine\ORM\PersistentCollection {#1567 …}
+notifications: Doctrine\ORM\PersistentCollection {#1559 …}
-id: 633
-bodyTs: "'alreadi':34 'assum':26 'aw':9 'check':36 'could':11 'creat':20 'didn':4 'docker':14,42 'doubl':35 'even':6 'everyth':16 'honest':2 'imag':15,43 'instanc':10,22 'know':7 'normal':23 'problem':46 'regular':31 'ursakhiin@beehaw.org':1 'vm':32"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111347096751430470"
+editedAt: null
+createdAt: DateTimeImmutable @1699021862 {#1423
date: 2023-11-03 15:31:02.0 +01:00
}
}
App\Entity\PostComment {#1563
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1586 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1586 …}
+image: null
+body: "@ursakhiin@beehaw.org honestly, didn't consider it. Just checked and the "docker" command doesn't even exist so I assume that is not the case. Do you know if the is any other way I can be certain?"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1698980683 {#1551
date: 2023-11-03 04:04:43.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@ursakhiin@beehaw.org"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1562 …}
+nested: Doctrine\ORM\PersistentCollection {#1554 …}
+votes: Doctrine\ORM\PersistentCollection {#1556 …}
+reports: Doctrine\ORM\PersistentCollection {#1555 …}
+favourites: Doctrine\ORM\PersistentCollection {#1620 …}
+notifications: Doctrine\ORM\PersistentCollection {#1604 …}
-id: 629
-bodyTs: "'assum':19 'case':24 'certain':37 'check':8 'command':12 'consid':5 'didn':3 'docker':11 'doesn':13 'even':15 'exist':16 'honest':2 'know':27 'ursakhiin@beehaw.org':1 'way':33"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111344398050955313"
+editedAt: null
+createdAt: DateTimeImmutable @1698980683 {#1427
date: 2023-11-03 04:04:43.0 +01:00
}
}
App\Entity\PostComment {#1701
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1683 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1687
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: null
+root: null
+image: null
+body: """
Forgot to mention that creating a new user brings a lot of problems because of how that machine is configured and all the tools that would need to be added the new user's permission. In theory it would eventually work after some time working on it, but I'd like to know if there's a way to do it without creating users (or if it's impossible, so I can just go on with that only option) \n
@linux@lemmy.ml
"""
+lang: "en"
+favouriteCount: 4
+score: 0
+lastActive: DateTime @1698951882 {#1741
date: 2023-11-02 20:04:42.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#2457 …}
+nested: Doctrine\ORM\PersistentCollection {#2455 …}
+votes: Doctrine\ORM\PersistentCollection {#2468 …}
+reports: Doctrine\ORM\PersistentCollection {#2469 …}
+favourites: Doctrine\ORM\PersistentCollection {#2471 …}
+notifications: Doctrine\ORM\PersistentCollection {#2363 …}
-id: 608
-bodyTs: "'ad':30 'bring':9 'configur':20 'creat':5,63 'd':50 'eventu':40 'forgot':1 'go':74 'imposs':69 'know':53 'like':51 'linux@lemmy.ml':80 'lot':11 'machin':18 'mention':3 'need':27 'new':7,32 'option':79 'permiss':35 'problem':13 'theori':37 'time':44 'tool':24 'user':8,33,64 'way':58 'without':62 'work':41,45 'would':26,39"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342510555544223"
+editedAt: null
+createdAt: DateTimeImmutable @1698951882 {#1739
date: 2023-11-02 20:04:42.0 +01:00
}
+__isInitialized__: true
…2
}
+image: null
+body: """
@Oisteink@feddit.nl yep, that seems the right thing to do. Honestly, most of the real problem was lazyness to reconfigure everything, and that's why I published the question. But now I'm convinced that that's the only way lol \n
Thanks for the help!
"""
+lang: "en"
+favouriteCount: 2
+score: 0
+lastActive: DateTime @1698958797 {#1566
date: 2023-11-02 21:59:57.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@Oisteink@feddit.nl"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1680 …}
+nested: Doctrine\ORM\PersistentCollection {#1686 …}
+votes: Doctrine\ORM\PersistentCollection {#1692 …}
+reports: Doctrine\ORM\PersistentCollection {#1705 …}
+favourites: Doctrine\ORM\PersistentCollection {#1616 …}
+notifications: Doctrine\ORM\PersistentCollection {#1598 …}
-id: 620
-bodyTs: "'convinc':33 'everyth':20 'help':44 'honest':10 'lazy':17 'lol':40 'm':32 'oisteink@feddit.nl':1 'problem':15 'publish':26 'question':28 'real':14 'reconfigur':19 'right':6 'seem':4 'thank':41 'thing':7 'way':39 'yep':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342963738833873"
+editedAt: null
+createdAt: DateTimeImmutable @1698958797 {#1564
date: 2023-11-02 21:59:57.0 +01:00
}
}
App\Entity\PostComment {#1626
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1599 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1599 …}
+image: null
+body: """
@astraeus@programming.dev yep, completely agree on the security issues, that is a mistake that should be fixed. But for the moment I confirmed that root is the only user, and every file and program in the instance can only be used by root (I just created a new user and tried to run the command with su -c but got a lot of permission denials and command not found) \n
If I could hide or disable my own sudo permissions that would save me a lot of work, but I'm starting to think that something like that doesn't exist 🙁
"""
+lang: "en"
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1698954643 {#1702
date: 2023-11-02 20:50:43.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@astraeus@programming.dev"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1618 …}
+nested: Doctrine\ORM\PersistentCollection {#1597 …}
+votes: Doctrine\ORM\PersistentCollection {#1731 …}
+reports: Doctrine\ORM\PersistentCollection {#1723 …}
+favourites: Doctrine\ORM\PersistentCollection {#1721 …}
+notifications: Doctrine\ORM\PersistentCollection {#1728 …}
-id: 616
-bodyTs: "'agre':4 'astraeus@programming.dev':1 'c':57 'command':54,66 'complet':3 'confirm':22 'could':71 'creat':45 'denial':64 'disabl':74 'doesn':97 'everi':30 'exist':99 'file':31 'fix':16 'found':68 'got':59 'hide':72 'instanc':36 'issu':8 'like':95 'lot':61,84 'm':89 'mistak':12 'moment':20 'new':47 'permiss':63,78 'program':33 'root':24,42 'run':52 'save':81 'secur':7 'someth':94 'start':90 'su':56 'sudo':77 'think':92 'tri':50 'use':40 'user':28,48 'work':86 'would':80 'yep':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342691529612536"
+editedAt: null
+createdAt: DateTimeImmutable @1698954643 {#1619
date: 2023-11-02 20:50:43.0 +01:00
}
}
App\Entity\PostComment {#1734}
App\Entity\PostComment {#1740
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1707 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1687 …2}
+image: null
+body: "@Rustmilian@lemmy.world yeah, already tried it. The problem is that all of the apps in the instance are only installed for the root user (e.g. python and all it's libraries. So, when I use su -c all I get is a lot of command not found messages that would take a lot to solve. Besides I expect a lot more problems when the command needs access to some files and some processes (like a sql database) that would require me to do a lot of stuff to grant permissions to the new user. That would eventually work but given the work it requires I thought that some kind of "anti sudo" command or something like that could exist so I can still be the root user but pretend I am not a superadmin"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1698953702 {#1737
date: 2023-11-02 20:35:02.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@Rustmilian@lemmy.world"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#2465 …}
+nested: Doctrine\ORM\PersistentCollection {#2463 …}
+votes: Doctrine\ORM\PersistentCollection {#2411 …}
+reports: Doctrine\ORM\PersistentCollection {#2422 …}
+favourites: Doctrine\ORM\PersistentCollection {#2458 …}
+notifications: Doctrine\ORM\PersistentCollection {#2456 …}
-id: 618
-bodyTs: "'access':66 'alreadi':3 'anti':110 'app':13 'besid':55 'c':36 'command':44,64,112 'could':117 'databas':76 'e.g':24 'eventu':96 'exist':118 'expect':57 'file':69 'found':46 'get':39 'given':99 'grant':88 'instal':19 'instanc':16 'kind':108 'librari':30 'like':73,115 'lot':42,52,59,84 'messag':47 'need':65 'new':92 'permiss':89 'pretend':128 'problem':7,61 'process':72 'python':25 'requir':79,103 'root':22,125 'rustmilian@lemmy.world':1 'solv':54 'someth':114 'sql':75 'still':122 'stuff':86 'su':35 'sudo':111 'superadmin':133 'take':50 'thought':105 'tri':4 'use':34 'user':23,93,126 'work':97,101 'would':49,78,95 'yeah':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342629815373353"
+editedAt: null
+createdAt: DateTimeImmutable @1698953702 {#1730
date: 2023-11-02 20:35:02.0 +01:00
}
}
Proxies\__CG__\App\Entity\PostComment {#1687 …2}
App\Entity\PostComment {#2359
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1698 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1698 …}
+image: null
+body: "@astray@lemm.ee yeah, that could be an option, but if more users exist in that machine then other processes might fail as that instance is part of a bigger cluster that has several processes running. It might not be a big deal, but checking that may still need some work. I'd prefer a way to do it without creating new users, if it exists"
+lang: "en"
+favouriteCount: 5
+score: 0
+lastActive: DateTime @1698951415 {#2452
date: 2023-11-02 19:56:55.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@astray@lemm.ee"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#2361 …}
+nested: Doctrine\ORM\PersistentCollection {#2372 …}
+votes: Doctrine\ORM\PersistentCollection {#2386 …}
+reports: Doctrine\ORM\PersistentCollection {#2385 …}
+favourites: Doctrine\ORM\PersistentCollection {#2378 …}
+notifications: Doctrine\ORM\PersistentCollection {#2381 …}
-id: 623
-bodyTs: "'astray@lemm.ee':1 'big':40 'bigger':28 'check':43 'cluster':29 'could':4 'creat':59 'd':51 'deal':41 'exist':12,64 'fail':20 'instanc':23 'machin':15 'may':45 'might':19,36 'need':47 'new':60 'option':7 'part':25 'prefer':52 'process':18,33 'run':34 'sever':32 'still':46 'user':11,61 'way':54 'without':58 'work':49 'yeah':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342479953246218"
+editedAt: null
+createdAt: DateTimeImmutable @1698951415 {#2453
date: 2023-11-02 19:56:55.0 +01:00
}
}
]
-id: 286
-bodyTs: "'advanc':103 'anyon':95 'aw':19 'block':65 'break':54 'command':2,16,31,73 'disabl':67 'everyon':8 'execut':35,40 'exist':26,81 'hi':7 'instanc':20,24 'know':96 'linux@lemmy.ml':104 'machin':52 'mention':77 'might':53 'mpirun':41 'not-root':4 'option':93 'particular':23 'privileg':38,70 'recommend':45 'root':6,28,37,84 'run':1,14,47,75 'sudo':49,69,88 'suppos':87 'thank':101 'u':89 'user':29,80 'way':63 'wonder':58 'work':10"
+upVotes: 0
+downVotes: 0
+ranking: 1699037071
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342431186356628"
+editedAt: null
+createdAt: DateTimeImmutable @1698950671 {#2915
date: 2023-11-02 19:44:31.0 +01:00
}
+__isInitialized__: true
…2
}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1732 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1687 …2}
+image: null
+body: "@Oisteink@feddit.nl in another comment (<https://social.vivaldi.net/users/nirogu/statuses/111342629815373353>) I explained why I'd prefer not to create another user, as it would require a lot of work to configure everything again for that command to work (it's a big process). I was thinking of hiding my sudo permissions from the program or something like that, if possible, because many things in the instance are only configured to be used with the root user, even if they don't require sudo. Anyway, I'm seeing that it might not be possible so creating a new user could be the only option 🙁"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1698954358 {#1628
date: 2023-11-02 20:45:58.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@Oisteink@feddit.nl"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1727 …}
+nested: Doctrine\ORM\PersistentCollection {#1733 …}
+votes: Doctrine\ORM\PersistentCollection {#1724 …}
+reports: Doctrine\ORM\PersistentCollection {#1715 …}
+favourites: Doctrine\ORM\PersistentCollection {#1718 …}
+notifications: Doctrine\ORM\PersistentCollection {#1716 …}
-id: 612
-bodyTs: "'/users/nirogu/statuses/111342629815373353':7 'anoth':3,17 'anyway':81 'big':39 'command':33 'comment':4 'configur':28,66 'could':96 'creat':16,92 'd':12 'even':74 'everyth':29 'explain':9 'hide':45 'instanc':63 'like':54 'lot':24 'm':83 'mani':59 'might':87 'new':94 'oisteink@feddit.nl':1 'option':100 'permiss':48 'possibl':57,90 'prefer':13 'process':40 'program':51 'requir':22,79 'root':72 'see':84 'social.vivaldi.net':6 'social.vivaldi.net/users/nirogu/statuses/111342629815373353':5 'someth':53 'sudo':47,80 'thing':60 'think':43 'use':69 'user':18,73,95 'work':26,35 'would':21"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342672818386955"
+editedAt: null
+createdAt: DateTimeImmutable @1698954358 {#1629
date: 2023-11-02 20:45:58.0 +01:00
}
} |
|
Show voter details
|
| 20 |
DENIED
|
moderate
|
App\Entity\PostComment {#1734
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464
+user: App\Entity\User {#264 …}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+image: null
+slug: "Run-command-as-not-root-Hi-everyone-At-work-I-have"
+body: """
Run command as not-root\n
\n
Hi everyone\n
\n
At work, I have to run a command in an AWS instance. In that particular instance only exists the root user. The command should not be executed with root privileges (it executes mpirun, which is not recommended to run as sudo or the machine might break), so I was wondering if there is a way to block or disable the sudo privileges while the command is running. As mentioned, the only user existing there is root, so I suppose "sudo -u" is not an option.\n
\n
Does anyone know how to do it? Thanks in advance!\n
\n
@linux@lemmy.ml
"""
+lang: "en"
+commentCount: 30
+favouriteCount: 36
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1699069034 {#2916
date: 2023-11-04 04:37:14.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
]
+comments: Doctrine\ORM\PersistentCollection {#2917 …}
+votes: Doctrine\ORM\PersistentCollection {#2926 …}
+reports: Doctrine\ORM\PersistentCollection {#2928 …}
+favourites: Doctrine\ORM\PersistentCollection {#2960 …}
+notifications: Doctrine\ORM\PersistentCollection {#2956 …}
+children: [
App\Entity\PostComment {#1422
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1690 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1698 …}
+image: null
+body: """
@elscallr@lemmy.world I agree about the instance configuration, fixing that is the real solution \n
My question was not about running something as another user, but about hiding the superadmin privileges from a single command I'd execute without switching users. However it is clear that something like that doesn't exist so I'll do the right thing and set everything to work with a new user
"""
+lang: "en"
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1699022526 {#1785
date: 2023-11-03 15:42:06.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@astray@lemm.ee"
"@elscallr@lemmy.world"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1709 …}
+nested: Doctrine\ORM\PersistentCollection {#1458 …}
+votes: Doctrine\ORM\PersistentCollection {#1428 …}
+reports: Doctrine\ORM\PersistentCollection {#1765 …}
+favourites: Doctrine\ORM\PersistentCollection {#1584 …}
+notifications: Doctrine\ORM\PersistentCollection {#1583 …}
-id: 635
-bodyTs: "'agre':3 'anoth':22 'clear':43 'command':33 'configur':7 'd':35 'doesn':48 'elscallr@lemmy.world':1 'everyth':60 'execut':36 'exist':50 'fix':8 'hide':26 'howev':40 'instanc':6 'like':46 'll':53 'new':65 'privileg':29 'question':15 'real':12 'right':56 'run':19 'set':59 'singl':32 'solut':13 'someth':20,45 'superadmin':28 'switch':38 'thing':57 'user':23,39,66 'without':37 'work':62"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111347140288436938"
+editedAt: null
+createdAt: DateTimeImmutable @1699022526 {#1413
date: 2023-11-03 15:42:06.0 +01:00
}
}
App\Entity\PostComment {#1549
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1576 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1586 …}
+image: null
+body: "@ursakhiin@beehaw.org honestly, I didn't even know an aws instance could be a docker image. Everything I did was creating the instance normally so I assumed it was just a regular vm. But already double checked and it is not a docker image, so no problem there 🙂"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1699021862 {#1447
date: 2023-11-03 15:31:02.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@ursakhiin@beehaw.org"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1573 …}
+nested: Doctrine\ORM\PersistentCollection {#1568 …}
+votes: Doctrine\ORM\PersistentCollection {#1528 …}
+reports: Doctrine\ORM\PersistentCollection {#1561 …}
+favourites: Doctrine\ORM\PersistentCollection {#1567 …}
+notifications: Doctrine\ORM\PersistentCollection {#1559 …}
-id: 633
-bodyTs: "'alreadi':34 'assum':26 'aw':9 'check':36 'could':11 'creat':20 'didn':4 'docker':14,42 'doubl':35 'even':6 'everyth':16 'honest':2 'imag':15,43 'instanc':10,22 'know':7 'normal':23 'problem':46 'regular':31 'ursakhiin@beehaw.org':1 'vm':32"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111347096751430470"
+editedAt: null
+createdAt: DateTimeImmutable @1699021862 {#1423
date: 2023-11-03 15:31:02.0 +01:00
}
}
App\Entity\PostComment {#1563
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1586 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1586 …}
+image: null
+body: "@ursakhiin@beehaw.org honestly, didn't consider it. Just checked and the "docker" command doesn't even exist so I assume that is not the case. Do you know if the is any other way I can be certain?"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1698980683 {#1551
date: 2023-11-03 04:04:43.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@ursakhiin@beehaw.org"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1562 …}
+nested: Doctrine\ORM\PersistentCollection {#1554 …}
+votes: Doctrine\ORM\PersistentCollection {#1556 …}
+reports: Doctrine\ORM\PersistentCollection {#1555 …}
+favourites: Doctrine\ORM\PersistentCollection {#1620 …}
+notifications: Doctrine\ORM\PersistentCollection {#1604 …}
-id: 629
-bodyTs: "'assum':19 'case':24 'certain':37 'check':8 'command':12 'consid':5 'didn':3 'docker':11 'doesn':13 'even':15 'exist':16 'honest':2 'know':27 'ursakhiin@beehaw.org':1 'way':33"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111344398050955313"
+editedAt: null
+createdAt: DateTimeImmutable @1698980683 {#1427
date: 2023-11-03 04:04:43.0 +01:00
}
}
App\Entity\PostComment {#1701
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1683 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1687
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: null
+root: null
+image: null
+body: """
Forgot to mention that creating a new user brings a lot of problems because of how that machine is configured and all the tools that would need to be added the new user's permission. In theory it would eventually work after some time working on it, but I'd like to know if there's a way to do it without creating users (or if it's impossible, so I can just go on with that only option) \n
@linux@lemmy.ml
"""
+lang: "en"
+favouriteCount: 4
+score: 0
+lastActive: DateTime @1698951882 {#1741
date: 2023-11-02 20:04:42.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#2457 …}
+nested: Doctrine\ORM\PersistentCollection {#2455 …}
+votes: Doctrine\ORM\PersistentCollection {#2468 …}
+reports: Doctrine\ORM\PersistentCollection {#2469 …}
+favourites: Doctrine\ORM\PersistentCollection {#2471 …}
+notifications: Doctrine\ORM\PersistentCollection {#2363 …}
-id: 608
-bodyTs: "'ad':30 'bring':9 'configur':20 'creat':5,63 'd':50 'eventu':40 'forgot':1 'go':74 'imposs':69 'know':53 'like':51 'linux@lemmy.ml':80 'lot':11 'machin':18 'mention':3 'need':27 'new':7,32 'option':79 'permiss':35 'problem':13 'theori':37 'time':44 'tool':24 'user':8,33,64 'way':58 'without':62 'work':41,45 'would':26,39"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342510555544223"
+editedAt: null
+createdAt: DateTimeImmutable @1698951882 {#1739
date: 2023-11-02 20:04:42.0 +01:00
}
+__isInitialized__: true
…2
}
+image: null
+body: """
@Oisteink@feddit.nl yep, that seems the right thing to do. Honestly, most of the real problem was lazyness to reconfigure everything, and that's why I published the question. But now I'm convinced that that's the only way lol \n
Thanks for the help!
"""
+lang: "en"
+favouriteCount: 2
+score: 0
+lastActive: DateTime @1698958797 {#1566
date: 2023-11-02 21:59:57.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@Oisteink@feddit.nl"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1680 …}
+nested: Doctrine\ORM\PersistentCollection {#1686 …}
+votes: Doctrine\ORM\PersistentCollection {#1692 …}
+reports: Doctrine\ORM\PersistentCollection {#1705 …}
+favourites: Doctrine\ORM\PersistentCollection {#1616 …}
+notifications: Doctrine\ORM\PersistentCollection {#1598 …}
-id: 620
-bodyTs: "'convinc':33 'everyth':20 'help':44 'honest':10 'lazy':17 'lol':40 'm':32 'oisteink@feddit.nl':1 'problem':15 'publish':26 'question':28 'real':14 'reconfigur':19 'right':6 'seem':4 'thank':41 'thing':7 'way':39 'yep':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342963738833873"
+editedAt: null
+createdAt: DateTimeImmutable @1698958797 {#1564
date: 2023-11-02 21:59:57.0 +01:00
}
}
App\Entity\PostComment {#1626
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1599 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1599 …}
+image: null
+body: """
@astraeus@programming.dev yep, completely agree on the security issues, that is a mistake that should be fixed. But for the moment I confirmed that root is the only user, and every file and program in the instance can only be used by root (I just created a new user and tried to run the command with su -c but got a lot of permission denials and command not found) \n
If I could hide or disable my own sudo permissions that would save me a lot of work, but I'm starting to think that something like that doesn't exist 🙁
"""
+lang: "en"
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1698954643 {#1702
date: 2023-11-02 20:50:43.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@astraeus@programming.dev"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1618 …}
+nested: Doctrine\ORM\PersistentCollection {#1597 …}
+votes: Doctrine\ORM\PersistentCollection {#1731 …}
+reports: Doctrine\ORM\PersistentCollection {#1723 …}
+favourites: Doctrine\ORM\PersistentCollection {#1721 …}
+notifications: Doctrine\ORM\PersistentCollection {#1728 …}
-id: 616
-bodyTs: "'agre':4 'astraeus@programming.dev':1 'c':57 'command':54,66 'complet':3 'confirm':22 'could':71 'creat':45 'denial':64 'disabl':74 'doesn':97 'everi':30 'exist':99 'file':31 'fix':16 'found':68 'got':59 'hide':72 'instanc':36 'issu':8 'like':95 'lot':61,84 'm':89 'mistak':12 'moment':20 'new':47 'permiss':63,78 'program':33 'root':24,42 'run':52 'save':81 'secur':7 'someth':94 'start':90 'su':56 'sudo':77 'think':92 'tri':50 'use':40 'user':28,48 'work':86 'would':80 'yep':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342691529612536"
+editedAt: null
+createdAt: DateTimeImmutable @1698954643 {#1619
date: 2023-11-02 20:50:43.0 +01:00
}
}
App\Entity\PostComment {#1734}
App\Entity\PostComment {#1740
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1707 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1687 …2}
+image: null
+body: "@Rustmilian@lemmy.world yeah, already tried it. The problem is that all of the apps in the instance are only installed for the root user (e.g. python and all it's libraries. So, when I use su -c all I get is a lot of command not found messages that would take a lot to solve. Besides I expect a lot more problems when the command needs access to some files and some processes (like a sql database) that would require me to do a lot of stuff to grant permissions to the new user. That would eventually work but given the work it requires I thought that some kind of "anti sudo" command or something like that could exist so I can still be the root user but pretend I am not a superadmin"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1698953702 {#1737
date: 2023-11-02 20:35:02.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@Rustmilian@lemmy.world"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#2465 …}
+nested: Doctrine\ORM\PersistentCollection {#2463 …}
+votes: Doctrine\ORM\PersistentCollection {#2411 …}
+reports: Doctrine\ORM\PersistentCollection {#2422 …}
+favourites: Doctrine\ORM\PersistentCollection {#2458 …}
+notifications: Doctrine\ORM\PersistentCollection {#2456 …}
-id: 618
-bodyTs: "'access':66 'alreadi':3 'anti':110 'app':13 'besid':55 'c':36 'command':44,64,112 'could':117 'databas':76 'e.g':24 'eventu':96 'exist':118 'expect':57 'file':69 'found':46 'get':39 'given':99 'grant':88 'instal':19 'instanc':16 'kind':108 'librari':30 'like':73,115 'lot':42,52,59,84 'messag':47 'need':65 'new':92 'permiss':89 'pretend':128 'problem':7,61 'process':72 'python':25 'requir':79,103 'root':22,125 'rustmilian@lemmy.world':1 'solv':54 'someth':114 'sql':75 'still':122 'stuff':86 'su':35 'sudo':111 'superadmin':133 'take':50 'thought':105 'tri':4 'use':34 'user':23,93,126 'work':97,101 'would':49,78,95 'yeah':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342629815373353"
+editedAt: null
+createdAt: DateTimeImmutable @1698953702 {#1730
date: 2023-11-02 20:35:02.0 +01:00
}
}
Proxies\__CG__\App\Entity\PostComment {#1687 …2}
App\Entity\PostComment {#2359
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1698 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1698 …}
+image: null
+body: "@astray@lemm.ee yeah, that could be an option, but if more users exist in that machine then other processes might fail as that instance is part of a bigger cluster that has several processes running. It might not be a big deal, but checking that may still need some work. I'd prefer a way to do it without creating new users, if it exists"
+lang: "en"
+favouriteCount: 5
+score: 0
+lastActive: DateTime @1698951415 {#2452
date: 2023-11-02 19:56:55.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@astray@lemm.ee"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#2361 …}
+nested: Doctrine\ORM\PersistentCollection {#2372 …}
+votes: Doctrine\ORM\PersistentCollection {#2386 …}
+reports: Doctrine\ORM\PersistentCollection {#2385 …}
+favourites: Doctrine\ORM\PersistentCollection {#2378 …}
+notifications: Doctrine\ORM\PersistentCollection {#2381 …}
-id: 623
-bodyTs: "'astray@lemm.ee':1 'big':40 'bigger':28 'check':43 'cluster':29 'could':4 'creat':59 'd':51 'deal':41 'exist':12,64 'fail':20 'instanc':23 'machin':15 'may':45 'might':19,36 'need':47 'new':60 'option':7 'part':25 'prefer':52 'process':18,33 'run':34 'sever':32 'still':46 'user':11,61 'way':54 'without':58 'work':49 'yeah':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342479953246218"
+editedAt: null
+createdAt: DateTimeImmutable @1698951415 {#2453
date: 2023-11-02 19:56:55.0 +01:00
}
}
]
-id: 286
-bodyTs: "'advanc':103 'anyon':95 'aw':19 'block':65 'break':54 'command':2,16,31,73 'disabl':67 'everyon':8 'execut':35,40 'exist':26,81 'hi':7 'instanc':20,24 'know':96 'linux@lemmy.ml':104 'machin':52 'mention':77 'might':53 'mpirun':41 'not-root':4 'option':93 'particular':23 'privileg':38,70 'recommend':45 'root':6,28,37,84 'run':1,14,47,75 'sudo':49,69,88 'suppos':87 'thank':101 'u':89 'user':29,80 'way':63 'wonder':58 'work':10"
+upVotes: 0
+downVotes: 0
+ranking: 1699037071
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342431186356628"
+editedAt: null
+createdAt: DateTimeImmutable @1698950671 {#2915
date: 2023-11-02 19:44:31.0 +01:00
}
+__isInitialized__: true
…2
}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1732 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1687 …2}
+image: null
+body: "@Oisteink@feddit.nl in another comment (<https://social.vivaldi.net/users/nirogu/statuses/111342629815373353>) I explained why I'd prefer not to create another user, as it would require a lot of work to configure everything again for that command to work (it's a big process). I was thinking of hiding my sudo permissions from the program or something like that, if possible, because many things in the instance are only configured to be used with the root user, even if they don't require sudo. Anyway, I'm seeing that it might not be possible so creating a new user could be the only option 🙁"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1698954358 {#1628
date: 2023-11-02 20:45:58.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@Oisteink@feddit.nl"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1727 …}
+nested: Doctrine\ORM\PersistentCollection {#1733 …}
+votes: Doctrine\ORM\PersistentCollection {#1724 …}
+reports: Doctrine\ORM\PersistentCollection {#1715 …}
+favourites: Doctrine\ORM\PersistentCollection {#1718 …}
+notifications: Doctrine\ORM\PersistentCollection {#1716 …}
-id: 612
-bodyTs: "'/users/nirogu/statuses/111342629815373353':7 'anoth':3,17 'anyway':81 'big':39 'command':33 'comment':4 'configur':28,66 'could':96 'creat':16,92 'd':12 'even':74 'everyth':29 'explain':9 'hide':45 'instanc':63 'like':54 'lot':24 'm':83 'mani':59 'might':87 'new':94 'oisteink@feddit.nl':1 'option':100 'permiss':48 'possibl':57,90 'prefer':13 'process':40 'program':51 'requir':22,79 'root':72 'see':84 'social.vivaldi.net':6 'social.vivaldi.net/users/nirogu/statuses/111342629815373353':5 'someth':53 'sudo':47,80 'thing':60 'think':43 'use':69 'user':18,73,95 'work':26,35 'would':21"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342672818386955"
+editedAt: null
+createdAt: DateTimeImmutable @1698954358 {#1629
date: 2023-11-02 20:45:58.0 +01:00
}
} |
|
Show voter details
|
| 21 |
DENIED
|
ROLE_USER
|
null |
|
Show voter details
|
| 22 |
DENIED
|
moderate
|
App\Entity\PostComment {#1626
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464
+user: App\Entity\User {#264 …}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+image: null
+slug: "Run-command-as-not-root-Hi-everyone-At-work-I-have"
+body: """
Run command as not-root\n
\n
Hi everyone\n
\n
At work, I have to run a command in an AWS instance. In that particular instance only exists the root user. The command should not be executed with root privileges (it executes mpirun, which is not recommended to run as sudo or the machine might break), so I was wondering if there is a way to block or disable the sudo privileges while the command is running. As mentioned, the only user existing there is root, so I suppose "sudo -u" is not an option.\n
\n
Does anyone know how to do it? Thanks in advance!\n
\n
@linux@lemmy.ml
"""
+lang: "en"
+commentCount: 30
+favouriteCount: 36
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1699069034 {#2916
date: 2023-11-04 04:37:14.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
]
+comments: Doctrine\ORM\PersistentCollection {#2917 …}
+votes: Doctrine\ORM\PersistentCollection {#2926 …}
+reports: Doctrine\ORM\PersistentCollection {#2928 …}
+favourites: Doctrine\ORM\PersistentCollection {#2960 …}
+notifications: Doctrine\ORM\PersistentCollection {#2956 …}
+children: [
App\Entity\PostComment {#1422
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1690 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1698 …}
+image: null
+body: """
@elscallr@lemmy.world I agree about the instance configuration, fixing that is the real solution \n
My question was not about running something as another user, but about hiding the superadmin privileges from a single command I'd execute without switching users. However it is clear that something like that doesn't exist so I'll do the right thing and set everything to work with a new user
"""
+lang: "en"
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1699022526 {#1785
date: 2023-11-03 15:42:06.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@astray@lemm.ee"
"@elscallr@lemmy.world"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1709 …}
+nested: Doctrine\ORM\PersistentCollection {#1458 …}
+votes: Doctrine\ORM\PersistentCollection {#1428 …}
+reports: Doctrine\ORM\PersistentCollection {#1765 …}
+favourites: Doctrine\ORM\PersistentCollection {#1584 …}
+notifications: Doctrine\ORM\PersistentCollection {#1583 …}
-id: 635
-bodyTs: "'agre':3 'anoth':22 'clear':43 'command':33 'configur':7 'd':35 'doesn':48 'elscallr@lemmy.world':1 'everyth':60 'execut':36 'exist':50 'fix':8 'hide':26 'howev':40 'instanc':6 'like':46 'll':53 'new':65 'privileg':29 'question':15 'real':12 'right':56 'run':19 'set':59 'singl':32 'solut':13 'someth':20,45 'superadmin':28 'switch':38 'thing':57 'user':23,39,66 'without':37 'work':62"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111347140288436938"
+editedAt: null
+createdAt: DateTimeImmutable @1699022526 {#1413
date: 2023-11-03 15:42:06.0 +01:00
}
}
App\Entity\PostComment {#1549
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1576 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1586 …}
+image: null
+body: "@ursakhiin@beehaw.org honestly, I didn't even know an aws instance could be a docker image. Everything I did was creating the instance normally so I assumed it was just a regular vm. But already double checked and it is not a docker image, so no problem there 🙂"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1699021862 {#1447
date: 2023-11-03 15:31:02.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@ursakhiin@beehaw.org"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1573 …}
+nested: Doctrine\ORM\PersistentCollection {#1568 …}
+votes: Doctrine\ORM\PersistentCollection {#1528 …}
+reports: Doctrine\ORM\PersistentCollection {#1561 …}
+favourites: Doctrine\ORM\PersistentCollection {#1567 …}
+notifications: Doctrine\ORM\PersistentCollection {#1559 …}
-id: 633
-bodyTs: "'alreadi':34 'assum':26 'aw':9 'check':36 'could':11 'creat':20 'didn':4 'docker':14,42 'doubl':35 'even':6 'everyth':16 'honest':2 'imag':15,43 'instanc':10,22 'know':7 'normal':23 'problem':46 'regular':31 'ursakhiin@beehaw.org':1 'vm':32"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111347096751430470"
+editedAt: null
+createdAt: DateTimeImmutable @1699021862 {#1423
date: 2023-11-03 15:31:02.0 +01:00
}
}
App\Entity\PostComment {#1563
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1586 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1586 …}
+image: null
+body: "@ursakhiin@beehaw.org honestly, didn't consider it. Just checked and the "docker" command doesn't even exist so I assume that is not the case. Do you know if the is any other way I can be certain?"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1698980683 {#1551
date: 2023-11-03 04:04:43.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@ursakhiin@beehaw.org"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1562 …}
+nested: Doctrine\ORM\PersistentCollection {#1554 …}
+votes: Doctrine\ORM\PersistentCollection {#1556 …}
+reports: Doctrine\ORM\PersistentCollection {#1555 …}
+favourites: Doctrine\ORM\PersistentCollection {#1620 …}
+notifications: Doctrine\ORM\PersistentCollection {#1604 …}
-id: 629
-bodyTs: "'assum':19 'case':24 'certain':37 'check':8 'command':12 'consid':5 'didn':3 'docker':11 'doesn':13 'even':15 'exist':16 'honest':2 'know':27 'ursakhiin@beehaw.org':1 'way':33"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111344398050955313"
+editedAt: null
+createdAt: DateTimeImmutable @1698980683 {#1427
date: 2023-11-03 04:04:43.0 +01:00
}
}
App\Entity\PostComment {#1701
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1683 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1687
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: null
+root: null
+image: null
+body: """
Forgot to mention that creating a new user brings a lot of problems because of how that machine is configured and all the tools that would need to be added the new user's permission. In theory it would eventually work after some time working on it, but I'd like to know if there's a way to do it without creating users (or if it's impossible, so I can just go on with that only option) \n
@linux@lemmy.ml
"""
+lang: "en"
+favouriteCount: 4
+score: 0
+lastActive: DateTime @1698951882 {#1741
date: 2023-11-02 20:04:42.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#2457 …}
+nested: Doctrine\ORM\PersistentCollection {#2455 …}
+votes: Doctrine\ORM\PersistentCollection {#2468 …}
+reports: Doctrine\ORM\PersistentCollection {#2469 …}
+favourites: Doctrine\ORM\PersistentCollection {#2471 …}
+notifications: Doctrine\ORM\PersistentCollection {#2363 …}
-id: 608
-bodyTs: "'ad':30 'bring':9 'configur':20 'creat':5,63 'd':50 'eventu':40 'forgot':1 'go':74 'imposs':69 'know':53 'like':51 'linux@lemmy.ml':80 'lot':11 'machin':18 'mention':3 'need':27 'new':7,32 'option':79 'permiss':35 'problem':13 'theori':37 'time':44 'tool':24 'user':8,33,64 'way':58 'without':62 'work':41,45 'would':26,39"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342510555544223"
+editedAt: null
+createdAt: DateTimeImmutable @1698951882 {#1739
date: 2023-11-02 20:04:42.0 +01:00
}
+__isInitialized__: true
…2
}
+image: null
+body: """
@Oisteink@feddit.nl yep, that seems the right thing to do. Honestly, most of the real problem was lazyness to reconfigure everything, and that's why I published the question. But now I'm convinced that that's the only way lol \n
Thanks for the help!
"""
+lang: "en"
+favouriteCount: 2
+score: 0
+lastActive: DateTime @1698958797 {#1566
date: 2023-11-02 21:59:57.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@Oisteink@feddit.nl"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1680 …}
+nested: Doctrine\ORM\PersistentCollection {#1686 …}
+votes: Doctrine\ORM\PersistentCollection {#1692 …}
+reports: Doctrine\ORM\PersistentCollection {#1705 …}
+favourites: Doctrine\ORM\PersistentCollection {#1616 …}
+notifications: Doctrine\ORM\PersistentCollection {#1598 …}
-id: 620
-bodyTs: "'convinc':33 'everyth':20 'help':44 'honest':10 'lazy':17 'lol':40 'm':32 'oisteink@feddit.nl':1 'problem':15 'publish':26 'question':28 'real':14 'reconfigur':19 'right':6 'seem':4 'thank':41 'thing':7 'way':39 'yep':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342963738833873"
+editedAt: null
+createdAt: DateTimeImmutable @1698958797 {#1564
date: 2023-11-02 21:59:57.0 +01:00
}
}
App\Entity\PostComment {#1626}
App\Entity\PostComment {#1734
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1732 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1687 …2}
+image: null
+body: "@Oisteink@feddit.nl in another comment (<https://social.vivaldi.net/users/nirogu/statuses/111342629815373353>) I explained why I'd prefer not to create another user, as it would require a lot of work to configure everything again for that command to work (it's a big process). I was thinking of hiding my sudo permissions from the program or something like that, if possible, because many things in the instance are only configured to be used with the root user, even if they don't require sudo. Anyway, I'm seeing that it might not be possible so creating a new user could be the only option 🙁"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1698954358 {#1628
date: 2023-11-02 20:45:58.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@Oisteink@feddit.nl"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1727 …}
+nested: Doctrine\ORM\PersistentCollection {#1733 …}
+votes: Doctrine\ORM\PersistentCollection {#1724 …}
+reports: Doctrine\ORM\PersistentCollection {#1715 …}
+favourites: Doctrine\ORM\PersistentCollection {#1718 …}
+notifications: Doctrine\ORM\PersistentCollection {#1716 …}
-id: 612
-bodyTs: "'/users/nirogu/statuses/111342629815373353':7 'anoth':3,17 'anyway':81 'big':39 'command':33 'comment':4 'configur':28,66 'could':96 'creat':16,92 'd':12 'even':74 'everyth':29 'explain':9 'hide':45 'instanc':63 'like':54 'lot':24 'm':83 'mani':59 'might':87 'new':94 'oisteink@feddit.nl':1 'option':100 'permiss':48 'possibl':57,90 'prefer':13 'process':40 'program':51 'requir':22,79 'root':72 'see':84 'social.vivaldi.net':6 'social.vivaldi.net/users/nirogu/statuses/111342629815373353':5 'someth':53 'sudo':47,80 'thing':60 'think':43 'use':69 'user':18,73,95 'work':26,35 'would':21"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342672818386955"
+editedAt: null
+createdAt: DateTimeImmutable @1698954358 {#1629
date: 2023-11-02 20:45:58.0 +01:00
}
}
App\Entity\PostComment {#1740
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1707 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1687 …2}
+image: null
+body: "@Rustmilian@lemmy.world yeah, already tried it. The problem is that all of the apps in the instance are only installed for the root user (e.g. python and all it's libraries. So, when I use su -c all I get is a lot of command not found messages that would take a lot to solve. Besides I expect a lot more problems when the command needs access to some files and some processes (like a sql database) that would require me to do a lot of stuff to grant permissions to the new user. That would eventually work but given the work it requires I thought that some kind of "anti sudo" command or something like that could exist so I can still be the root user but pretend I am not a superadmin"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1698953702 {#1737
date: 2023-11-02 20:35:02.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@Rustmilian@lemmy.world"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#2465 …}
+nested: Doctrine\ORM\PersistentCollection {#2463 …}
+votes: Doctrine\ORM\PersistentCollection {#2411 …}
+reports: Doctrine\ORM\PersistentCollection {#2422 …}
+favourites: Doctrine\ORM\PersistentCollection {#2458 …}
+notifications: Doctrine\ORM\PersistentCollection {#2456 …}
-id: 618
-bodyTs: "'access':66 'alreadi':3 'anti':110 'app':13 'besid':55 'c':36 'command':44,64,112 'could':117 'databas':76 'e.g':24 'eventu':96 'exist':118 'expect':57 'file':69 'found':46 'get':39 'given':99 'grant':88 'instal':19 'instanc':16 'kind':108 'librari':30 'like':73,115 'lot':42,52,59,84 'messag':47 'need':65 'new':92 'permiss':89 'pretend':128 'problem':7,61 'process':72 'python':25 'requir':79,103 'root':22,125 'rustmilian@lemmy.world':1 'solv':54 'someth':114 'sql':75 'still':122 'stuff':86 'su':35 'sudo':111 'superadmin':133 'take':50 'thought':105 'tri':4 'use':34 'user':23,93,126 'work':97,101 'would':49,78,95 'yeah':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342629815373353"
+editedAt: null
+createdAt: DateTimeImmutable @1698953702 {#1730
date: 2023-11-02 20:35:02.0 +01:00
}
}
Proxies\__CG__\App\Entity\PostComment {#1687 …2}
App\Entity\PostComment {#2359
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1698 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1698 …}
+image: null
+body: "@astray@lemm.ee yeah, that could be an option, but if more users exist in that machine then other processes might fail as that instance is part of a bigger cluster that has several processes running. It might not be a big deal, but checking that may still need some work. I'd prefer a way to do it without creating new users, if it exists"
+lang: "en"
+favouriteCount: 5
+score: 0
+lastActive: DateTime @1698951415 {#2452
date: 2023-11-02 19:56:55.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@astray@lemm.ee"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#2361 …}
+nested: Doctrine\ORM\PersistentCollection {#2372 …}
+votes: Doctrine\ORM\PersistentCollection {#2386 …}
+reports: Doctrine\ORM\PersistentCollection {#2385 …}
+favourites: Doctrine\ORM\PersistentCollection {#2378 …}
+notifications: Doctrine\ORM\PersistentCollection {#2381 …}
-id: 623
-bodyTs: "'astray@lemm.ee':1 'big':40 'bigger':28 'check':43 'cluster':29 'could':4 'creat':59 'd':51 'deal':41 'exist':12,64 'fail':20 'instanc':23 'machin':15 'may':45 'might':19,36 'need':47 'new':60 'option':7 'part':25 'prefer':52 'process':18,33 'run':34 'sever':32 'still':46 'user':11,61 'way':54 'without':58 'work':49 'yeah':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342479953246218"
+editedAt: null
+createdAt: DateTimeImmutable @1698951415 {#2453
date: 2023-11-02 19:56:55.0 +01:00
}
}
]
-id: 286
-bodyTs: "'advanc':103 'anyon':95 'aw':19 'block':65 'break':54 'command':2,16,31,73 'disabl':67 'everyon':8 'execut':35,40 'exist':26,81 'hi':7 'instanc':20,24 'know':96 'linux@lemmy.ml':104 'machin':52 'mention':77 'might':53 'mpirun':41 'not-root':4 'option':93 'particular':23 'privileg':38,70 'recommend':45 'root':6,28,37,84 'run':1,14,47,75 'sudo':49,69,88 'suppos':87 'thank':101 'u':89 'user':29,80 'way':63 'wonder':58 'work':10"
+upVotes: 0
+downVotes: 0
+ranking: 1699037071
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342431186356628"
+editedAt: null
+createdAt: DateTimeImmutable @1698950671 {#2915
date: 2023-11-02 19:44:31.0 +01:00
}
+__isInitialized__: true
…2
}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1599 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1599 …}
+image: null
+body: """
@astraeus@programming.dev yep, completely agree on the security issues, that is a mistake that should be fixed. But for the moment I confirmed that root is the only user, and every file and program in the instance can only be used by root (I just created a new user and tried to run the command with su -c but got a lot of permission denials and command not found) \n
If I could hide or disable my own sudo permissions that would save me a lot of work, but I'm starting to think that something like that doesn't exist 🙁
"""
+lang: "en"
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1698954643 {#1702
date: 2023-11-02 20:50:43.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@astraeus@programming.dev"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1618 …}
+nested: Doctrine\ORM\PersistentCollection {#1597 …}
+votes: Doctrine\ORM\PersistentCollection {#1731 …}
+reports: Doctrine\ORM\PersistentCollection {#1723 …}
+favourites: Doctrine\ORM\PersistentCollection {#1721 …}
+notifications: Doctrine\ORM\PersistentCollection {#1728 …}
-id: 616
-bodyTs: "'agre':4 'astraeus@programming.dev':1 'c':57 'command':54,66 'complet':3 'confirm':22 'could':71 'creat':45 'denial':64 'disabl':74 'doesn':97 'everi':30 'exist':99 'file':31 'fix':16 'found':68 'got':59 'hide':72 'instanc':36 'issu':8 'like':95 'lot':61,84 'm':89 'mistak':12 'moment':20 'new':47 'permiss':63,78 'program':33 'root':24,42 'run':52 'save':81 'secur':7 'someth':94 'start':90 'su':56 'sudo':77 'think':92 'tri':50 'use':40 'user':28,48 'work':86 'would':80 'yep':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342691529612536"
+editedAt: null
+createdAt: DateTimeImmutable @1698954643 {#1619
date: 2023-11-02 20:50:43.0 +01:00
}
} |
|
Show voter details
|
| 23 |
DENIED
|
edit
|
App\Entity\PostComment {#1626
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464
+user: App\Entity\User {#264 …}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+image: null
+slug: "Run-command-as-not-root-Hi-everyone-At-work-I-have"
+body: """
Run command as not-root\n
\n
Hi everyone\n
\n
At work, I have to run a command in an AWS instance. In that particular instance only exists the root user. The command should not be executed with root privileges (it executes mpirun, which is not recommended to run as sudo or the machine might break), so I was wondering if there is a way to block or disable the sudo privileges while the command is running. As mentioned, the only user existing there is root, so I suppose "sudo -u" is not an option.\n
\n
Does anyone know how to do it? Thanks in advance!\n
\n
@linux@lemmy.ml
"""
+lang: "en"
+commentCount: 30
+favouriteCount: 36
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1699069034 {#2916
date: 2023-11-04 04:37:14.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
]
+comments: Doctrine\ORM\PersistentCollection {#2917 …}
+votes: Doctrine\ORM\PersistentCollection {#2926 …}
+reports: Doctrine\ORM\PersistentCollection {#2928 …}
+favourites: Doctrine\ORM\PersistentCollection {#2960 …}
+notifications: Doctrine\ORM\PersistentCollection {#2956 …}
+children: [
App\Entity\PostComment {#1422
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1690 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1698 …}
+image: null
+body: """
@elscallr@lemmy.world I agree about the instance configuration, fixing that is the real solution \n
My question was not about running something as another user, but about hiding the superadmin privileges from a single command I'd execute without switching users. However it is clear that something like that doesn't exist so I'll do the right thing and set everything to work with a new user
"""
+lang: "en"
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1699022526 {#1785
date: 2023-11-03 15:42:06.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@astray@lemm.ee"
"@elscallr@lemmy.world"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1709 …}
+nested: Doctrine\ORM\PersistentCollection {#1458 …}
+votes: Doctrine\ORM\PersistentCollection {#1428 …}
+reports: Doctrine\ORM\PersistentCollection {#1765 …}
+favourites: Doctrine\ORM\PersistentCollection {#1584 …}
+notifications: Doctrine\ORM\PersistentCollection {#1583 …}
-id: 635
-bodyTs: "'agre':3 'anoth':22 'clear':43 'command':33 'configur':7 'd':35 'doesn':48 'elscallr@lemmy.world':1 'everyth':60 'execut':36 'exist':50 'fix':8 'hide':26 'howev':40 'instanc':6 'like':46 'll':53 'new':65 'privileg':29 'question':15 'real':12 'right':56 'run':19 'set':59 'singl':32 'solut':13 'someth':20,45 'superadmin':28 'switch':38 'thing':57 'user':23,39,66 'without':37 'work':62"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111347140288436938"
+editedAt: null
+createdAt: DateTimeImmutable @1699022526 {#1413
date: 2023-11-03 15:42:06.0 +01:00
}
}
App\Entity\PostComment {#1549
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1576 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1586 …}
+image: null
+body: "@ursakhiin@beehaw.org honestly, I didn't even know an aws instance could be a docker image. Everything I did was creating the instance normally so I assumed it was just a regular vm. But already double checked and it is not a docker image, so no problem there 🙂"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1699021862 {#1447
date: 2023-11-03 15:31:02.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@ursakhiin@beehaw.org"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1573 …}
+nested: Doctrine\ORM\PersistentCollection {#1568 …}
+votes: Doctrine\ORM\PersistentCollection {#1528 …}
+reports: Doctrine\ORM\PersistentCollection {#1561 …}
+favourites: Doctrine\ORM\PersistentCollection {#1567 …}
+notifications: Doctrine\ORM\PersistentCollection {#1559 …}
-id: 633
-bodyTs: "'alreadi':34 'assum':26 'aw':9 'check':36 'could':11 'creat':20 'didn':4 'docker':14,42 'doubl':35 'even':6 'everyth':16 'honest':2 'imag':15,43 'instanc':10,22 'know':7 'normal':23 'problem':46 'regular':31 'ursakhiin@beehaw.org':1 'vm':32"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111347096751430470"
+editedAt: null
+createdAt: DateTimeImmutable @1699021862 {#1423
date: 2023-11-03 15:31:02.0 +01:00
}
}
App\Entity\PostComment {#1563
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1586 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1586 …}
+image: null
+body: "@ursakhiin@beehaw.org honestly, didn't consider it. Just checked and the "docker" command doesn't even exist so I assume that is not the case. Do you know if the is any other way I can be certain?"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1698980683 {#1551
date: 2023-11-03 04:04:43.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@ursakhiin@beehaw.org"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1562 …}
+nested: Doctrine\ORM\PersistentCollection {#1554 …}
+votes: Doctrine\ORM\PersistentCollection {#1556 …}
+reports: Doctrine\ORM\PersistentCollection {#1555 …}
+favourites: Doctrine\ORM\PersistentCollection {#1620 …}
+notifications: Doctrine\ORM\PersistentCollection {#1604 …}
-id: 629
-bodyTs: "'assum':19 'case':24 'certain':37 'check':8 'command':12 'consid':5 'didn':3 'docker':11 'doesn':13 'even':15 'exist':16 'honest':2 'know':27 'ursakhiin@beehaw.org':1 'way':33"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111344398050955313"
+editedAt: null
+createdAt: DateTimeImmutable @1698980683 {#1427
date: 2023-11-03 04:04:43.0 +01:00
}
}
App\Entity\PostComment {#1701
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1683 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1687
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: null
+root: null
+image: null
+body: """
Forgot to mention that creating a new user brings a lot of problems because of how that machine is configured and all the tools that would need to be added the new user's permission. In theory it would eventually work after some time working on it, but I'd like to know if there's a way to do it without creating users (or if it's impossible, so I can just go on with that only option) \n
@linux@lemmy.ml
"""
+lang: "en"
+favouriteCount: 4
+score: 0
+lastActive: DateTime @1698951882 {#1741
date: 2023-11-02 20:04:42.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#2457 …}
+nested: Doctrine\ORM\PersistentCollection {#2455 …}
+votes: Doctrine\ORM\PersistentCollection {#2468 …}
+reports: Doctrine\ORM\PersistentCollection {#2469 …}
+favourites: Doctrine\ORM\PersistentCollection {#2471 …}
+notifications: Doctrine\ORM\PersistentCollection {#2363 …}
-id: 608
-bodyTs: "'ad':30 'bring':9 'configur':20 'creat':5,63 'd':50 'eventu':40 'forgot':1 'go':74 'imposs':69 'know':53 'like':51 'linux@lemmy.ml':80 'lot':11 'machin':18 'mention':3 'need':27 'new':7,32 'option':79 'permiss':35 'problem':13 'theori':37 'time':44 'tool':24 'user':8,33,64 'way':58 'without':62 'work':41,45 'would':26,39"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342510555544223"
+editedAt: null
+createdAt: DateTimeImmutable @1698951882 {#1739
date: 2023-11-02 20:04:42.0 +01:00
}
+__isInitialized__: true
…2
}
+image: null
+body: """
@Oisteink@feddit.nl yep, that seems the right thing to do. Honestly, most of the real problem was lazyness to reconfigure everything, and that's why I published the question. But now I'm convinced that that's the only way lol \n
Thanks for the help!
"""
+lang: "en"
+favouriteCount: 2
+score: 0
+lastActive: DateTime @1698958797 {#1566
date: 2023-11-02 21:59:57.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@Oisteink@feddit.nl"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1680 …}
+nested: Doctrine\ORM\PersistentCollection {#1686 …}
+votes: Doctrine\ORM\PersistentCollection {#1692 …}
+reports: Doctrine\ORM\PersistentCollection {#1705 …}
+favourites: Doctrine\ORM\PersistentCollection {#1616 …}
+notifications: Doctrine\ORM\PersistentCollection {#1598 …}
-id: 620
-bodyTs: "'convinc':33 'everyth':20 'help':44 'honest':10 'lazy':17 'lol':40 'm':32 'oisteink@feddit.nl':1 'problem':15 'publish':26 'question':28 'real':14 'reconfigur':19 'right':6 'seem':4 'thank':41 'thing':7 'way':39 'yep':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342963738833873"
+editedAt: null
+createdAt: DateTimeImmutable @1698958797 {#1564
date: 2023-11-02 21:59:57.0 +01:00
}
}
App\Entity\PostComment {#1626}
App\Entity\PostComment {#1734
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1732 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1687 …2}
+image: null
+body: "@Oisteink@feddit.nl in another comment (<https://social.vivaldi.net/users/nirogu/statuses/111342629815373353>) I explained why I'd prefer not to create another user, as it would require a lot of work to configure everything again for that command to work (it's a big process). I was thinking of hiding my sudo permissions from the program or something like that, if possible, because many things in the instance are only configured to be used with the root user, even if they don't require sudo. Anyway, I'm seeing that it might not be possible so creating a new user could be the only option 🙁"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1698954358 {#1628
date: 2023-11-02 20:45:58.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@Oisteink@feddit.nl"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1727 …}
+nested: Doctrine\ORM\PersistentCollection {#1733 …}
+votes: Doctrine\ORM\PersistentCollection {#1724 …}
+reports: Doctrine\ORM\PersistentCollection {#1715 …}
+favourites: Doctrine\ORM\PersistentCollection {#1718 …}
+notifications: Doctrine\ORM\PersistentCollection {#1716 …}
-id: 612
-bodyTs: "'/users/nirogu/statuses/111342629815373353':7 'anoth':3,17 'anyway':81 'big':39 'command':33 'comment':4 'configur':28,66 'could':96 'creat':16,92 'd':12 'even':74 'everyth':29 'explain':9 'hide':45 'instanc':63 'like':54 'lot':24 'm':83 'mani':59 'might':87 'new':94 'oisteink@feddit.nl':1 'option':100 'permiss':48 'possibl':57,90 'prefer':13 'process':40 'program':51 'requir':22,79 'root':72 'see':84 'social.vivaldi.net':6 'social.vivaldi.net/users/nirogu/statuses/111342629815373353':5 'someth':53 'sudo':47,80 'thing':60 'think':43 'use':69 'user':18,73,95 'work':26,35 'would':21"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342672818386955"
+editedAt: null
+createdAt: DateTimeImmutable @1698954358 {#1629
date: 2023-11-02 20:45:58.0 +01:00
}
}
App\Entity\PostComment {#1740
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1707 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1687 …2}
+image: null
+body: "@Rustmilian@lemmy.world yeah, already tried it. The problem is that all of the apps in the instance are only installed for the root user (e.g. python and all it's libraries. So, when I use su -c all I get is a lot of command not found messages that would take a lot to solve. Besides I expect a lot more problems when the command needs access to some files and some processes (like a sql database) that would require me to do a lot of stuff to grant permissions to the new user. That would eventually work but given the work it requires I thought that some kind of "anti sudo" command or something like that could exist so I can still be the root user but pretend I am not a superadmin"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1698953702 {#1737
date: 2023-11-02 20:35:02.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@Rustmilian@lemmy.world"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#2465 …}
+nested: Doctrine\ORM\PersistentCollection {#2463 …}
+votes: Doctrine\ORM\PersistentCollection {#2411 …}
+reports: Doctrine\ORM\PersistentCollection {#2422 …}
+favourites: Doctrine\ORM\PersistentCollection {#2458 …}
+notifications: Doctrine\ORM\PersistentCollection {#2456 …}
-id: 618
-bodyTs: "'access':66 'alreadi':3 'anti':110 'app':13 'besid':55 'c':36 'command':44,64,112 'could':117 'databas':76 'e.g':24 'eventu':96 'exist':118 'expect':57 'file':69 'found':46 'get':39 'given':99 'grant':88 'instal':19 'instanc':16 'kind':108 'librari':30 'like':73,115 'lot':42,52,59,84 'messag':47 'need':65 'new':92 'permiss':89 'pretend':128 'problem':7,61 'process':72 'python':25 'requir':79,103 'root':22,125 'rustmilian@lemmy.world':1 'solv':54 'someth':114 'sql':75 'still':122 'stuff':86 'su':35 'sudo':111 'superadmin':133 'take':50 'thought':105 'tri':4 'use':34 'user':23,93,126 'work':97,101 'would':49,78,95 'yeah':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342629815373353"
+editedAt: null
+createdAt: DateTimeImmutable @1698953702 {#1730
date: 2023-11-02 20:35:02.0 +01:00
}
}
Proxies\__CG__\App\Entity\PostComment {#1687 …2}
App\Entity\PostComment {#2359
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1698 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1698 …}
+image: null
+body: "@astray@lemm.ee yeah, that could be an option, but if more users exist in that machine then other processes might fail as that instance is part of a bigger cluster that has several processes running. It might not be a big deal, but checking that may still need some work. I'd prefer a way to do it without creating new users, if it exists"
+lang: "en"
+favouriteCount: 5
+score: 0
+lastActive: DateTime @1698951415 {#2452
date: 2023-11-02 19:56:55.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@astray@lemm.ee"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#2361 …}
+nested: Doctrine\ORM\PersistentCollection {#2372 …}
+votes: Doctrine\ORM\PersistentCollection {#2386 …}
+reports: Doctrine\ORM\PersistentCollection {#2385 …}
+favourites: Doctrine\ORM\PersistentCollection {#2378 …}
+notifications: Doctrine\ORM\PersistentCollection {#2381 …}
-id: 623
-bodyTs: "'astray@lemm.ee':1 'big':40 'bigger':28 'check':43 'cluster':29 'could':4 'creat':59 'd':51 'deal':41 'exist':12,64 'fail':20 'instanc':23 'machin':15 'may':45 'might':19,36 'need':47 'new':60 'option':7 'part':25 'prefer':52 'process':18,33 'run':34 'sever':32 'still':46 'user':11,61 'way':54 'without':58 'work':49 'yeah':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342479953246218"
+editedAt: null
+createdAt: DateTimeImmutable @1698951415 {#2453
date: 2023-11-02 19:56:55.0 +01:00
}
}
]
-id: 286
-bodyTs: "'advanc':103 'anyon':95 'aw':19 'block':65 'break':54 'command':2,16,31,73 'disabl':67 'everyon':8 'execut':35,40 'exist':26,81 'hi':7 'instanc':20,24 'know':96 'linux@lemmy.ml':104 'machin':52 'mention':77 'might':53 'mpirun':41 'not-root':4 'option':93 'particular':23 'privileg':38,70 'recommend':45 'root':6,28,37,84 'run':1,14,47,75 'sudo':49,69,88 'suppos':87 'thank':101 'u':89 'user':29,80 'way':63 'wonder':58 'work':10"
+upVotes: 0
+downVotes: 0
+ranking: 1699037071
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342431186356628"
+editedAt: null
+createdAt: DateTimeImmutable @1698950671 {#2915
date: 2023-11-02 19:44:31.0 +01:00
}
+__isInitialized__: true
…2
}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1599 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1599 …}
+image: null
+body: """
@astraeus@programming.dev yep, completely agree on the security issues, that is a mistake that should be fixed. But for the moment I confirmed that root is the only user, and every file and program in the instance can only be used by root (I just created a new user and tried to run the command with su -c but got a lot of permission denials and command not found) \n
If I could hide or disable my own sudo permissions that would save me a lot of work, but I'm starting to think that something like that doesn't exist 🙁
"""
+lang: "en"
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1698954643 {#1702
date: 2023-11-02 20:50:43.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@astraeus@programming.dev"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1618 …}
+nested: Doctrine\ORM\PersistentCollection {#1597 …}
+votes: Doctrine\ORM\PersistentCollection {#1731 …}
+reports: Doctrine\ORM\PersistentCollection {#1723 …}
+favourites: Doctrine\ORM\PersistentCollection {#1721 …}
+notifications: Doctrine\ORM\PersistentCollection {#1728 …}
-id: 616
-bodyTs: "'agre':4 'astraeus@programming.dev':1 'c':57 'command':54,66 'complet':3 'confirm':22 'could':71 'creat':45 'denial':64 'disabl':74 'doesn':97 'everi':30 'exist':99 'file':31 'fix':16 'found':68 'got':59 'hide':72 'instanc':36 'issu':8 'like':95 'lot':61,84 'm':89 'mistak':12 'moment':20 'new':47 'permiss':63,78 'program':33 'root':24,42 'run':52 'save':81 'secur':7 'someth':94 'start':90 'su':56 'sudo':77 'think':92 'tri':50 'use':40 'user':28,48 'work':86 'would':80 'yep':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342691529612536"
+editedAt: null
+createdAt: DateTimeImmutable @1698954643 {#1619
date: 2023-11-02 20:50:43.0 +01:00
}
} |
|
Show voter details
|
| 24 |
DENIED
|
moderate
|
App\Entity\PostComment {#1626
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464
+user: App\Entity\User {#264 …}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+image: null
+slug: "Run-command-as-not-root-Hi-everyone-At-work-I-have"
+body: """
Run command as not-root\n
\n
Hi everyone\n
\n
At work, I have to run a command in an AWS instance. In that particular instance only exists the root user. The command should not be executed with root privileges (it executes mpirun, which is not recommended to run as sudo or the machine might break), so I was wondering if there is a way to block or disable the sudo privileges while the command is running. As mentioned, the only user existing there is root, so I suppose "sudo -u" is not an option.\n
\n
Does anyone know how to do it? Thanks in advance!\n
\n
@linux@lemmy.ml
"""
+lang: "en"
+commentCount: 30
+favouriteCount: 36
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1699069034 {#2916
date: 2023-11-04 04:37:14.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
]
+comments: Doctrine\ORM\PersistentCollection {#2917 …}
+votes: Doctrine\ORM\PersistentCollection {#2926 …}
+reports: Doctrine\ORM\PersistentCollection {#2928 …}
+favourites: Doctrine\ORM\PersistentCollection {#2960 …}
+notifications: Doctrine\ORM\PersistentCollection {#2956 …}
+children: [
App\Entity\PostComment {#1422
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1690 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1698 …}
+image: null
+body: """
@elscallr@lemmy.world I agree about the instance configuration, fixing that is the real solution \n
My question was not about running something as another user, but about hiding the superadmin privileges from a single command I'd execute without switching users. However it is clear that something like that doesn't exist so I'll do the right thing and set everything to work with a new user
"""
+lang: "en"
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1699022526 {#1785
date: 2023-11-03 15:42:06.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@astray@lemm.ee"
"@elscallr@lemmy.world"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1709 …}
+nested: Doctrine\ORM\PersistentCollection {#1458 …}
+votes: Doctrine\ORM\PersistentCollection {#1428 …}
+reports: Doctrine\ORM\PersistentCollection {#1765 …}
+favourites: Doctrine\ORM\PersistentCollection {#1584 …}
+notifications: Doctrine\ORM\PersistentCollection {#1583 …}
-id: 635
-bodyTs: "'agre':3 'anoth':22 'clear':43 'command':33 'configur':7 'd':35 'doesn':48 'elscallr@lemmy.world':1 'everyth':60 'execut':36 'exist':50 'fix':8 'hide':26 'howev':40 'instanc':6 'like':46 'll':53 'new':65 'privileg':29 'question':15 'real':12 'right':56 'run':19 'set':59 'singl':32 'solut':13 'someth':20,45 'superadmin':28 'switch':38 'thing':57 'user':23,39,66 'without':37 'work':62"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111347140288436938"
+editedAt: null
+createdAt: DateTimeImmutable @1699022526 {#1413
date: 2023-11-03 15:42:06.0 +01:00
}
}
App\Entity\PostComment {#1549
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1576 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1586 …}
+image: null
+body: "@ursakhiin@beehaw.org honestly, I didn't even know an aws instance could be a docker image. Everything I did was creating the instance normally so I assumed it was just a regular vm. But already double checked and it is not a docker image, so no problem there 🙂"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1699021862 {#1447
date: 2023-11-03 15:31:02.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@ursakhiin@beehaw.org"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1573 …}
+nested: Doctrine\ORM\PersistentCollection {#1568 …}
+votes: Doctrine\ORM\PersistentCollection {#1528 …}
+reports: Doctrine\ORM\PersistentCollection {#1561 …}
+favourites: Doctrine\ORM\PersistentCollection {#1567 …}
+notifications: Doctrine\ORM\PersistentCollection {#1559 …}
-id: 633
-bodyTs: "'alreadi':34 'assum':26 'aw':9 'check':36 'could':11 'creat':20 'didn':4 'docker':14,42 'doubl':35 'even':6 'everyth':16 'honest':2 'imag':15,43 'instanc':10,22 'know':7 'normal':23 'problem':46 'regular':31 'ursakhiin@beehaw.org':1 'vm':32"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111347096751430470"
+editedAt: null
+createdAt: DateTimeImmutable @1699021862 {#1423
date: 2023-11-03 15:31:02.0 +01:00
}
}
App\Entity\PostComment {#1563
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1586 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1586 …}
+image: null
+body: "@ursakhiin@beehaw.org honestly, didn't consider it. Just checked and the "docker" command doesn't even exist so I assume that is not the case. Do you know if the is any other way I can be certain?"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1698980683 {#1551
date: 2023-11-03 04:04:43.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@ursakhiin@beehaw.org"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1562 …}
+nested: Doctrine\ORM\PersistentCollection {#1554 …}
+votes: Doctrine\ORM\PersistentCollection {#1556 …}
+reports: Doctrine\ORM\PersistentCollection {#1555 …}
+favourites: Doctrine\ORM\PersistentCollection {#1620 …}
+notifications: Doctrine\ORM\PersistentCollection {#1604 …}
-id: 629
-bodyTs: "'assum':19 'case':24 'certain':37 'check':8 'command':12 'consid':5 'didn':3 'docker':11 'doesn':13 'even':15 'exist':16 'honest':2 'know':27 'ursakhiin@beehaw.org':1 'way':33"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111344398050955313"
+editedAt: null
+createdAt: DateTimeImmutable @1698980683 {#1427
date: 2023-11-03 04:04:43.0 +01:00
}
}
App\Entity\PostComment {#1701
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1683 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1687
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: null
+root: null
+image: null
+body: """
Forgot to mention that creating a new user brings a lot of problems because of how that machine is configured and all the tools that would need to be added the new user's permission. In theory it would eventually work after some time working on it, but I'd like to know if there's a way to do it without creating users (or if it's impossible, so I can just go on with that only option) \n
@linux@lemmy.ml
"""
+lang: "en"
+favouriteCount: 4
+score: 0
+lastActive: DateTime @1698951882 {#1741
date: 2023-11-02 20:04:42.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#2457 …}
+nested: Doctrine\ORM\PersistentCollection {#2455 …}
+votes: Doctrine\ORM\PersistentCollection {#2468 …}
+reports: Doctrine\ORM\PersistentCollection {#2469 …}
+favourites: Doctrine\ORM\PersistentCollection {#2471 …}
+notifications: Doctrine\ORM\PersistentCollection {#2363 …}
-id: 608
-bodyTs: "'ad':30 'bring':9 'configur':20 'creat':5,63 'd':50 'eventu':40 'forgot':1 'go':74 'imposs':69 'know':53 'like':51 'linux@lemmy.ml':80 'lot':11 'machin':18 'mention':3 'need':27 'new':7,32 'option':79 'permiss':35 'problem':13 'theori':37 'time':44 'tool':24 'user':8,33,64 'way':58 'without':62 'work':41,45 'would':26,39"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342510555544223"
+editedAt: null
+createdAt: DateTimeImmutable @1698951882 {#1739
date: 2023-11-02 20:04:42.0 +01:00
}
+__isInitialized__: true
…2
}
+image: null
+body: """
@Oisteink@feddit.nl yep, that seems the right thing to do. Honestly, most of the real problem was lazyness to reconfigure everything, and that's why I published the question. But now I'm convinced that that's the only way lol \n
Thanks for the help!
"""
+lang: "en"
+favouriteCount: 2
+score: 0
+lastActive: DateTime @1698958797 {#1566
date: 2023-11-02 21:59:57.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@Oisteink@feddit.nl"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1680 …}
+nested: Doctrine\ORM\PersistentCollection {#1686 …}
+votes: Doctrine\ORM\PersistentCollection {#1692 …}
+reports: Doctrine\ORM\PersistentCollection {#1705 …}
+favourites: Doctrine\ORM\PersistentCollection {#1616 …}
+notifications: Doctrine\ORM\PersistentCollection {#1598 …}
-id: 620
-bodyTs: "'convinc':33 'everyth':20 'help':44 'honest':10 'lazy':17 'lol':40 'm':32 'oisteink@feddit.nl':1 'problem':15 'publish':26 'question':28 'real':14 'reconfigur':19 'right':6 'seem':4 'thank':41 'thing':7 'way':39 'yep':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342963738833873"
+editedAt: null
+createdAt: DateTimeImmutable @1698958797 {#1564
date: 2023-11-02 21:59:57.0 +01:00
}
}
App\Entity\PostComment {#1626}
App\Entity\PostComment {#1734
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1732 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1687 …2}
+image: null
+body: "@Oisteink@feddit.nl in another comment (<https://social.vivaldi.net/users/nirogu/statuses/111342629815373353>) I explained why I'd prefer not to create another user, as it would require a lot of work to configure everything again for that command to work (it's a big process). I was thinking of hiding my sudo permissions from the program or something like that, if possible, because many things in the instance are only configured to be used with the root user, even if they don't require sudo. Anyway, I'm seeing that it might not be possible so creating a new user could be the only option 🙁"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1698954358 {#1628
date: 2023-11-02 20:45:58.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@Oisteink@feddit.nl"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1727 …}
+nested: Doctrine\ORM\PersistentCollection {#1733 …}
+votes: Doctrine\ORM\PersistentCollection {#1724 …}
+reports: Doctrine\ORM\PersistentCollection {#1715 …}
+favourites: Doctrine\ORM\PersistentCollection {#1718 …}
+notifications: Doctrine\ORM\PersistentCollection {#1716 …}
-id: 612
-bodyTs: "'/users/nirogu/statuses/111342629815373353':7 'anoth':3,17 'anyway':81 'big':39 'command':33 'comment':4 'configur':28,66 'could':96 'creat':16,92 'd':12 'even':74 'everyth':29 'explain':9 'hide':45 'instanc':63 'like':54 'lot':24 'm':83 'mani':59 'might':87 'new':94 'oisteink@feddit.nl':1 'option':100 'permiss':48 'possibl':57,90 'prefer':13 'process':40 'program':51 'requir':22,79 'root':72 'see':84 'social.vivaldi.net':6 'social.vivaldi.net/users/nirogu/statuses/111342629815373353':5 'someth':53 'sudo':47,80 'thing':60 'think':43 'use':69 'user':18,73,95 'work':26,35 'would':21"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342672818386955"
+editedAt: null
+createdAt: DateTimeImmutable @1698954358 {#1629
date: 2023-11-02 20:45:58.0 +01:00
}
}
App\Entity\PostComment {#1740
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1707 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1687 …2}
+image: null
+body: "@Rustmilian@lemmy.world yeah, already tried it. The problem is that all of the apps in the instance are only installed for the root user (e.g. python and all it's libraries. So, when I use su -c all I get is a lot of command not found messages that would take a lot to solve. Besides I expect a lot more problems when the command needs access to some files and some processes (like a sql database) that would require me to do a lot of stuff to grant permissions to the new user. That would eventually work but given the work it requires I thought that some kind of "anti sudo" command or something like that could exist so I can still be the root user but pretend I am not a superadmin"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1698953702 {#1737
date: 2023-11-02 20:35:02.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@Rustmilian@lemmy.world"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#2465 …}
+nested: Doctrine\ORM\PersistentCollection {#2463 …}
+votes: Doctrine\ORM\PersistentCollection {#2411 …}
+reports: Doctrine\ORM\PersistentCollection {#2422 …}
+favourites: Doctrine\ORM\PersistentCollection {#2458 …}
+notifications: Doctrine\ORM\PersistentCollection {#2456 …}
-id: 618
-bodyTs: "'access':66 'alreadi':3 'anti':110 'app':13 'besid':55 'c':36 'command':44,64,112 'could':117 'databas':76 'e.g':24 'eventu':96 'exist':118 'expect':57 'file':69 'found':46 'get':39 'given':99 'grant':88 'instal':19 'instanc':16 'kind':108 'librari':30 'like':73,115 'lot':42,52,59,84 'messag':47 'need':65 'new':92 'permiss':89 'pretend':128 'problem':7,61 'process':72 'python':25 'requir':79,103 'root':22,125 'rustmilian@lemmy.world':1 'solv':54 'someth':114 'sql':75 'still':122 'stuff':86 'su':35 'sudo':111 'superadmin':133 'take':50 'thought':105 'tri':4 'use':34 'user':23,93,126 'work':97,101 'would':49,78,95 'yeah':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342629815373353"
+editedAt: null
+createdAt: DateTimeImmutable @1698953702 {#1730
date: 2023-11-02 20:35:02.0 +01:00
}
}
Proxies\__CG__\App\Entity\PostComment {#1687 …2}
App\Entity\PostComment {#2359
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1698 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1698 …}
+image: null
+body: "@astray@lemm.ee yeah, that could be an option, but if more users exist in that machine then other processes might fail as that instance is part of a bigger cluster that has several processes running. It might not be a big deal, but checking that may still need some work. I'd prefer a way to do it without creating new users, if it exists"
+lang: "en"
+favouriteCount: 5
+score: 0
+lastActive: DateTime @1698951415 {#2452
date: 2023-11-02 19:56:55.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@astray@lemm.ee"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#2361 …}
+nested: Doctrine\ORM\PersistentCollection {#2372 …}
+votes: Doctrine\ORM\PersistentCollection {#2386 …}
+reports: Doctrine\ORM\PersistentCollection {#2385 …}
+favourites: Doctrine\ORM\PersistentCollection {#2378 …}
+notifications: Doctrine\ORM\PersistentCollection {#2381 …}
-id: 623
-bodyTs: "'astray@lemm.ee':1 'big':40 'bigger':28 'check':43 'cluster':29 'could':4 'creat':59 'd':51 'deal':41 'exist':12,64 'fail':20 'instanc':23 'machin':15 'may':45 'might':19,36 'need':47 'new':60 'option':7 'part':25 'prefer':52 'process':18,33 'run':34 'sever':32 'still':46 'user':11,61 'way':54 'without':58 'work':49 'yeah':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342479953246218"
+editedAt: null
+createdAt: DateTimeImmutable @1698951415 {#2453
date: 2023-11-02 19:56:55.0 +01:00
}
}
]
-id: 286
-bodyTs: "'advanc':103 'anyon':95 'aw':19 'block':65 'break':54 'command':2,16,31,73 'disabl':67 'everyon':8 'execut':35,40 'exist':26,81 'hi':7 'instanc':20,24 'know':96 'linux@lemmy.ml':104 'machin':52 'mention':77 'might':53 'mpirun':41 'not-root':4 'option':93 'particular':23 'privileg':38,70 'recommend':45 'root':6,28,37,84 'run':1,14,47,75 'sudo':49,69,88 'suppos':87 'thank':101 'u':89 'user':29,80 'way':63 'wonder':58 'work':10"
+upVotes: 0
+downVotes: 0
+ranking: 1699037071
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342431186356628"
+editedAt: null
+createdAt: DateTimeImmutable @1698950671 {#2915
date: 2023-11-02 19:44:31.0 +01:00
}
+__isInitialized__: true
…2
}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1599 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1599 …}
+image: null
+body: """
@astraeus@programming.dev yep, completely agree on the security issues, that is a mistake that should be fixed. But for the moment I confirmed that root is the only user, and every file and program in the instance can only be used by root (I just created a new user and tried to run the command with su -c but got a lot of permission denials and command not found) \n
If I could hide or disable my own sudo permissions that would save me a lot of work, but I'm starting to think that something like that doesn't exist 🙁
"""
+lang: "en"
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1698954643 {#1702
date: 2023-11-02 20:50:43.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@astraeus@programming.dev"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1618 …}
+nested: Doctrine\ORM\PersistentCollection {#1597 …}
+votes: Doctrine\ORM\PersistentCollection {#1731 …}
+reports: Doctrine\ORM\PersistentCollection {#1723 …}
+favourites: Doctrine\ORM\PersistentCollection {#1721 …}
+notifications: Doctrine\ORM\PersistentCollection {#1728 …}
-id: 616
-bodyTs: "'agre':4 'astraeus@programming.dev':1 'c':57 'command':54,66 'complet':3 'confirm':22 'could':71 'creat':45 'denial':64 'disabl':74 'doesn':97 'everi':30 'exist':99 'file':31 'fix':16 'found':68 'got':59 'hide':72 'instanc':36 'issu':8 'like':95 'lot':61,84 'm':89 'mistak':12 'moment':20 'new':47 'permiss':63,78 'program':33 'root':24,42 'run':52 'save':81 'secur':7 'someth':94 'start':90 'su':56 'sudo':77 'think':92 'tri':50 'use':40 'user':28,48 'work':86 'would':80 'yep':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342691529612536"
+editedAt: null
+createdAt: DateTimeImmutable @1698954643 {#1619
date: 2023-11-02 20:50:43.0 +01:00
}
} |
|
Show voter details
|
| 25 |
DENIED
|
ROLE_USER
|
null |
|
Show voter details
|
| 26 |
DENIED
|
moderate
|
App\Entity\PostComment {#1701
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464
+user: App\Entity\User {#264 …}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+image: null
+slug: "Run-command-as-not-root-Hi-everyone-At-work-I-have"
+body: """
Run command as not-root\n
\n
Hi everyone\n
\n
At work, I have to run a command in an AWS instance. In that particular instance only exists the root user. The command should not be executed with root privileges (it executes mpirun, which is not recommended to run as sudo or the machine might break), so I was wondering if there is a way to block or disable the sudo privileges while the command is running. As mentioned, the only user existing there is root, so I suppose "sudo -u" is not an option.\n
\n
Does anyone know how to do it? Thanks in advance!\n
\n
@linux@lemmy.ml
"""
+lang: "en"
+commentCount: 30
+favouriteCount: 36
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1699069034 {#2916
date: 2023-11-04 04:37:14.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
]
+comments: Doctrine\ORM\PersistentCollection {#2917 …}
+votes: Doctrine\ORM\PersistentCollection {#2926 …}
+reports: Doctrine\ORM\PersistentCollection {#2928 …}
+favourites: Doctrine\ORM\PersistentCollection {#2960 …}
+notifications: Doctrine\ORM\PersistentCollection {#2956 …}
+children: [
App\Entity\PostComment {#1422
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1690 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1698 …}
+image: null
+body: """
@elscallr@lemmy.world I agree about the instance configuration, fixing that is the real solution \n
My question was not about running something as another user, but about hiding the superadmin privileges from a single command I'd execute without switching users. However it is clear that something like that doesn't exist so I'll do the right thing and set everything to work with a new user
"""
+lang: "en"
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1699022526 {#1785
date: 2023-11-03 15:42:06.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@astray@lemm.ee"
"@elscallr@lemmy.world"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1709 …}
+nested: Doctrine\ORM\PersistentCollection {#1458 …}
+votes: Doctrine\ORM\PersistentCollection {#1428 …}
+reports: Doctrine\ORM\PersistentCollection {#1765 …}
+favourites: Doctrine\ORM\PersistentCollection {#1584 …}
+notifications: Doctrine\ORM\PersistentCollection {#1583 …}
-id: 635
-bodyTs: "'agre':3 'anoth':22 'clear':43 'command':33 'configur':7 'd':35 'doesn':48 'elscallr@lemmy.world':1 'everyth':60 'execut':36 'exist':50 'fix':8 'hide':26 'howev':40 'instanc':6 'like':46 'll':53 'new':65 'privileg':29 'question':15 'real':12 'right':56 'run':19 'set':59 'singl':32 'solut':13 'someth':20,45 'superadmin':28 'switch':38 'thing':57 'user':23,39,66 'without':37 'work':62"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111347140288436938"
+editedAt: null
+createdAt: DateTimeImmutable @1699022526 {#1413
date: 2023-11-03 15:42:06.0 +01:00
}
}
App\Entity\PostComment {#1549
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1576 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1586 …}
+image: null
+body: "@ursakhiin@beehaw.org honestly, I didn't even know an aws instance could be a docker image. Everything I did was creating the instance normally so I assumed it was just a regular vm. But already double checked and it is not a docker image, so no problem there 🙂"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1699021862 {#1447
date: 2023-11-03 15:31:02.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@ursakhiin@beehaw.org"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1573 …}
+nested: Doctrine\ORM\PersistentCollection {#1568 …}
+votes: Doctrine\ORM\PersistentCollection {#1528 …}
+reports: Doctrine\ORM\PersistentCollection {#1561 …}
+favourites: Doctrine\ORM\PersistentCollection {#1567 …}
+notifications: Doctrine\ORM\PersistentCollection {#1559 …}
-id: 633
-bodyTs: "'alreadi':34 'assum':26 'aw':9 'check':36 'could':11 'creat':20 'didn':4 'docker':14,42 'doubl':35 'even':6 'everyth':16 'honest':2 'imag':15,43 'instanc':10,22 'know':7 'normal':23 'problem':46 'regular':31 'ursakhiin@beehaw.org':1 'vm':32"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111347096751430470"
+editedAt: null
+createdAt: DateTimeImmutable @1699021862 {#1423
date: 2023-11-03 15:31:02.0 +01:00
}
}
App\Entity\PostComment {#1563
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1586 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1586 …}
+image: null
+body: "@ursakhiin@beehaw.org honestly, didn't consider it. Just checked and the "docker" command doesn't even exist so I assume that is not the case. Do you know if the is any other way I can be certain?"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1698980683 {#1551
date: 2023-11-03 04:04:43.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@ursakhiin@beehaw.org"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1562 …}
+nested: Doctrine\ORM\PersistentCollection {#1554 …}
+votes: Doctrine\ORM\PersistentCollection {#1556 …}
+reports: Doctrine\ORM\PersistentCollection {#1555 …}
+favourites: Doctrine\ORM\PersistentCollection {#1620 …}
+notifications: Doctrine\ORM\PersistentCollection {#1604 …}
-id: 629
-bodyTs: "'assum':19 'case':24 'certain':37 'check':8 'command':12 'consid':5 'didn':3 'docker':11 'doesn':13 'even':15 'exist':16 'honest':2 'know':27 'ursakhiin@beehaw.org':1 'way':33"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111344398050955313"
+editedAt: null
+createdAt: DateTimeImmutable @1698980683 {#1427
date: 2023-11-03 04:04:43.0 +01:00
}
}
App\Entity\PostComment {#1701}
App\Entity\PostComment {#1626
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1599 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1599 …}
+image: null
+body: """
@astraeus@programming.dev yep, completely agree on the security issues, that is a mistake that should be fixed. But for the moment I confirmed that root is the only user, and every file and program in the instance can only be used by root (I just created a new user and tried to run the command with su -c but got a lot of permission denials and command not found) \n
If I could hide or disable my own sudo permissions that would save me a lot of work, but I'm starting to think that something like that doesn't exist 🙁
"""
+lang: "en"
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1698954643 {#1702
date: 2023-11-02 20:50:43.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@astraeus@programming.dev"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1618 …}
+nested: Doctrine\ORM\PersistentCollection {#1597 …}
+votes: Doctrine\ORM\PersistentCollection {#1731 …}
+reports: Doctrine\ORM\PersistentCollection {#1723 …}
+favourites: Doctrine\ORM\PersistentCollection {#1721 …}
+notifications: Doctrine\ORM\PersistentCollection {#1728 …}
-id: 616
-bodyTs: "'agre':4 'astraeus@programming.dev':1 'c':57 'command':54,66 'complet':3 'confirm':22 'could':71 'creat':45 'denial':64 'disabl':74 'doesn':97 'everi':30 'exist':99 'file':31 'fix':16 'found':68 'got':59 'hide':72 'instanc':36 'issu':8 'like':95 'lot':61,84 'm':89 'mistak':12 'moment':20 'new':47 'permiss':63,78 'program':33 'root':24,42 'run':52 'save':81 'secur':7 'someth':94 'start':90 'su':56 'sudo':77 'think':92 'tri':50 'use':40 'user':28,48 'work':86 'would':80 'yep':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342691529612536"
+editedAt: null
+createdAt: DateTimeImmutable @1698954643 {#1619
date: 2023-11-02 20:50:43.0 +01:00
}
}
App\Entity\PostComment {#1734
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1732 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1687
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: null
+root: null
+image: null
+body: """
Forgot to mention that creating a new user brings a lot of problems because of how that machine is configured and all the tools that would need to be added the new user's permission. In theory it would eventually work after some time working on it, but I'd like to know if there's a way to do it without creating users (or if it's impossible, so I can just go on with that only option) \n
@linux@lemmy.ml
"""
+lang: "en"
+favouriteCount: 4
+score: 0
+lastActive: DateTime @1698951882 {#1741
date: 2023-11-02 20:04:42.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#2457 …}
+nested: Doctrine\ORM\PersistentCollection {#2455 …}
+votes: Doctrine\ORM\PersistentCollection {#2468 …}
+reports: Doctrine\ORM\PersistentCollection {#2469 …}
+favourites: Doctrine\ORM\PersistentCollection {#2471 …}
+notifications: Doctrine\ORM\PersistentCollection {#2363 …}
-id: 608
-bodyTs: "'ad':30 'bring':9 'configur':20 'creat':5,63 'd':50 'eventu':40 'forgot':1 'go':74 'imposs':69 'know':53 'like':51 'linux@lemmy.ml':80 'lot':11 'machin':18 'mention':3 'need':27 'new':7,32 'option':79 'permiss':35 'problem':13 'theori':37 'time':44 'tool':24 'user':8,33,64 'way':58 'without':62 'work':41,45 'would':26,39"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342510555544223"
+editedAt: null
+createdAt: DateTimeImmutable @1698951882 {#1739
date: 2023-11-02 20:04:42.0 +01:00
}
+__isInitialized__: true
…2
}
+image: null
+body: "@Oisteink@feddit.nl in another comment (<https://social.vivaldi.net/users/nirogu/statuses/111342629815373353>) I explained why I'd prefer not to create another user, as it would require a lot of work to configure everything again for that command to work (it's a big process). I was thinking of hiding my sudo permissions from the program or something like that, if possible, because many things in the instance are only configured to be used with the root user, even if they don't require sudo. Anyway, I'm seeing that it might not be possible so creating a new user could be the only option 🙁"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1698954358 {#1628
date: 2023-11-02 20:45:58.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@Oisteink@feddit.nl"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1727 …}
+nested: Doctrine\ORM\PersistentCollection {#1733 …}
+votes: Doctrine\ORM\PersistentCollection {#1724 …}
+reports: Doctrine\ORM\PersistentCollection {#1715 …}
+favourites: Doctrine\ORM\PersistentCollection {#1718 …}
+notifications: Doctrine\ORM\PersistentCollection {#1716 …}
-id: 612
-bodyTs: "'/users/nirogu/statuses/111342629815373353':7 'anoth':3,17 'anyway':81 'big':39 'command':33 'comment':4 'configur':28,66 'could':96 'creat':16,92 'd':12 'even':74 'everyth':29 'explain':9 'hide':45 'instanc':63 'like':54 'lot':24 'm':83 'mani':59 'might':87 'new':94 'oisteink@feddit.nl':1 'option':100 'permiss':48 'possibl':57,90 'prefer':13 'process':40 'program':51 'requir':22,79 'root':72 'see':84 'social.vivaldi.net':6 'social.vivaldi.net/users/nirogu/statuses/111342629815373353':5 'someth':53 'sudo':47,80 'thing':60 'think':43 'use':69 'user':18,73,95 'work':26,35 'would':21"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342672818386955"
+editedAt: null
+createdAt: DateTimeImmutable @1698954358 {#1629
date: 2023-11-02 20:45:58.0 +01:00
}
}
App\Entity\PostComment {#1740
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1707 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1687 …2}
+image: null
+body: "@Rustmilian@lemmy.world yeah, already tried it. The problem is that all of the apps in the instance are only installed for the root user (e.g. python and all it's libraries. So, when I use su -c all I get is a lot of command not found messages that would take a lot to solve. Besides I expect a lot more problems when the command needs access to some files and some processes (like a sql database) that would require me to do a lot of stuff to grant permissions to the new user. That would eventually work but given the work it requires I thought that some kind of "anti sudo" command or something like that could exist so I can still be the root user but pretend I am not a superadmin"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1698953702 {#1737
date: 2023-11-02 20:35:02.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@Rustmilian@lemmy.world"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#2465 …}
+nested: Doctrine\ORM\PersistentCollection {#2463 …}
+votes: Doctrine\ORM\PersistentCollection {#2411 …}
+reports: Doctrine\ORM\PersistentCollection {#2422 …}
+favourites: Doctrine\ORM\PersistentCollection {#2458 …}
+notifications: Doctrine\ORM\PersistentCollection {#2456 …}
-id: 618
-bodyTs: "'access':66 'alreadi':3 'anti':110 'app':13 'besid':55 'c':36 'command':44,64,112 'could':117 'databas':76 'e.g':24 'eventu':96 'exist':118 'expect':57 'file':69 'found':46 'get':39 'given':99 'grant':88 'instal':19 'instanc':16 'kind':108 'librari':30 'like':73,115 'lot':42,52,59,84 'messag':47 'need':65 'new':92 'permiss':89 'pretend':128 'problem':7,61 'process':72 'python':25 'requir':79,103 'root':22,125 'rustmilian@lemmy.world':1 'solv':54 'someth':114 'sql':75 'still':122 'stuff':86 'su':35 'sudo':111 'superadmin':133 'take':50 'thought':105 'tri':4 'use':34 'user':23,93,126 'work':97,101 'would':49,78,95 'yeah':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342629815373353"
+editedAt: null
+createdAt: DateTimeImmutable @1698953702 {#1730
date: 2023-11-02 20:35:02.0 +01:00
}
}
Proxies\__CG__\App\Entity\PostComment {#1687 …2}
App\Entity\PostComment {#2359
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1698 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1698 …}
+image: null
+body: "@astray@lemm.ee yeah, that could be an option, but if more users exist in that machine then other processes might fail as that instance is part of a bigger cluster that has several processes running. It might not be a big deal, but checking that may still need some work. I'd prefer a way to do it without creating new users, if it exists"
+lang: "en"
+favouriteCount: 5
+score: 0
+lastActive: DateTime @1698951415 {#2452
date: 2023-11-02 19:56:55.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@astray@lemm.ee"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#2361 …}
+nested: Doctrine\ORM\PersistentCollection {#2372 …}
+votes: Doctrine\ORM\PersistentCollection {#2386 …}
+reports: Doctrine\ORM\PersistentCollection {#2385 …}
+favourites: Doctrine\ORM\PersistentCollection {#2378 …}
+notifications: Doctrine\ORM\PersistentCollection {#2381 …}
-id: 623
-bodyTs: "'astray@lemm.ee':1 'big':40 'bigger':28 'check':43 'cluster':29 'could':4 'creat':59 'd':51 'deal':41 'exist':12,64 'fail':20 'instanc':23 'machin':15 'may':45 'might':19,36 'need':47 'new':60 'option':7 'part':25 'prefer':52 'process':18,33 'run':34 'sever':32 'still':46 'user':11,61 'way':54 'without':58 'work':49 'yeah':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342479953246218"
+editedAt: null
+createdAt: DateTimeImmutable @1698951415 {#2453
date: 2023-11-02 19:56:55.0 +01:00
}
}
]
-id: 286
-bodyTs: "'advanc':103 'anyon':95 'aw':19 'block':65 'break':54 'command':2,16,31,73 'disabl':67 'everyon':8 'execut':35,40 'exist':26,81 'hi':7 'instanc':20,24 'know':96 'linux@lemmy.ml':104 'machin':52 'mention':77 'might':53 'mpirun':41 'not-root':4 'option':93 'particular':23 'privileg':38,70 'recommend':45 'root':6,28,37,84 'run':1,14,47,75 'sudo':49,69,88 'suppos':87 'thank':101 'u':89 'user':29,80 'way':63 'wonder':58 'work':10"
+upVotes: 0
+downVotes: 0
+ranking: 1699037071
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342431186356628"
+editedAt: null
+createdAt: DateTimeImmutable @1698950671 {#2915
date: 2023-11-02 19:44:31.0 +01:00
}
+__isInitialized__: true
…2
}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1683 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1687 …2}
+image: null
+body: """
@Oisteink@feddit.nl yep, that seems the right thing to do. Honestly, most of the real problem was lazyness to reconfigure everything, and that's why I published the question. But now I'm convinced that that's the only way lol \n
Thanks for the help!
"""
+lang: "en"
+favouriteCount: 2
+score: 0
+lastActive: DateTime @1698958797 {#1566
date: 2023-11-02 21:59:57.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@Oisteink@feddit.nl"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1680 …}
+nested: Doctrine\ORM\PersistentCollection {#1686 …}
+votes: Doctrine\ORM\PersistentCollection {#1692 …}
+reports: Doctrine\ORM\PersistentCollection {#1705 …}
+favourites: Doctrine\ORM\PersistentCollection {#1616 …}
+notifications: Doctrine\ORM\PersistentCollection {#1598 …}
-id: 620
-bodyTs: "'convinc':33 'everyth':20 'help':44 'honest':10 'lazy':17 'lol':40 'm':32 'oisteink@feddit.nl':1 'problem':15 'publish':26 'question':28 'real':14 'reconfigur':19 'right':6 'seem':4 'thank':41 'thing':7 'way':39 'yep':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342963738833873"
+editedAt: null
+createdAt: DateTimeImmutable @1698958797 {#1564
date: 2023-11-02 21:59:57.0 +01:00
}
} |
|
Show voter details
|
| 27 |
DENIED
|
edit
|
App\Entity\PostComment {#1701
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464
+user: App\Entity\User {#264 …}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+image: null
+slug: "Run-command-as-not-root-Hi-everyone-At-work-I-have"
+body: """
Run command as not-root\n
\n
Hi everyone\n
\n
At work, I have to run a command in an AWS instance. In that particular instance only exists the root user. The command should not be executed with root privileges (it executes mpirun, which is not recommended to run as sudo or the machine might break), so I was wondering if there is a way to block or disable the sudo privileges while the command is running. As mentioned, the only user existing there is root, so I suppose "sudo -u" is not an option.\n
\n
Does anyone know how to do it? Thanks in advance!\n
\n
@linux@lemmy.ml
"""
+lang: "en"
+commentCount: 30
+favouriteCount: 36
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1699069034 {#2916
date: 2023-11-04 04:37:14.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
]
+comments: Doctrine\ORM\PersistentCollection {#2917 …}
+votes: Doctrine\ORM\PersistentCollection {#2926 …}
+reports: Doctrine\ORM\PersistentCollection {#2928 …}
+favourites: Doctrine\ORM\PersistentCollection {#2960 …}
+notifications: Doctrine\ORM\PersistentCollection {#2956 …}
+children: [
App\Entity\PostComment {#1422
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1690 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1698 …}
+image: null
+body: """
@elscallr@lemmy.world I agree about the instance configuration, fixing that is the real solution \n
My question was not about running something as another user, but about hiding the superadmin privileges from a single command I'd execute without switching users. However it is clear that something like that doesn't exist so I'll do the right thing and set everything to work with a new user
"""
+lang: "en"
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1699022526 {#1785
date: 2023-11-03 15:42:06.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@astray@lemm.ee"
"@elscallr@lemmy.world"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1709 …}
+nested: Doctrine\ORM\PersistentCollection {#1458 …}
+votes: Doctrine\ORM\PersistentCollection {#1428 …}
+reports: Doctrine\ORM\PersistentCollection {#1765 …}
+favourites: Doctrine\ORM\PersistentCollection {#1584 …}
+notifications: Doctrine\ORM\PersistentCollection {#1583 …}
-id: 635
-bodyTs: "'agre':3 'anoth':22 'clear':43 'command':33 'configur':7 'd':35 'doesn':48 'elscallr@lemmy.world':1 'everyth':60 'execut':36 'exist':50 'fix':8 'hide':26 'howev':40 'instanc':6 'like':46 'll':53 'new':65 'privileg':29 'question':15 'real':12 'right':56 'run':19 'set':59 'singl':32 'solut':13 'someth':20,45 'superadmin':28 'switch':38 'thing':57 'user':23,39,66 'without':37 'work':62"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111347140288436938"
+editedAt: null
+createdAt: DateTimeImmutable @1699022526 {#1413
date: 2023-11-03 15:42:06.0 +01:00
}
}
App\Entity\PostComment {#1549
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1576 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1586 …}
+image: null
+body: "@ursakhiin@beehaw.org honestly, I didn't even know an aws instance could be a docker image. Everything I did was creating the instance normally so I assumed it was just a regular vm. But already double checked and it is not a docker image, so no problem there 🙂"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1699021862 {#1447
date: 2023-11-03 15:31:02.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@ursakhiin@beehaw.org"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1573 …}
+nested: Doctrine\ORM\PersistentCollection {#1568 …}
+votes: Doctrine\ORM\PersistentCollection {#1528 …}
+reports: Doctrine\ORM\PersistentCollection {#1561 …}
+favourites: Doctrine\ORM\PersistentCollection {#1567 …}
+notifications: Doctrine\ORM\PersistentCollection {#1559 …}
-id: 633
-bodyTs: "'alreadi':34 'assum':26 'aw':9 'check':36 'could':11 'creat':20 'didn':4 'docker':14,42 'doubl':35 'even':6 'everyth':16 'honest':2 'imag':15,43 'instanc':10,22 'know':7 'normal':23 'problem':46 'regular':31 'ursakhiin@beehaw.org':1 'vm':32"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111347096751430470"
+editedAt: null
+createdAt: DateTimeImmutable @1699021862 {#1423
date: 2023-11-03 15:31:02.0 +01:00
}
}
App\Entity\PostComment {#1563
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1586 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1586 …}
+image: null
+body: "@ursakhiin@beehaw.org honestly, didn't consider it. Just checked and the "docker" command doesn't even exist so I assume that is not the case. Do you know if the is any other way I can be certain?"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1698980683 {#1551
date: 2023-11-03 04:04:43.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@ursakhiin@beehaw.org"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1562 …}
+nested: Doctrine\ORM\PersistentCollection {#1554 …}
+votes: Doctrine\ORM\PersistentCollection {#1556 …}
+reports: Doctrine\ORM\PersistentCollection {#1555 …}
+favourites: Doctrine\ORM\PersistentCollection {#1620 …}
+notifications: Doctrine\ORM\PersistentCollection {#1604 …}
-id: 629
-bodyTs: "'assum':19 'case':24 'certain':37 'check':8 'command':12 'consid':5 'didn':3 'docker':11 'doesn':13 'even':15 'exist':16 'honest':2 'know':27 'ursakhiin@beehaw.org':1 'way':33"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111344398050955313"
+editedAt: null
+createdAt: DateTimeImmutable @1698980683 {#1427
date: 2023-11-03 04:04:43.0 +01:00
}
}
App\Entity\PostComment {#1701}
App\Entity\PostComment {#1626
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1599 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1599 …}
+image: null
+body: """
@astraeus@programming.dev yep, completely agree on the security issues, that is a mistake that should be fixed. But for the moment I confirmed that root is the only user, and every file and program in the instance can only be used by root (I just created a new user and tried to run the command with su -c but got a lot of permission denials and command not found) \n
If I could hide or disable my own sudo permissions that would save me a lot of work, but I'm starting to think that something like that doesn't exist 🙁
"""
+lang: "en"
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1698954643 {#1702
date: 2023-11-02 20:50:43.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@astraeus@programming.dev"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1618 …}
+nested: Doctrine\ORM\PersistentCollection {#1597 …}
+votes: Doctrine\ORM\PersistentCollection {#1731 …}
+reports: Doctrine\ORM\PersistentCollection {#1723 …}
+favourites: Doctrine\ORM\PersistentCollection {#1721 …}
+notifications: Doctrine\ORM\PersistentCollection {#1728 …}
-id: 616
-bodyTs: "'agre':4 'astraeus@programming.dev':1 'c':57 'command':54,66 'complet':3 'confirm':22 'could':71 'creat':45 'denial':64 'disabl':74 'doesn':97 'everi':30 'exist':99 'file':31 'fix':16 'found':68 'got':59 'hide':72 'instanc':36 'issu':8 'like':95 'lot':61,84 'm':89 'mistak':12 'moment':20 'new':47 'permiss':63,78 'program':33 'root':24,42 'run':52 'save':81 'secur':7 'someth':94 'start':90 'su':56 'sudo':77 'think':92 'tri':50 'use':40 'user':28,48 'work':86 'would':80 'yep':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342691529612536"
+editedAt: null
+createdAt: DateTimeImmutable @1698954643 {#1619
date: 2023-11-02 20:50:43.0 +01:00
}
}
App\Entity\PostComment {#1734
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1732 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1687
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: null
+root: null
+image: null
+body: """
Forgot to mention that creating a new user brings a lot of problems because of how that machine is configured and all the tools that would need to be added the new user's permission. In theory it would eventually work after some time working on it, but I'd like to know if there's a way to do it without creating users (or if it's impossible, so I can just go on with that only option) \n
@linux@lemmy.ml
"""
+lang: "en"
+favouriteCount: 4
+score: 0
+lastActive: DateTime @1698951882 {#1741
date: 2023-11-02 20:04:42.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#2457 …}
+nested: Doctrine\ORM\PersistentCollection {#2455 …}
+votes: Doctrine\ORM\PersistentCollection {#2468 …}
+reports: Doctrine\ORM\PersistentCollection {#2469 …}
+favourites: Doctrine\ORM\PersistentCollection {#2471 …}
+notifications: Doctrine\ORM\PersistentCollection {#2363 …}
-id: 608
-bodyTs: "'ad':30 'bring':9 'configur':20 'creat':5,63 'd':50 'eventu':40 'forgot':1 'go':74 'imposs':69 'know':53 'like':51 'linux@lemmy.ml':80 'lot':11 'machin':18 'mention':3 'need':27 'new':7,32 'option':79 'permiss':35 'problem':13 'theori':37 'time':44 'tool':24 'user':8,33,64 'way':58 'without':62 'work':41,45 'would':26,39"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342510555544223"
+editedAt: null
+createdAt: DateTimeImmutable @1698951882 {#1739
date: 2023-11-02 20:04:42.0 +01:00
}
+__isInitialized__: true
…2
}
+image: null
+body: "@Oisteink@feddit.nl in another comment (<https://social.vivaldi.net/users/nirogu/statuses/111342629815373353>) I explained why I'd prefer not to create another user, as it would require a lot of work to configure everything again for that command to work (it's a big process). I was thinking of hiding my sudo permissions from the program or something like that, if possible, because many things in the instance are only configured to be used with the root user, even if they don't require sudo. Anyway, I'm seeing that it might not be possible so creating a new user could be the only option 🙁"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1698954358 {#1628
date: 2023-11-02 20:45:58.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@Oisteink@feddit.nl"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1727 …}
+nested: Doctrine\ORM\PersistentCollection {#1733 …}
+votes: Doctrine\ORM\PersistentCollection {#1724 …}
+reports: Doctrine\ORM\PersistentCollection {#1715 …}
+favourites: Doctrine\ORM\PersistentCollection {#1718 …}
+notifications: Doctrine\ORM\PersistentCollection {#1716 …}
-id: 612
-bodyTs: "'/users/nirogu/statuses/111342629815373353':7 'anoth':3,17 'anyway':81 'big':39 'command':33 'comment':4 'configur':28,66 'could':96 'creat':16,92 'd':12 'even':74 'everyth':29 'explain':9 'hide':45 'instanc':63 'like':54 'lot':24 'm':83 'mani':59 'might':87 'new':94 'oisteink@feddit.nl':1 'option':100 'permiss':48 'possibl':57,90 'prefer':13 'process':40 'program':51 'requir':22,79 'root':72 'see':84 'social.vivaldi.net':6 'social.vivaldi.net/users/nirogu/statuses/111342629815373353':5 'someth':53 'sudo':47,80 'thing':60 'think':43 'use':69 'user':18,73,95 'work':26,35 'would':21"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342672818386955"
+editedAt: null
+createdAt: DateTimeImmutable @1698954358 {#1629
date: 2023-11-02 20:45:58.0 +01:00
}
}
App\Entity\PostComment {#1740
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1707 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1687 …2}
+image: null
+body: "@Rustmilian@lemmy.world yeah, already tried it. The problem is that all of the apps in the instance are only installed for the root user (e.g. python and all it's libraries. So, when I use su -c all I get is a lot of command not found messages that would take a lot to solve. Besides I expect a lot more problems when the command needs access to some files and some processes (like a sql database) that would require me to do a lot of stuff to grant permissions to the new user. That would eventually work but given the work it requires I thought that some kind of "anti sudo" command or something like that could exist so I can still be the root user but pretend I am not a superadmin"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1698953702 {#1737
date: 2023-11-02 20:35:02.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@Rustmilian@lemmy.world"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#2465 …}
+nested: Doctrine\ORM\PersistentCollection {#2463 …}
+votes: Doctrine\ORM\PersistentCollection {#2411 …}
+reports: Doctrine\ORM\PersistentCollection {#2422 …}
+favourites: Doctrine\ORM\PersistentCollection {#2458 …}
+notifications: Doctrine\ORM\PersistentCollection {#2456 …}
-id: 618
-bodyTs: "'access':66 'alreadi':3 'anti':110 'app':13 'besid':55 'c':36 'command':44,64,112 'could':117 'databas':76 'e.g':24 'eventu':96 'exist':118 'expect':57 'file':69 'found':46 'get':39 'given':99 'grant':88 'instal':19 'instanc':16 'kind':108 'librari':30 'like':73,115 'lot':42,52,59,84 'messag':47 'need':65 'new':92 'permiss':89 'pretend':128 'problem':7,61 'process':72 'python':25 'requir':79,103 'root':22,125 'rustmilian@lemmy.world':1 'solv':54 'someth':114 'sql':75 'still':122 'stuff':86 'su':35 'sudo':111 'superadmin':133 'take':50 'thought':105 'tri':4 'use':34 'user':23,93,126 'work':97,101 'would':49,78,95 'yeah':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342629815373353"
+editedAt: null
+createdAt: DateTimeImmutable @1698953702 {#1730
date: 2023-11-02 20:35:02.0 +01:00
}
}
Proxies\__CG__\App\Entity\PostComment {#1687 …2}
App\Entity\PostComment {#2359
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1698 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1698 …}
+image: null
+body: "@astray@lemm.ee yeah, that could be an option, but if more users exist in that machine then other processes might fail as that instance is part of a bigger cluster that has several processes running. It might not be a big deal, but checking that may still need some work. I'd prefer a way to do it without creating new users, if it exists"
+lang: "en"
+favouriteCount: 5
+score: 0
+lastActive: DateTime @1698951415 {#2452
date: 2023-11-02 19:56:55.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@astray@lemm.ee"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#2361 …}
+nested: Doctrine\ORM\PersistentCollection {#2372 …}
+votes: Doctrine\ORM\PersistentCollection {#2386 …}
+reports: Doctrine\ORM\PersistentCollection {#2385 …}
+favourites: Doctrine\ORM\PersistentCollection {#2378 …}
+notifications: Doctrine\ORM\PersistentCollection {#2381 …}
-id: 623
-bodyTs: "'astray@lemm.ee':1 'big':40 'bigger':28 'check':43 'cluster':29 'could':4 'creat':59 'd':51 'deal':41 'exist':12,64 'fail':20 'instanc':23 'machin':15 'may':45 'might':19,36 'need':47 'new':60 'option':7 'part':25 'prefer':52 'process':18,33 'run':34 'sever':32 'still':46 'user':11,61 'way':54 'without':58 'work':49 'yeah':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342479953246218"
+editedAt: null
+createdAt: DateTimeImmutable @1698951415 {#2453
date: 2023-11-02 19:56:55.0 +01:00
}
}
]
-id: 286
-bodyTs: "'advanc':103 'anyon':95 'aw':19 'block':65 'break':54 'command':2,16,31,73 'disabl':67 'everyon':8 'execut':35,40 'exist':26,81 'hi':7 'instanc':20,24 'know':96 'linux@lemmy.ml':104 'machin':52 'mention':77 'might':53 'mpirun':41 'not-root':4 'option':93 'particular':23 'privileg':38,70 'recommend':45 'root':6,28,37,84 'run':1,14,47,75 'sudo':49,69,88 'suppos':87 'thank':101 'u':89 'user':29,80 'way':63 'wonder':58 'work':10"
+upVotes: 0
+downVotes: 0
+ranking: 1699037071
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342431186356628"
+editedAt: null
+createdAt: DateTimeImmutable @1698950671 {#2915
date: 2023-11-02 19:44:31.0 +01:00
}
+__isInitialized__: true
…2
}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1683 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1687 …2}
+image: null
+body: """
@Oisteink@feddit.nl yep, that seems the right thing to do. Honestly, most of the real problem was lazyness to reconfigure everything, and that's why I published the question. But now I'm convinced that that's the only way lol \n
Thanks for the help!
"""
+lang: "en"
+favouriteCount: 2
+score: 0
+lastActive: DateTime @1698958797 {#1566
date: 2023-11-02 21:59:57.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@Oisteink@feddit.nl"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1680 …}
+nested: Doctrine\ORM\PersistentCollection {#1686 …}
+votes: Doctrine\ORM\PersistentCollection {#1692 …}
+reports: Doctrine\ORM\PersistentCollection {#1705 …}
+favourites: Doctrine\ORM\PersistentCollection {#1616 …}
+notifications: Doctrine\ORM\PersistentCollection {#1598 …}
-id: 620
-bodyTs: "'convinc':33 'everyth':20 'help':44 'honest':10 'lazy':17 'lol':40 'm':32 'oisteink@feddit.nl':1 'problem':15 'publish':26 'question':28 'real':14 'reconfigur':19 'right':6 'seem':4 'thank':41 'thing':7 'way':39 'yep':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342963738833873"
+editedAt: null
+createdAt: DateTimeImmutable @1698958797 {#1564
date: 2023-11-02 21:59:57.0 +01:00
}
} |
|
Show voter details
|
| 28 |
DENIED
|
moderate
|
App\Entity\PostComment {#1701
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464
+user: App\Entity\User {#264 …}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+image: null
+slug: "Run-command-as-not-root-Hi-everyone-At-work-I-have"
+body: """
Run command as not-root\n
\n
Hi everyone\n
\n
At work, I have to run a command in an AWS instance. In that particular instance only exists the root user. The command should not be executed with root privileges (it executes mpirun, which is not recommended to run as sudo or the machine might break), so I was wondering if there is a way to block or disable the sudo privileges while the command is running. As mentioned, the only user existing there is root, so I suppose "sudo -u" is not an option.\n
\n
Does anyone know how to do it? Thanks in advance!\n
\n
@linux@lemmy.ml
"""
+lang: "en"
+commentCount: 30
+favouriteCount: 36
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1699069034 {#2916
date: 2023-11-04 04:37:14.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
]
+comments: Doctrine\ORM\PersistentCollection {#2917 …}
+votes: Doctrine\ORM\PersistentCollection {#2926 …}
+reports: Doctrine\ORM\PersistentCollection {#2928 …}
+favourites: Doctrine\ORM\PersistentCollection {#2960 …}
+notifications: Doctrine\ORM\PersistentCollection {#2956 …}
+children: [
App\Entity\PostComment {#1422
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1690 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1698 …}
+image: null
+body: """
@elscallr@lemmy.world I agree about the instance configuration, fixing that is the real solution \n
My question was not about running something as another user, but about hiding the superadmin privileges from a single command I'd execute without switching users. However it is clear that something like that doesn't exist so I'll do the right thing and set everything to work with a new user
"""
+lang: "en"
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1699022526 {#1785
date: 2023-11-03 15:42:06.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@astray@lemm.ee"
"@elscallr@lemmy.world"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1709 …}
+nested: Doctrine\ORM\PersistentCollection {#1458 …}
+votes: Doctrine\ORM\PersistentCollection {#1428 …}
+reports: Doctrine\ORM\PersistentCollection {#1765 …}
+favourites: Doctrine\ORM\PersistentCollection {#1584 …}
+notifications: Doctrine\ORM\PersistentCollection {#1583 …}
-id: 635
-bodyTs: "'agre':3 'anoth':22 'clear':43 'command':33 'configur':7 'd':35 'doesn':48 'elscallr@lemmy.world':1 'everyth':60 'execut':36 'exist':50 'fix':8 'hide':26 'howev':40 'instanc':6 'like':46 'll':53 'new':65 'privileg':29 'question':15 'real':12 'right':56 'run':19 'set':59 'singl':32 'solut':13 'someth':20,45 'superadmin':28 'switch':38 'thing':57 'user':23,39,66 'without':37 'work':62"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111347140288436938"
+editedAt: null
+createdAt: DateTimeImmutable @1699022526 {#1413
date: 2023-11-03 15:42:06.0 +01:00
}
}
App\Entity\PostComment {#1549
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1576 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1586 …}
+image: null
+body: "@ursakhiin@beehaw.org honestly, I didn't even know an aws instance could be a docker image. Everything I did was creating the instance normally so I assumed it was just a regular vm. But already double checked and it is not a docker image, so no problem there 🙂"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1699021862 {#1447
date: 2023-11-03 15:31:02.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@ursakhiin@beehaw.org"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1573 …}
+nested: Doctrine\ORM\PersistentCollection {#1568 …}
+votes: Doctrine\ORM\PersistentCollection {#1528 …}
+reports: Doctrine\ORM\PersistentCollection {#1561 …}
+favourites: Doctrine\ORM\PersistentCollection {#1567 …}
+notifications: Doctrine\ORM\PersistentCollection {#1559 …}
-id: 633
-bodyTs: "'alreadi':34 'assum':26 'aw':9 'check':36 'could':11 'creat':20 'didn':4 'docker':14,42 'doubl':35 'even':6 'everyth':16 'honest':2 'imag':15,43 'instanc':10,22 'know':7 'normal':23 'problem':46 'regular':31 'ursakhiin@beehaw.org':1 'vm':32"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111347096751430470"
+editedAt: null
+createdAt: DateTimeImmutable @1699021862 {#1423
date: 2023-11-03 15:31:02.0 +01:00
}
}
App\Entity\PostComment {#1563
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1586 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1586 …}
+image: null
+body: "@ursakhiin@beehaw.org honestly, didn't consider it. Just checked and the "docker" command doesn't even exist so I assume that is not the case. Do you know if the is any other way I can be certain?"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1698980683 {#1551
date: 2023-11-03 04:04:43.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@ursakhiin@beehaw.org"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1562 …}
+nested: Doctrine\ORM\PersistentCollection {#1554 …}
+votes: Doctrine\ORM\PersistentCollection {#1556 …}
+reports: Doctrine\ORM\PersistentCollection {#1555 …}
+favourites: Doctrine\ORM\PersistentCollection {#1620 …}
+notifications: Doctrine\ORM\PersistentCollection {#1604 …}
-id: 629
-bodyTs: "'assum':19 'case':24 'certain':37 'check':8 'command':12 'consid':5 'didn':3 'docker':11 'doesn':13 'even':15 'exist':16 'honest':2 'know':27 'ursakhiin@beehaw.org':1 'way':33"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111344398050955313"
+editedAt: null
+createdAt: DateTimeImmutable @1698980683 {#1427
date: 2023-11-03 04:04:43.0 +01:00
}
}
App\Entity\PostComment {#1701}
App\Entity\PostComment {#1626
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1599 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1599 …}
+image: null
+body: """
@astraeus@programming.dev yep, completely agree on the security issues, that is a mistake that should be fixed. But for the moment I confirmed that root is the only user, and every file and program in the instance can only be used by root (I just created a new user and tried to run the command with su -c but got a lot of permission denials and command not found) \n
If I could hide or disable my own sudo permissions that would save me a lot of work, but I'm starting to think that something like that doesn't exist 🙁
"""
+lang: "en"
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1698954643 {#1702
date: 2023-11-02 20:50:43.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@astraeus@programming.dev"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1618 …}
+nested: Doctrine\ORM\PersistentCollection {#1597 …}
+votes: Doctrine\ORM\PersistentCollection {#1731 …}
+reports: Doctrine\ORM\PersistentCollection {#1723 …}
+favourites: Doctrine\ORM\PersistentCollection {#1721 …}
+notifications: Doctrine\ORM\PersistentCollection {#1728 …}
-id: 616
-bodyTs: "'agre':4 'astraeus@programming.dev':1 'c':57 'command':54,66 'complet':3 'confirm':22 'could':71 'creat':45 'denial':64 'disabl':74 'doesn':97 'everi':30 'exist':99 'file':31 'fix':16 'found':68 'got':59 'hide':72 'instanc':36 'issu':8 'like':95 'lot':61,84 'm':89 'mistak':12 'moment':20 'new':47 'permiss':63,78 'program':33 'root':24,42 'run':52 'save':81 'secur':7 'someth':94 'start':90 'su':56 'sudo':77 'think':92 'tri':50 'use':40 'user':28,48 'work':86 'would':80 'yep':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342691529612536"
+editedAt: null
+createdAt: DateTimeImmutable @1698954643 {#1619
date: 2023-11-02 20:50:43.0 +01:00
}
}
App\Entity\PostComment {#1734
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1732 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1687
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: null
+root: null
+image: null
+body: """
Forgot to mention that creating a new user brings a lot of problems because of how that machine is configured and all the tools that would need to be added the new user's permission. In theory it would eventually work after some time working on it, but I'd like to know if there's a way to do it without creating users (or if it's impossible, so I can just go on with that only option) \n
@linux@lemmy.ml
"""
+lang: "en"
+favouriteCount: 4
+score: 0
+lastActive: DateTime @1698951882 {#1741
date: 2023-11-02 20:04:42.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#2457 …}
+nested: Doctrine\ORM\PersistentCollection {#2455 …}
+votes: Doctrine\ORM\PersistentCollection {#2468 …}
+reports: Doctrine\ORM\PersistentCollection {#2469 …}
+favourites: Doctrine\ORM\PersistentCollection {#2471 …}
+notifications: Doctrine\ORM\PersistentCollection {#2363 …}
-id: 608
-bodyTs: "'ad':30 'bring':9 'configur':20 'creat':5,63 'd':50 'eventu':40 'forgot':1 'go':74 'imposs':69 'know':53 'like':51 'linux@lemmy.ml':80 'lot':11 'machin':18 'mention':3 'need':27 'new':7,32 'option':79 'permiss':35 'problem':13 'theori':37 'time':44 'tool':24 'user':8,33,64 'way':58 'without':62 'work':41,45 'would':26,39"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342510555544223"
+editedAt: null
+createdAt: DateTimeImmutable @1698951882 {#1739
date: 2023-11-02 20:04:42.0 +01:00
}
+__isInitialized__: true
…2
}
+image: null
+body: "@Oisteink@feddit.nl in another comment (<https://social.vivaldi.net/users/nirogu/statuses/111342629815373353>) I explained why I'd prefer not to create another user, as it would require a lot of work to configure everything again for that command to work (it's a big process). I was thinking of hiding my sudo permissions from the program or something like that, if possible, because many things in the instance are only configured to be used with the root user, even if they don't require sudo. Anyway, I'm seeing that it might not be possible so creating a new user could be the only option 🙁"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1698954358 {#1628
date: 2023-11-02 20:45:58.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@Oisteink@feddit.nl"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1727 …}
+nested: Doctrine\ORM\PersistentCollection {#1733 …}
+votes: Doctrine\ORM\PersistentCollection {#1724 …}
+reports: Doctrine\ORM\PersistentCollection {#1715 …}
+favourites: Doctrine\ORM\PersistentCollection {#1718 …}
+notifications: Doctrine\ORM\PersistentCollection {#1716 …}
-id: 612
-bodyTs: "'/users/nirogu/statuses/111342629815373353':7 'anoth':3,17 'anyway':81 'big':39 'command':33 'comment':4 'configur':28,66 'could':96 'creat':16,92 'd':12 'even':74 'everyth':29 'explain':9 'hide':45 'instanc':63 'like':54 'lot':24 'm':83 'mani':59 'might':87 'new':94 'oisteink@feddit.nl':1 'option':100 'permiss':48 'possibl':57,90 'prefer':13 'process':40 'program':51 'requir':22,79 'root':72 'see':84 'social.vivaldi.net':6 'social.vivaldi.net/users/nirogu/statuses/111342629815373353':5 'someth':53 'sudo':47,80 'thing':60 'think':43 'use':69 'user':18,73,95 'work':26,35 'would':21"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342672818386955"
+editedAt: null
+createdAt: DateTimeImmutable @1698954358 {#1629
date: 2023-11-02 20:45:58.0 +01:00
}
}
App\Entity\PostComment {#1740
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1707 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1687 …2}
+image: null
+body: "@Rustmilian@lemmy.world yeah, already tried it. The problem is that all of the apps in the instance are only installed for the root user (e.g. python and all it's libraries. So, when I use su -c all I get is a lot of command not found messages that would take a lot to solve. Besides I expect a lot more problems when the command needs access to some files and some processes (like a sql database) that would require me to do a lot of stuff to grant permissions to the new user. That would eventually work but given the work it requires I thought that some kind of "anti sudo" command or something like that could exist so I can still be the root user but pretend I am not a superadmin"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1698953702 {#1737
date: 2023-11-02 20:35:02.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@Rustmilian@lemmy.world"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#2465 …}
+nested: Doctrine\ORM\PersistentCollection {#2463 …}
+votes: Doctrine\ORM\PersistentCollection {#2411 …}
+reports: Doctrine\ORM\PersistentCollection {#2422 …}
+favourites: Doctrine\ORM\PersistentCollection {#2458 …}
+notifications: Doctrine\ORM\PersistentCollection {#2456 …}
-id: 618
-bodyTs: "'access':66 'alreadi':3 'anti':110 'app':13 'besid':55 'c':36 'command':44,64,112 'could':117 'databas':76 'e.g':24 'eventu':96 'exist':118 'expect':57 'file':69 'found':46 'get':39 'given':99 'grant':88 'instal':19 'instanc':16 'kind':108 'librari':30 'like':73,115 'lot':42,52,59,84 'messag':47 'need':65 'new':92 'permiss':89 'pretend':128 'problem':7,61 'process':72 'python':25 'requir':79,103 'root':22,125 'rustmilian@lemmy.world':1 'solv':54 'someth':114 'sql':75 'still':122 'stuff':86 'su':35 'sudo':111 'superadmin':133 'take':50 'thought':105 'tri':4 'use':34 'user':23,93,126 'work':97,101 'would':49,78,95 'yeah':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342629815373353"
+editedAt: null
+createdAt: DateTimeImmutable @1698953702 {#1730
date: 2023-11-02 20:35:02.0 +01:00
}
}
Proxies\__CG__\App\Entity\PostComment {#1687 …2}
App\Entity\PostComment {#2359
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1698 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1698 …}
+image: null
+body: "@astray@lemm.ee yeah, that could be an option, but if more users exist in that machine then other processes might fail as that instance is part of a bigger cluster that has several processes running. It might not be a big deal, but checking that may still need some work. I'd prefer a way to do it without creating new users, if it exists"
+lang: "en"
+favouriteCount: 5
+score: 0
+lastActive: DateTime @1698951415 {#2452
date: 2023-11-02 19:56:55.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@astray@lemm.ee"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#2361 …}
+nested: Doctrine\ORM\PersistentCollection {#2372 …}
+votes: Doctrine\ORM\PersistentCollection {#2386 …}
+reports: Doctrine\ORM\PersistentCollection {#2385 …}
+favourites: Doctrine\ORM\PersistentCollection {#2378 …}
+notifications: Doctrine\ORM\PersistentCollection {#2381 …}
-id: 623
-bodyTs: "'astray@lemm.ee':1 'big':40 'bigger':28 'check':43 'cluster':29 'could':4 'creat':59 'd':51 'deal':41 'exist':12,64 'fail':20 'instanc':23 'machin':15 'may':45 'might':19,36 'need':47 'new':60 'option':7 'part':25 'prefer':52 'process':18,33 'run':34 'sever':32 'still':46 'user':11,61 'way':54 'without':58 'work':49 'yeah':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342479953246218"
+editedAt: null
+createdAt: DateTimeImmutable @1698951415 {#2453
date: 2023-11-02 19:56:55.0 +01:00
}
}
]
-id: 286
-bodyTs: "'advanc':103 'anyon':95 'aw':19 'block':65 'break':54 'command':2,16,31,73 'disabl':67 'everyon':8 'execut':35,40 'exist':26,81 'hi':7 'instanc':20,24 'know':96 'linux@lemmy.ml':104 'machin':52 'mention':77 'might':53 'mpirun':41 'not-root':4 'option':93 'particular':23 'privileg':38,70 'recommend':45 'root':6,28,37,84 'run':1,14,47,75 'sudo':49,69,88 'suppos':87 'thank':101 'u':89 'user':29,80 'way':63 'wonder':58 'work':10"
+upVotes: 0
+downVotes: 0
+ranking: 1699037071
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342431186356628"
+editedAt: null
+createdAt: DateTimeImmutable @1698950671 {#2915
date: 2023-11-02 19:44:31.0 +01:00
}
+__isInitialized__: true
…2
}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1683 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1687 …2}
+image: null
+body: """
@Oisteink@feddit.nl yep, that seems the right thing to do. Honestly, most of the real problem was lazyness to reconfigure everything, and that's why I published the question. But now I'm convinced that that's the only way lol \n
Thanks for the help!
"""
+lang: "en"
+favouriteCount: 2
+score: 0
+lastActive: DateTime @1698958797 {#1566
date: 2023-11-02 21:59:57.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@Oisteink@feddit.nl"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1680 …}
+nested: Doctrine\ORM\PersistentCollection {#1686 …}
+votes: Doctrine\ORM\PersistentCollection {#1692 …}
+reports: Doctrine\ORM\PersistentCollection {#1705 …}
+favourites: Doctrine\ORM\PersistentCollection {#1616 …}
+notifications: Doctrine\ORM\PersistentCollection {#1598 …}
-id: 620
-bodyTs: "'convinc':33 'everyth':20 'help':44 'honest':10 'lazy':17 'lol':40 'm':32 'oisteink@feddit.nl':1 'problem':15 'publish':26 'question':28 'real':14 'reconfigur':19 'right':6 'seem':4 'thank':41 'thing':7 'way':39 'yep':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342963738833873"
+editedAt: null
+createdAt: DateTimeImmutable @1698958797 {#1564
date: 2023-11-02 21:59:57.0 +01:00
}
} |
|
Show voter details
|
| 29 |
DENIED
|
ROLE_USER
|
null |
|
Show voter details
|
| 30 |
DENIED
|
moderate
|
App\Entity\PostComment {#1563
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464
+user: App\Entity\User {#264 …}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+image: null
+slug: "Run-command-as-not-root-Hi-everyone-At-work-I-have"
+body: """
Run command as not-root\n
\n
Hi everyone\n
\n
At work, I have to run a command in an AWS instance. In that particular instance only exists the root user. The command should not be executed with root privileges (it executes mpirun, which is not recommended to run as sudo or the machine might break), so I was wondering if there is a way to block or disable the sudo privileges while the command is running. As mentioned, the only user existing there is root, so I suppose "sudo -u" is not an option.\n
\n
Does anyone know how to do it? Thanks in advance!\n
\n
@linux@lemmy.ml
"""
+lang: "en"
+commentCount: 30
+favouriteCount: 36
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1699069034 {#2916
date: 2023-11-04 04:37:14.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
]
+comments: Doctrine\ORM\PersistentCollection {#2917 …}
+votes: Doctrine\ORM\PersistentCollection {#2926 …}
+reports: Doctrine\ORM\PersistentCollection {#2928 …}
+favourites: Doctrine\ORM\PersistentCollection {#2960 …}
+notifications: Doctrine\ORM\PersistentCollection {#2956 …}
+children: [
App\Entity\PostComment {#1422
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1690 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1698 …}
+image: null
+body: """
@elscallr@lemmy.world I agree about the instance configuration, fixing that is the real solution \n
My question was not about running something as another user, but about hiding the superadmin privileges from a single command I'd execute without switching users. However it is clear that something like that doesn't exist so I'll do the right thing and set everything to work with a new user
"""
+lang: "en"
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1699022526 {#1785
date: 2023-11-03 15:42:06.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@astray@lemm.ee"
"@elscallr@lemmy.world"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1709 …}
+nested: Doctrine\ORM\PersistentCollection {#1458 …}
+votes: Doctrine\ORM\PersistentCollection {#1428 …}
+reports: Doctrine\ORM\PersistentCollection {#1765 …}
+favourites: Doctrine\ORM\PersistentCollection {#1584 …}
+notifications: Doctrine\ORM\PersistentCollection {#1583 …}
-id: 635
-bodyTs: "'agre':3 'anoth':22 'clear':43 'command':33 'configur':7 'd':35 'doesn':48 'elscallr@lemmy.world':1 'everyth':60 'execut':36 'exist':50 'fix':8 'hide':26 'howev':40 'instanc':6 'like':46 'll':53 'new':65 'privileg':29 'question':15 'real':12 'right':56 'run':19 'set':59 'singl':32 'solut':13 'someth':20,45 'superadmin':28 'switch':38 'thing':57 'user':23,39,66 'without':37 'work':62"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111347140288436938"
+editedAt: null
+createdAt: DateTimeImmutable @1699022526 {#1413
date: 2023-11-03 15:42:06.0 +01:00
}
}
App\Entity\PostComment {#1549
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1576 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1586 …}
+image: null
+body: "@ursakhiin@beehaw.org honestly, I didn't even know an aws instance could be a docker image. Everything I did was creating the instance normally so I assumed it was just a regular vm. But already double checked and it is not a docker image, so no problem there 🙂"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1699021862 {#1447
date: 2023-11-03 15:31:02.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@ursakhiin@beehaw.org"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1573 …}
+nested: Doctrine\ORM\PersistentCollection {#1568 …}
+votes: Doctrine\ORM\PersistentCollection {#1528 …}
+reports: Doctrine\ORM\PersistentCollection {#1561 …}
+favourites: Doctrine\ORM\PersistentCollection {#1567 …}
+notifications: Doctrine\ORM\PersistentCollection {#1559 …}
-id: 633
-bodyTs: "'alreadi':34 'assum':26 'aw':9 'check':36 'could':11 'creat':20 'didn':4 'docker':14,42 'doubl':35 'even':6 'everyth':16 'honest':2 'imag':15,43 'instanc':10,22 'know':7 'normal':23 'problem':46 'regular':31 'ursakhiin@beehaw.org':1 'vm':32"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111347096751430470"
+editedAt: null
+createdAt: DateTimeImmutable @1699021862 {#1423
date: 2023-11-03 15:31:02.0 +01:00
}
}
App\Entity\PostComment {#1563}
App\Entity\PostComment {#1701
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1683 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1687
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: null
+root: null
+image: null
+body: """
Forgot to mention that creating a new user brings a lot of problems because of how that machine is configured and all the tools that would need to be added the new user's permission. In theory it would eventually work after some time working on it, but I'd like to know if there's a way to do it without creating users (or if it's impossible, so I can just go on with that only option) \n
@linux@lemmy.ml
"""
+lang: "en"
+favouriteCount: 4
+score: 0
+lastActive: DateTime @1698951882 {#1741
date: 2023-11-02 20:04:42.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#2457 …}
+nested: Doctrine\ORM\PersistentCollection {#2455 …}
+votes: Doctrine\ORM\PersistentCollection {#2468 …}
+reports: Doctrine\ORM\PersistentCollection {#2469 …}
+favourites: Doctrine\ORM\PersistentCollection {#2471 …}
+notifications: Doctrine\ORM\PersistentCollection {#2363 …}
-id: 608
-bodyTs: "'ad':30 'bring':9 'configur':20 'creat':5,63 'd':50 'eventu':40 'forgot':1 'go':74 'imposs':69 'know':53 'like':51 'linux@lemmy.ml':80 'lot':11 'machin':18 'mention':3 'need':27 'new':7,32 'option':79 'permiss':35 'problem':13 'theori':37 'time':44 'tool':24 'user':8,33,64 'way':58 'without':62 'work':41,45 'would':26,39"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342510555544223"
+editedAt: null
+createdAt: DateTimeImmutable @1698951882 {#1739
date: 2023-11-02 20:04:42.0 +01:00
}
+__isInitialized__: true
…2
}
+image: null
+body: """
@Oisteink@feddit.nl yep, that seems the right thing to do. Honestly, most of the real problem was lazyness to reconfigure everything, and that's why I published the question. But now I'm convinced that that's the only way lol \n
Thanks for the help!
"""
+lang: "en"
+favouriteCount: 2
+score: 0
+lastActive: DateTime @1698958797 {#1566
date: 2023-11-02 21:59:57.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@Oisteink@feddit.nl"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1680 …}
+nested: Doctrine\ORM\PersistentCollection {#1686 …}
+votes: Doctrine\ORM\PersistentCollection {#1692 …}
+reports: Doctrine\ORM\PersistentCollection {#1705 …}
+favourites: Doctrine\ORM\PersistentCollection {#1616 …}
+notifications: Doctrine\ORM\PersistentCollection {#1598 …}
-id: 620
-bodyTs: "'convinc':33 'everyth':20 'help':44 'honest':10 'lazy':17 'lol':40 'm':32 'oisteink@feddit.nl':1 'problem':15 'publish':26 'question':28 'real':14 'reconfigur':19 'right':6 'seem':4 'thank':41 'thing':7 'way':39 'yep':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342963738833873"
+editedAt: null
+createdAt: DateTimeImmutable @1698958797 {#1564
date: 2023-11-02 21:59:57.0 +01:00
}
}
App\Entity\PostComment {#1626
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1599 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1599 …}
+image: null
+body: """
@astraeus@programming.dev yep, completely agree on the security issues, that is a mistake that should be fixed. But for the moment I confirmed that root is the only user, and every file and program in the instance can only be used by root (I just created a new user and tried to run the command with su -c but got a lot of permission denials and command not found) \n
If I could hide or disable my own sudo permissions that would save me a lot of work, but I'm starting to think that something like that doesn't exist 🙁
"""
+lang: "en"
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1698954643 {#1702
date: 2023-11-02 20:50:43.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@astraeus@programming.dev"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1618 …}
+nested: Doctrine\ORM\PersistentCollection {#1597 …}
+votes: Doctrine\ORM\PersistentCollection {#1731 …}
+reports: Doctrine\ORM\PersistentCollection {#1723 …}
+favourites: Doctrine\ORM\PersistentCollection {#1721 …}
+notifications: Doctrine\ORM\PersistentCollection {#1728 …}
-id: 616
-bodyTs: "'agre':4 'astraeus@programming.dev':1 'c':57 'command':54,66 'complet':3 'confirm':22 'could':71 'creat':45 'denial':64 'disabl':74 'doesn':97 'everi':30 'exist':99 'file':31 'fix':16 'found':68 'got':59 'hide':72 'instanc':36 'issu':8 'like':95 'lot':61,84 'm':89 'mistak':12 'moment':20 'new':47 'permiss':63,78 'program':33 'root':24,42 'run':52 'save':81 'secur':7 'someth':94 'start':90 'su':56 'sudo':77 'think':92 'tri':50 'use':40 'user':28,48 'work':86 'would':80 'yep':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342691529612536"
+editedAt: null
+createdAt: DateTimeImmutable @1698954643 {#1619
date: 2023-11-02 20:50:43.0 +01:00
}
}
App\Entity\PostComment {#1734
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1732 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1687 …2}
+image: null
+body: "@Oisteink@feddit.nl in another comment (<https://social.vivaldi.net/users/nirogu/statuses/111342629815373353>) I explained why I'd prefer not to create another user, as it would require a lot of work to configure everything again for that command to work (it's a big process). I was thinking of hiding my sudo permissions from the program or something like that, if possible, because many things in the instance are only configured to be used with the root user, even if they don't require sudo. Anyway, I'm seeing that it might not be possible so creating a new user could be the only option 🙁"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1698954358 {#1628
date: 2023-11-02 20:45:58.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@Oisteink@feddit.nl"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1727 …}
+nested: Doctrine\ORM\PersistentCollection {#1733 …}
+votes: Doctrine\ORM\PersistentCollection {#1724 …}
+reports: Doctrine\ORM\PersistentCollection {#1715 …}
+favourites: Doctrine\ORM\PersistentCollection {#1718 …}
+notifications: Doctrine\ORM\PersistentCollection {#1716 …}
-id: 612
-bodyTs: "'/users/nirogu/statuses/111342629815373353':7 'anoth':3,17 'anyway':81 'big':39 'command':33 'comment':4 'configur':28,66 'could':96 'creat':16,92 'd':12 'even':74 'everyth':29 'explain':9 'hide':45 'instanc':63 'like':54 'lot':24 'm':83 'mani':59 'might':87 'new':94 'oisteink@feddit.nl':1 'option':100 'permiss':48 'possibl':57,90 'prefer':13 'process':40 'program':51 'requir':22,79 'root':72 'see':84 'social.vivaldi.net':6 'social.vivaldi.net/users/nirogu/statuses/111342629815373353':5 'someth':53 'sudo':47,80 'thing':60 'think':43 'use':69 'user':18,73,95 'work':26,35 'would':21"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342672818386955"
+editedAt: null
+createdAt: DateTimeImmutable @1698954358 {#1629
date: 2023-11-02 20:45:58.0 +01:00
}
}
App\Entity\PostComment {#1740
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1707 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1687 …2}
+image: null
+body: "@Rustmilian@lemmy.world yeah, already tried it. The problem is that all of the apps in the instance are only installed for the root user (e.g. python and all it's libraries. So, when I use su -c all I get is a lot of command not found messages that would take a lot to solve. Besides I expect a lot more problems when the command needs access to some files and some processes (like a sql database) that would require me to do a lot of stuff to grant permissions to the new user. That would eventually work but given the work it requires I thought that some kind of "anti sudo" command or something like that could exist so I can still be the root user but pretend I am not a superadmin"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1698953702 {#1737
date: 2023-11-02 20:35:02.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@Rustmilian@lemmy.world"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#2465 …}
+nested: Doctrine\ORM\PersistentCollection {#2463 …}
+votes: Doctrine\ORM\PersistentCollection {#2411 …}
+reports: Doctrine\ORM\PersistentCollection {#2422 …}
+favourites: Doctrine\ORM\PersistentCollection {#2458 …}
+notifications: Doctrine\ORM\PersistentCollection {#2456 …}
-id: 618
-bodyTs: "'access':66 'alreadi':3 'anti':110 'app':13 'besid':55 'c':36 'command':44,64,112 'could':117 'databas':76 'e.g':24 'eventu':96 'exist':118 'expect':57 'file':69 'found':46 'get':39 'given':99 'grant':88 'instal':19 'instanc':16 'kind':108 'librari':30 'like':73,115 'lot':42,52,59,84 'messag':47 'need':65 'new':92 'permiss':89 'pretend':128 'problem':7,61 'process':72 'python':25 'requir':79,103 'root':22,125 'rustmilian@lemmy.world':1 'solv':54 'someth':114 'sql':75 'still':122 'stuff':86 'su':35 'sudo':111 'superadmin':133 'take':50 'thought':105 'tri':4 'use':34 'user':23,93,126 'work':97,101 'would':49,78,95 'yeah':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342629815373353"
+editedAt: null
+createdAt: DateTimeImmutable @1698953702 {#1730
date: 2023-11-02 20:35:02.0 +01:00
}
}
Proxies\__CG__\App\Entity\PostComment {#1687 …2}
App\Entity\PostComment {#2359
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1698 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1698 …}
+image: null
+body: "@astray@lemm.ee yeah, that could be an option, but if more users exist in that machine then other processes might fail as that instance is part of a bigger cluster that has several processes running. It might not be a big deal, but checking that may still need some work. I'd prefer a way to do it without creating new users, if it exists"
+lang: "en"
+favouriteCount: 5
+score: 0
+lastActive: DateTime @1698951415 {#2452
date: 2023-11-02 19:56:55.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@astray@lemm.ee"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#2361 …}
+nested: Doctrine\ORM\PersistentCollection {#2372 …}
+votes: Doctrine\ORM\PersistentCollection {#2386 …}
+reports: Doctrine\ORM\PersistentCollection {#2385 …}
+favourites: Doctrine\ORM\PersistentCollection {#2378 …}
+notifications: Doctrine\ORM\PersistentCollection {#2381 …}
-id: 623
-bodyTs: "'astray@lemm.ee':1 'big':40 'bigger':28 'check':43 'cluster':29 'could':4 'creat':59 'd':51 'deal':41 'exist':12,64 'fail':20 'instanc':23 'machin':15 'may':45 'might':19,36 'need':47 'new':60 'option':7 'part':25 'prefer':52 'process':18,33 'run':34 'sever':32 'still':46 'user':11,61 'way':54 'without':58 'work':49 'yeah':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342479953246218"
+editedAt: null
+createdAt: DateTimeImmutable @1698951415 {#2453
date: 2023-11-02 19:56:55.0 +01:00
}
}
]
-id: 286
-bodyTs: "'advanc':103 'anyon':95 'aw':19 'block':65 'break':54 'command':2,16,31,73 'disabl':67 'everyon':8 'execut':35,40 'exist':26,81 'hi':7 'instanc':20,24 'know':96 'linux@lemmy.ml':104 'machin':52 'mention':77 'might':53 'mpirun':41 'not-root':4 'option':93 'particular':23 'privileg':38,70 'recommend':45 'root':6,28,37,84 'run':1,14,47,75 'sudo':49,69,88 'suppos':87 'thank':101 'u':89 'user':29,80 'way':63 'wonder':58 'work':10"
+upVotes: 0
+downVotes: 0
+ranking: 1699037071
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342431186356628"
+editedAt: null
+createdAt: DateTimeImmutable @1698950671 {#2915
date: 2023-11-02 19:44:31.0 +01:00
}
+__isInitialized__: true
…2
}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1586 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1586 …}
+image: null
+body: "@ursakhiin@beehaw.org honestly, didn't consider it. Just checked and the "docker" command doesn't even exist so I assume that is not the case. Do you know if the is any other way I can be certain?"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1698980683 {#1551
date: 2023-11-03 04:04:43.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@ursakhiin@beehaw.org"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1562 …}
+nested: Doctrine\ORM\PersistentCollection {#1554 …}
+votes: Doctrine\ORM\PersistentCollection {#1556 …}
+reports: Doctrine\ORM\PersistentCollection {#1555 …}
+favourites: Doctrine\ORM\PersistentCollection {#1620 …}
+notifications: Doctrine\ORM\PersistentCollection {#1604 …}
-id: 629
-bodyTs: "'assum':19 'case':24 'certain':37 'check':8 'command':12 'consid':5 'didn':3 'docker':11 'doesn':13 'even':15 'exist':16 'honest':2 'know':27 'ursakhiin@beehaw.org':1 'way':33"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111344398050955313"
+editedAt: null
+createdAt: DateTimeImmutable @1698980683 {#1427
date: 2023-11-03 04:04:43.0 +01:00
}
} |
|
Show voter details
|
| 31 |
DENIED
|
edit
|
App\Entity\PostComment {#1563
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464
+user: App\Entity\User {#264 …}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+image: null
+slug: "Run-command-as-not-root-Hi-everyone-At-work-I-have"
+body: """
Run command as not-root\n
\n
Hi everyone\n
\n
At work, I have to run a command in an AWS instance. In that particular instance only exists the root user. The command should not be executed with root privileges (it executes mpirun, which is not recommended to run as sudo or the machine might break), so I was wondering if there is a way to block or disable the sudo privileges while the command is running. As mentioned, the only user existing there is root, so I suppose "sudo -u" is not an option.\n
\n
Does anyone know how to do it? Thanks in advance!\n
\n
@linux@lemmy.ml
"""
+lang: "en"
+commentCount: 30
+favouriteCount: 36
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1699069034 {#2916
date: 2023-11-04 04:37:14.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
]
+comments: Doctrine\ORM\PersistentCollection {#2917 …}
+votes: Doctrine\ORM\PersistentCollection {#2926 …}
+reports: Doctrine\ORM\PersistentCollection {#2928 …}
+favourites: Doctrine\ORM\PersistentCollection {#2960 …}
+notifications: Doctrine\ORM\PersistentCollection {#2956 …}
+children: [
App\Entity\PostComment {#1422
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1690 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1698 …}
+image: null
+body: """
@elscallr@lemmy.world I agree about the instance configuration, fixing that is the real solution \n
My question was not about running something as another user, but about hiding the superadmin privileges from a single command I'd execute without switching users. However it is clear that something like that doesn't exist so I'll do the right thing and set everything to work with a new user
"""
+lang: "en"
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1699022526 {#1785
date: 2023-11-03 15:42:06.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@astray@lemm.ee"
"@elscallr@lemmy.world"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1709 …}
+nested: Doctrine\ORM\PersistentCollection {#1458 …}
+votes: Doctrine\ORM\PersistentCollection {#1428 …}
+reports: Doctrine\ORM\PersistentCollection {#1765 …}
+favourites: Doctrine\ORM\PersistentCollection {#1584 …}
+notifications: Doctrine\ORM\PersistentCollection {#1583 …}
-id: 635
-bodyTs: "'agre':3 'anoth':22 'clear':43 'command':33 'configur':7 'd':35 'doesn':48 'elscallr@lemmy.world':1 'everyth':60 'execut':36 'exist':50 'fix':8 'hide':26 'howev':40 'instanc':6 'like':46 'll':53 'new':65 'privileg':29 'question':15 'real':12 'right':56 'run':19 'set':59 'singl':32 'solut':13 'someth':20,45 'superadmin':28 'switch':38 'thing':57 'user':23,39,66 'without':37 'work':62"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111347140288436938"
+editedAt: null
+createdAt: DateTimeImmutable @1699022526 {#1413
date: 2023-11-03 15:42:06.0 +01:00
}
}
App\Entity\PostComment {#1549
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1576 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1586 …}
+image: null
+body: "@ursakhiin@beehaw.org honestly, I didn't even know an aws instance could be a docker image. Everything I did was creating the instance normally so I assumed it was just a regular vm. But already double checked and it is not a docker image, so no problem there 🙂"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1699021862 {#1447
date: 2023-11-03 15:31:02.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@ursakhiin@beehaw.org"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1573 …}
+nested: Doctrine\ORM\PersistentCollection {#1568 …}
+votes: Doctrine\ORM\PersistentCollection {#1528 …}
+reports: Doctrine\ORM\PersistentCollection {#1561 …}
+favourites: Doctrine\ORM\PersistentCollection {#1567 …}
+notifications: Doctrine\ORM\PersistentCollection {#1559 …}
-id: 633
-bodyTs: "'alreadi':34 'assum':26 'aw':9 'check':36 'could':11 'creat':20 'didn':4 'docker':14,42 'doubl':35 'even':6 'everyth':16 'honest':2 'imag':15,43 'instanc':10,22 'know':7 'normal':23 'problem':46 'regular':31 'ursakhiin@beehaw.org':1 'vm':32"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111347096751430470"
+editedAt: null
+createdAt: DateTimeImmutable @1699021862 {#1423
date: 2023-11-03 15:31:02.0 +01:00
}
}
App\Entity\PostComment {#1563}
App\Entity\PostComment {#1701
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1683 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1687
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: null
+root: null
+image: null
+body: """
Forgot to mention that creating a new user brings a lot of problems because of how that machine is configured and all the tools that would need to be added the new user's permission. In theory it would eventually work after some time working on it, but I'd like to know if there's a way to do it without creating users (or if it's impossible, so I can just go on with that only option) \n
@linux@lemmy.ml
"""
+lang: "en"
+favouriteCount: 4
+score: 0
+lastActive: DateTime @1698951882 {#1741
date: 2023-11-02 20:04:42.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#2457 …}
+nested: Doctrine\ORM\PersistentCollection {#2455 …}
+votes: Doctrine\ORM\PersistentCollection {#2468 …}
+reports: Doctrine\ORM\PersistentCollection {#2469 …}
+favourites: Doctrine\ORM\PersistentCollection {#2471 …}
+notifications: Doctrine\ORM\PersistentCollection {#2363 …}
-id: 608
-bodyTs: "'ad':30 'bring':9 'configur':20 'creat':5,63 'd':50 'eventu':40 'forgot':1 'go':74 'imposs':69 'know':53 'like':51 'linux@lemmy.ml':80 'lot':11 'machin':18 'mention':3 'need':27 'new':7,32 'option':79 'permiss':35 'problem':13 'theori':37 'time':44 'tool':24 'user':8,33,64 'way':58 'without':62 'work':41,45 'would':26,39"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342510555544223"
+editedAt: null
+createdAt: DateTimeImmutable @1698951882 {#1739
date: 2023-11-02 20:04:42.0 +01:00
}
+__isInitialized__: true
…2
}
+image: null
+body: """
@Oisteink@feddit.nl yep, that seems the right thing to do. Honestly, most of the real problem was lazyness to reconfigure everything, and that's why I published the question. But now I'm convinced that that's the only way lol \n
Thanks for the help!
"""
+lang: "en"
+favouriteCount: 2
+score: 0
+lastActive: DateTime @1698958797 {#1566
date: 2023-11-02 21:59:57.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@Oisteink@feddit.nl"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1680 …}
+nested: Doctrine\ORM\PersistentCollection {#1686 …}
+votes: Doctrine\ORM\PersistentCollection {#1692 …}
+reports: Doctrine\ORM\PersistentCollection {#1705 …}
+favourites: Doctrine\ORM\PersistentCollection {#1616 …}
+notifications: Doctrine\ORM\PersistentCollection {#1598 …}
-id: 620
-bodyTs: "'convinc':33 'everyth':20 'help':44 'honest':10 'lazy':17 'lol':40 'm':32 'oisteink@feddit.nl':1 'problem':15 'publish':26 'question':28 'real':14 'reconfigur':19 'right':6 'seem':4 'thank':41 'thing':7 'way':39 'yep':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342963738833873"
+editedAt: null
+createdAt: DateTimeImmutable @1698958797 {#1564
date: 2023-11-02 21:59:57.0 +01:00
}
}
App\Entity\PostComment {#1626
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1599 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1599 …}
+image: null
+body: """
@astraeus@programming.dev yep, completely agree on the security issues, that is a mistake that should be fixed. But for the moment I confirmed that root is the only user, and every file and program in the instance can only be used by root (I just created a new user and tried to run the command with su -c but got a lot of permission denials and command not found) \n
If I could hide or disable my own sudo permissions that would save me a lot of work, but I'm starting to think that something like that doesn't exist 🙁
"""
+lang: "en"
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1698954643 {#1702
date: 2023-11-02 20:50:43.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@astraeus@programming.dev"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1618 …}
+nested: Doctrine\ORM\PersistentCollection {#1597 …}
+votes: Doctrine\ORM\PersistentCollection {#1731 …}
+reports: Doctrine\ORM\PersistentCollection {#1723 …}
+favourites: Doctrine\ORM\PersistentCollection {#1721 …}
+notifications: Doctrine\ORM\PersistentCollection {#1728 …}
-id: 616
-bodyTs: "'agre':4 'astraeus@programming.dev':1 'c':57 'command':54,66 'complet':3 'confirm':22 'could':71 'creat':45 'denial':64 'disabl':74 'doesn':97 'everi':30 'exist':99 'file':31 'fix':16 'found':68 'got':59 'hide':72 'instanc':36 'issu':8 'like':95 'lot':61,84 'm':89 'mistak':12 'moment':20 'new':47 'permiss':63,78 'program':33 'root':24,42 'run':52 'save':81 'secur':7 'someth':94 'start':90 'su':56 'sudo':77 'think':92 'tri':50 'use':40 'user':28,48 'work':86 'would':80 'yep':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342691529612536"
+editedAt: null
+createdAt: DateTimeImmutable @1698954643 {#1619
date: 2023-11-02 20:50:43.0 +01:00
}
}
App\Entity\PostComment {#1734
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1732 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1687 …2}
+image: null
+body: "@Oisteink@feddit.nl in another comment (<https://social.vivaldi.net/users/nirogu/statuses/111342629815373353>) I explained why I'd prefer not to create another user, as it would require a lot of work to configure everything again for that command to work (it's a big process). I was thinking of hiding my sudo permissions from the program or something like that, if possible, because many things in the instance are only configured to be used with the root user, even if they don't require sudo. Anyway, I'm seeing that it might not be possible so creating a new user could be the only option 🙁"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1698954358 {#1628
date: 2023-11-02 20:45:58.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@Oisteink@feddit.nl"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1727 …}
+nested: Doctrine\ORM\PersistentCollection {#1733 …}
+votes: Doctrine\ORM\PersistentCollection {#1724 …}
+reports: Doctrine\ORM\PersistentCollection {#1715 …}
+favourites: Doctrine\ORM\PersistentCollection {#1718 …}
+notifications: Doctrine\ORM\PersistentCollection {#1716 …}
-id: 612
-bodyTs: "'/users/nirogu/statuses/111342629815373353':7 'anoth':3,17 'anyway':81 'big':39 'command':33 'comment':4 'configur':28,66 'could':96 'creat':16,92 'd':12 'even':74 'everyth':29 'explain':9 'hide':45 'instanc':63 'like':54 'lot':24 'm':83 'mani':59 'might':87 'new':94 'oisteink@feddit.nl':1 'option':100 'permiss':48 'possibl':57,90 'prefer':13 'process':40 'program':51 'requir':22,79 'root':72 'see':84 'social.vivaldi.net':6 'social.vivaldi.net/users/nirogu/statuses/111342629815373353':5 'someth':53 'sudo':47,80 'thing':60 'think':43 'use':69 'user':18,73,95 'work':26,35 'would':21"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342672818386955"
+editedAt: null
+createdAt: DateTimeImmutable @1698954358 {#1629
date: 2023-11-02 20:45:58.0 +01:00
}
}
App\Entity\PostComment {#1740
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1707 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1687 …2}
+image: null
+body: "@Rustmilian@lemmy.world yeah, already tried it. The problem is that all of the apps in the instance are only installed for the root user (e.g. python and all it's libraries. So, when I use su -c all I get is a lot of command not found messages that would take a lot to solve. Besides I expect a lot more problems when the command needs access to some files and some processes (like a sql database) that would require me to do a lot of stuff to grant permissions to the new user. That would eventually work but given the work it requires I thought that some kind of "anti sudo" command or something like that could exist so I can still be the root user but pretend I am not a superadmin"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1698953702 {#1737
date: 2023-11-02 20:35:02.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@Rustmilian@lemmy.world"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#2465 …}
+nested: Doctrine\ORM\PersistentCollection {#2463 …}
+votes: Doctrine\ORM\PersistentCollection {#2411 …}
+reports: Doctrine\ORM\PersistentCollection {#2422 …}
+favourites: Doctrine\ORM\PersistentCollection {#2458 …}
+notifications: Doctrine\ORM\PersistentCollection {#2456 …}
-id: 618
-bodyTs: "'access':66 'alreadi':3 'anti':110 'app':13 'besid':55 'c':36 'command':44,64,112 'could':117 'databas':76 'e.g':24 'eventu':96 'exist':118 'expect':57 'file':69 'found':46 'get':39 'given':99 'grant':88 'instal':19 'instanc':16 'kind':108 'librari':30 'like':73,115 'lot':42,52,59,84 'messag':47 'need':65 'new':92 'permiss':89 'pretend':128 'problem':7,61 'process':72 'python':25 'requir':79,103 'root':22,125 'rustmilian@lemmy.world':1 'solv':54 'someth':114 'sql':75 'still':122 'stuff':86 'su':35 'sudo':111 'superadmin':133 'take':50 'thought':105 'tri':4 'use':34 'user':23,93,126 'work':97,101 'would':49,78,95 'yeah':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342629815373353"
+editedAt: null
+createdAt: DateTimeImmutable @1698953702 {#1730
date: 2023-11-02 20:35:02.0 +01:00
}
}
Proxies\__CG__\App\Entity\PostComment {#1687 …2}
App\Entity\PostComment {#2359
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1698 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1698 …}
+image: null
+body: "@astray@lemm.ee yeah, that could be an option, but if more users exist in that machine then other processes might fail as that instance is part of a bigger cluster that has several processes running. It might not be a big deal, but checking that may still need some work. I'd prefer a way to do it without creating new users, if it exists"
+lang: "en"
+favouriteCount: 5
+score: 0
+lastActive: DateTime @1698951415 {#2452
date: 2023-11-02 19:56:55.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@astray@lemm.ee"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#2361 …}
+nested: Doctrine\ORM\PersistentCollection {#2372 …}
+votes: Doctrine\ORM\PersistentCollection {#2386 …}
+reports: Doctrine\ORM\PersistentCollection {#2385 …}
+favourites: Doctrine\ORM\PersistentCollection {#2378 …}
+notifications: Doctrine\ORM\PersistentCollection {#2381 …}
-id: 623
-bodyTs: "'astray@lemm.ee':1 'big':40 'bigger':28 'check':43 'cluster':29 'could':4 'creat':59 'd':51 'deal':41 'exist':12,64 'fail':20 'instanc':23 'machin':15 'may':45 'might':19,36 'need':47 'new':60 'option':7 'part':25 'prefer':52 'process':18,33 'run':34 'sever':32 'still':46 'user':11,61 'way':54 'without':58 'work':49 'yeah':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342479953246218"
+editedAt: null
+createdAt: DateTimeImmutable @1698951415 {#2453
date: 2023-11-02 19:56:55.0 +01:00
}
}
]
-id: 286
-bodyTs: "'advanc':103 'anyon':95 'aw':19 'block':65 'break':54 'command':2,16,31,73 'disabl':67 'everyon':8 'execut':35,40 'exist':26,81 'hi':7 'instanc':20,24 'know':96 'linux@lemmy.ml':104 'machin':52 'mention':77 'might':53 'mpirun':41 'not-root':4 'option':93 'particular':23 'privileg':38,70 'recommend':45 'root':6,28,37,84 'run':1,14,47,75 'sudo':49,69,88 'suppos':87 'thank':101 'u':89 'user':29,80 'way':63 'wonder':58 'work':10"
+upVotes: 0
+downVotes: 0
+ranking: 1699037071
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342431186356628"
+editedAt: null
+createdAt: DateTimeImmutable @1698950671 {#2915
date: 2023-11-02 19:44:31.0 +01:00
}
+__isInitialized__: true
…2
}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1586 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1586 …}
+image: null
+body: "@ursakhiin@beehaw.org honestly, didn't consider it. Just checked and the "docker" command doesn't even exist so I assume that is not the case. Do you know if the is any other way I can be certain?"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1698980683 {#1551
date: 2023-11-03 04:04:43.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@ursakhiin@beehaw.org"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1562 …}
+nested: Doctrine\ORM\PersistentCollection {#1554 …}
+votes: Doctrine\ORM\PersistentCollection {#1556 …}
+reports: Doctrine\ORM\PersistentCollection {#1555 …}
+favourites: Doctrine\ORM\PersistentCollection {#1620 …}
+notifications: Doctrine\ORM\PersistentCollection {#1604 …}
-id: 629
-bodyTs: "'assum':19 'case':24 'certain':37 'check':8 'command':12 'consid':5 'didn':3 'docker':11 'doesn':13 'even':15 'exist':16 'honest':2 'know':27 'ursakhiin@beehaw.org':1 'way':33"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111344398050955313"
+editedAt: null
+createdAt: DateTimeImmutable @1698980683 {#1427
date: 2023-11-03 04:04:43.0 +01:00
}
} |
|
Show voter details
|
| 32 |
DENIED
|
moderate
|
App\Entity\PostComment {#1563
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464
+user: App\Entity\User {#264 …}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+image: null
+slug: "Run-command-as-not-root-Hi-everyone-At-work-I-have"
+body: """
Run command as not-root\n
\n
Hi everyone\n
\n
At work, I have to run a command in an AWS instance. In that particular instance only exists the root user. The command should not be executed with root privileges (it executes mpirun, which is not recommended to run as sudo or the machine might break), so I was wondering if there is a way to block or disable the sudo privileges while the command is running. As mentioned, the only user existing there is root, so I suppose "sudo -u" is not an option.\n
\n
Does anyone know how to do it? Thanks in advance!\n
\n
@linux@lemmy.ml
"""
+lang: "en"
+commentCount: 30
+favouriteCount: 36
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1699069034 {#2916
date: 2023-11-04 04:37:14.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
]
+comments: Doctrine\ORM\PersistentCollection {#2917 …}
+votes: Doctrine\ORM\PersistentCollection {#2926 …}
+reports: Doctrine\ORM\PersistentCollection {#2928 …}
+favourites: Doctrine\ORM\PersistentCollection {#2960 …}
+notifications: Doctrine\ORM\PersistentCollection {#2956 …}
+children: [
App\Entity\PostComment {#1422
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1690 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1698 …}
+image: null
+body: """
@elscallr@lemmy.world I agree about the instance configuration, fixing that is the real solution \n
My question was not about running something as another user, but about hiding the superadmin privileges from a single command I'd execute without switching users. However it is clear that something like that doesn't exist so I'll do the right thing and set everything to work with a new user
"""
+lang: "en"
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1699022526 {#1785
date: 2023-11-03 15:42:06.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@astray@lemm.ee"
"@elscallr@lemmy.world"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1709 …}
+nested: Doctrine\ORM\PersistentCollection {#1458 …}
+votes: Doctrine\ORM\PersistentCollection {#1428 …}
+reports: Doctrine\ORM\PersistentCollection {#1765 …}
+favourites: Doctrine\ORM\PersistentCollection {#1584 …}
+notifications: Doctrine\ORM\PersistentCollection {#1583 …}
-id: 635
-bodyTs: "'agre':3 'anoth':22 'clear':43 'command':33 'configur':7 'd':35 'doesn':48 'elscallr@lemmy.world':1 'everyth':60 'execut':36 'exist':50 'fix':8 'hide':26 'howev':40 'instanc':6 'like':46 'll':53 'new':65 'privileg':29 'question':15 'real':12 'right':56 'run':19 'set':59 'singl':32 'solut':13 'someth':20,45 'superadmin':28 'switch':38 'thing':57 'user':23,39,66 'without':37 'work':62"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111347140288436938"
+editedAt: null
+createdAt: DateTimeImmutable @1699022526 {#1413
date: 2023-11-03 15:42:06.0 +01:00
}
}
App\Entity\PostComment {#1549
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1576 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1586 …}
+image: null
+body: "@ursakhiin@beehaw.org honestly, I didn't even know an aws instance could be a docker image. Everything I did was creating the instance normally so I assumed it was just a regular vm. But already double checked and it is not a docker image, so no problem there 🙂"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1699021862 {#1447
date: 2023-11-03 15:31:02.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@ursakhiin@beehaw.org"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1573 …}
+nested: Doctrine\ORM\PersistentCollection {#1568 …}
+votes: Doctrine\ORM\PersistentCollection {#1528 …}
+reports: Doctrine\ORM\PersistentCollection {#1561 …}
+favourites: Doctrine\ORM\PersistentCollection {#1567 …}
+notifications: Doctrine\ORM\PersistentCollection {#1559 …}
-id: 633
-bodyTs: "'alreadi':34 'assum':26 'aw':9 'check':36 'could':11 'creat':20 'didn':4 'docker':14,42 'doubl':35 'even':6 'everyth':16 'honest':2 'imag':15,43 'instanc':10,22 'know':7 'normal':23 'problem':46 'regular':31 'ursakhiin@beehaw.org':1 'vm':32"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111347096751430470"
+editedAt: null
+createdAt: DateTimeImmutable @1699021862 {#1423
date: 2023-11-03 15:31:02.0 +01:00
}
}
App\Entity\PostComment {#1563}
App\Entity\PostComment {#1701
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1683 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1687
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: null
+root: null
+image: null
+body: """
Forgot to mention that creating a new user brings a lot of problems because of how that machine is configured and all the tools that would need to be added the new user's permission. In theory it would eventually work after some time working on it, but I'd like to know if there's a way to do it without creating users (or if it's impossible, so I can just go on with that only option) \n
@linux@lemmy.ml
"""
+lang: "en"
+favouriteCount: 4
+score: 0
+lastActive: DateTime @1698951882 {#1741
date: 2023-11-02 20:04:42.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#2457 …}
+nested: Doctrine\ORM\PersistentCollection {#2455 …}
+votes: Doctrine\ORM\PersistentCollection {#2468 …}
+reports: Doctrine\ORM\PersistentCollection {#2469 …}
+favourites: Doctrine\ORM\PersistentCollection {#2471 …}
+notifications: Doctrine\ORM\PersistentCollection {#2363 …}
-id: 608
-bodyTs: "'ad':30 'bring':9 'configur':20 'creat':5,63 'd':50 'eventu':40 'forgot':1 'go':74 'imposs':69 'know':53 'like':51 'linux@lemmy.ml':80 'lot':11 'machin':18 'mention':3 'need':27 'new':7,32 'option':79 'permiss':35 'problem':13 'theori':37 'time':44 'tool':24 'user':8,33,64 'way':58 'without':62 'work':41,45 'would':26,39"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342510555544223"
+editedAt: null
+createdAt: DateTimeImmutable @1698951882 {#1739
date: 2023-11-02 20:04:42.0 +01:00
}
+__isInitialized__: true
…2
}
+image: null
+body: """
@Oisteink@feddit.nl yep, that seems the right thing to do. Honestly, most of the real problem was lazyness to reconfigure everything, and that's why I published the question. But now I'm convinced that that's the only way lol \n
Thanks for the help!
"""
+lang: "en"
+favouriteCount: 2
+score: 0
+lastActive: DateTime @1698958797 {#1566
date: 2023-11-02 21:59:57.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@Oisteink@feddit.nl"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1680 …}
+nested: Doctrine\ORM\PersistentCollection {#1686 …}
+votes: Doctrine\ORM\PersistentCollection {#1692 …}
+reports: Doctrine\ORM\PersistentCollection {#1705 …}
+favourites: Doctrine\ORM\PersistentCollection {#1616 …}
+notifications: Doctrine\ORM\PersistentCollection {#1598 …}
-id: 620
-bodyTs: "'convinc':33 'everyth':20 'help':44 'honest':10 'lazy':17 'lol':40 'm':32 'oisteink@feddit.nl':1 'problem':15 'publish':26 'question':28 'real':14 'reconfigur':19 'right':6 'seem':4 'thank':41 'thing':7 'way':39 'yep':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342963738833873"
+editedAt: null
+createdAt: DateTimeImmutable @1698958797 {#1564
date: 2023-11-02 21:59:57.0 +01:00
}
}
App\Entity\PostComment {#1626
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1599 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1599 …}
+image: null
+body: """
@astraeus@programming.dev yep, completely agree on the security issues, that is a mistake that should be fixed. But for the moment I confirmed that root is the only user, and every file and program in the instance can only be used by root (I just created a new user and tried to run the command with su -c but got a lot of permission denials and command not found) \n
If I could hide or disable my own sudo permissions that would save me a lot of work, but I'm starting to think that something like that doesn't exist 🙁
"""
+lang: "en"
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1698954643 {#1702
date: 2023-11-02 20:50:43.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@astraeus@programming.dev"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1618 …}
+nested: Doctrine\ORM\PersistentCollection {#1597 …}
+votes: Doctrine\ORM\PersistentCollection {#1731 …}
+reports: Doctrine\ORM\PersistentCollection {#1723 …}
+favourites: Doctrine\ORM\PersistentCollection {#1721 …}
+notifications: Doctrine\ORM\PersistentCollection {#1728 …}
-id: 616
-bodyTs: "'agre':4 'astraeus@programming.dev':1 'c':57 'command':54,66 'complet':3 'confirm':22 'could':71 'creat':45 'denial':64 'disabl':74 'doesn':97 'everi':30 'exist':99 'file':31 'fix':16 'found':68 'got':59 'hide':72 'instanc':36 'issu':8 'like':95 'lot':61,84 'm':89 'mistak':12 'moment':20 'new':47 'permiss':63,78 'program':33 'root':24,42 'run':52 'save':81 'secur':7 'someth':94 'start':90 'su':56 'sudo':77 'think':92 'tri':50 'use':40 'user':28,48 'work':86 'would':80 'yep':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342691529612536"
+editedAt: null
+createdAt: DateTimeImmutable @1698954643 {#1619
date: 2023-11-02 20:50:43.0 +01:00
}
}
App\Entity\PostComment {#1734
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1732 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1687 …2}
+image: null
+body: "@Oisteink@feddit.nl in another comment (<https://social.vivaldi.net/users/nirogu/statuses/111342629815373353>) I explained why I'd prefer not to create another user, as it would require a lot of work to configure everything again for that command to work (it's a big process). I was thinking of hiding my sudo permissions from the program or something like that, if possible, because many things in the instance are only configured to be used with the root user, even if they don't require sudo. Anyway, I'm seeing that it might not be possible so creating a new user could be the only option 🙁"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1698954358 {#1628
date: 2023-11-02 20:45:58.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@Oisteink@feddit.nl"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1727 …}
+nested: Doctrine\ORM\PersistentCollection {#1733 …}
+votes: Doctrine\ORM\PersistentCollection {#1724 …}
+reports: Doctrine\ORM\PersistentCollection {#1715 …}
+favourites: Doctrine\ORM\PersistentCollection {#1718 …}
+notifications: Doctrine\ORM\PersistentCollection {#1716 …}
-id: 612
-bodyTs: "'/users/nirogu/statuses/111342629815373353':7 'anoth':3,17 'anyway':81 'big':39 'command':33 'comment':4 'configur':28,66 'could':96 'creat':16,92 'd':12 'even':74 'everyth':29 'explain':9 'hide':45 'instanc':63 'like':54 'lot':24 'm':83 'mani':59 'might':87 'new':94 'oisteink@feddit.nl':1 'option':100 'permiss':48 'possibl':57,90 'prefer':13 'process':40 'program':51 'requir':22,79 'root':72 'see':84 'social.vivaldi.net':6 'social.vivaldi.net/users/nirogu/statuses/111342629815373353':5 'someth':53 'sudo':47,80 'thing':60 'think':43 'use':69 'user':18,73,95 'work':26,35 'would':21"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342672818386955"
+editedAt: null
+createdAt: DateTimeImmutable @1698954358 {#1629
date: 2023-11-02 20:45:58.0 +01:00
}
}
App\Entity\PostComment {#1740
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1707 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1687 …2}
+image: null
+body: "@Rustmilian@lemmy.world yeah, already tried it. The problem is that all of the apps in the instance are only installed for the root user (e.g. python and all it's libraries. So, when I use su -c all I get is a lot of command not found messages that would take a lot to solve. Besides I expect a lot more problems when the command needs access to some files and some processes (like a sql database) that would require me to do a lot of stuff to grant permissions to the new user. That would eventually work but given the work it requires I thought that some kind of "anti sudo" command or something like that could exist so I can still be the root user but pretend I am not a superadmin"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1698953702 {#1737
date: 2023-11-02 20:35:02.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@Rustmilian@lemmy.world"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#2465 …}
+nested: Doctrine\ORM\PersistentCollection {#2463 …}
+votes: Doctrine\ORM\PersistentCollection {#2411 …}
+reports: Doctrine\ORM\PersistentCollection {#2422 …}
+favourites: Doctrine\ORM\PersistentCollection {#2458 …}
+notifications: Doctrine\ORM\PersistentCollection {#2456 …}
-id: 618
-bodyTs: "'access':66 'alreadi':3 'anti':110 'app':13 'besid':55 'c':36 'command':44,64,112 'could':117 'databas':76 'e.g':24 'eventu':96 'exist':118 'expect':57 'file':69 'found':46 'get':39 'given':99 'grant':88 'instal':19 'instanc':16 'kind':108 'librari':30 'like':73,115 'lot':42,52,59,84 'messag':47 'need':65 'new':92 'permiss':89 'pretend':128 'problem':7,61 'process':72 'python':25 'requir':79,103 'root':22,125 'rustmilian@lemmy.world':1 'solv':54 'someth':114 'sql':75 'still':122 'stuff':86 'su':35 'sudo':111 'superadmin':133 'take':50 'thought':105 'tri':4 'use':34 'user':23,93,126 'work':97,101 'would':49,78,95 'yeah':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342629815373353"
+editedAt: null
+createdAt: DateTimeImmutable @1698953702 {#1730
date: 2023-11-02 20:35:02.0 +01:00
}
}
Proxies\__CG__\App\Entity\PostComment {#1687 …2}
App\Entity\PostComment {#2359
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1698 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1698 …}
+image: null
+body: "@astray@lemm.ee yeah, that could be an option, but if more users exist in that machine then other processes might fail as that instance is part of a bigger cluster that has several processes running. It might not be a big deal, but checking that may still need some work. I'd prefer a way to do it without creating new users, if it exists"
+lang: "en"
+favouriteCount: 5
+score: 0
+lastActive: DateTime @1698951415 {#2452
date: 2023-11-02 19:56:55.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@astray@lemm.ee"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#2361 …}
+nested: Doctrine\ORM\PersistentCollection {#2372 …}
+votes: Doctrine\ORM\PersistentCollection {#2386 …}
+reports: Doctrine\ORM\PersistentCollection {#2385 …}
+favourites: Doctrine\ORM\PersistentCollection {#2378 …}
+notifications: Doctrine\ORM\PersistentCollection {#2381 …}
-id: 623
-bodyTs: "'astray@lemm.ee':1 'big':40 'bigger':28 'check':43 'cluster':29 'could':4 'creat':59 'd':51 'deal':41 'exist':12,64 'fail':20 'instanc':23 'machin':15 'may':45 'might':19,36 'need':47 'new':60 'option':7 'part':25 'prefer':52 'process':18,33 'run':34 'sever':32 'still':46 'user':11,61 'way':54 'without':58 'work':49 'yeah':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342479953246218"
+editedAt: null
+createdAt: DateTimeImmutable @1698951415 {#2453
date: 2023-11-02 19:56:55.0 +01:00
}
}
]
-id: 286
-bodyTs: "'advanc':103 'anyon':95 'aw':19 'block':65 'break':54 'command':2,16,31,73 'disabl':67 'everyon':8 'execut':35,40 'exist':26,81 'hi':7 'instanc':20,24 'know':96 'linux@lemmy.ml':104 'machin':52 'mention':77 'might':53 'mpirun':41 'not-root':4 'option':93 'particular':23 'privileg':38,70 'recommend':45 'root':6,28,37,84 'run':1,14,47,75 'sudo':49,69,88 'suppos':87 'thank':101 'u':89 'user':29,80 'way':63 'wonder':58 'work':10"
+upVotes: 0
+downVotes: 0
+ranking: 1699037071
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342431186356628"
+editedAt: null
+createdAt: DateTimeImmutable @1698950671 {#2915
date: 2023-11-02 19:44:31.0 +01:00
}
+__isInitialized__: true
…2
}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1586 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1586 …}
+image: null
+body: "@ursakhiin@beehaw.org honestly, didn't consider it. Just checked and the "docker" command doesn't even exist so I assume that is not the case. Do you know if the is any other way I can be certain?"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1698980683 {#1551
date: 2023-11-03 04:04:43.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@ursakhiin@beehaw.org"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1562 …}
+nested: Doctrine\ORM\PersistentCollection {#1554 …}
+votes: Doctrine\ORM\PersistentCollection {#1556 …}
+reports: Doctrine\ORM\PersistentCollection {#1555 …}
+favourites: Doctrine\ORM\PersistentCollection {#1620 …}
+notifications: Doctrine\ORM\PersistentCollection {#1604 …}
-id: 629
-bodyTs: "'assum':19 'case':24 'certain':37 'check':8 'command':12 'consid':5 'didn':3 'docker':11 'doesn':13 'even':15 'exist':16 'honest':2 'know':27 'ursakhiin@beehaw.org':1 'way':33"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111344398050955313"
+editedAt: null
+createdAt: DateTimeImmutable @1698980683 {#1427
date: 2023-11-03 04:04:43.0 +01:00
}
} |
|
Show voter details
|
| 33 |
DENIED
|
ROLE_USER
|
null |
|
Show voter details
|
| 34 |
DENIED
|
moderate
|
App\Entity\PostComment {#1549
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464
+user: App\Entity\User {#264 …}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+image: null
+slug: "Run-command-as-not-root-Hi-everyone-At-work-I-have"
+body: """
Run command as not-root\n
\n
Hi everyone\n
\n
At work, I have to run a command in an AWS instance. In that particular instance only exists the root user. The command should not be executed with root privileges (it executes mpirun, which is not recommended to run as sudo or the machine might break), so I was wondering if there is a way to block or disable the sudo privileges while the command is running. As mentioned, the only user existing there is root, so I suppose "sudo -u" is not an option.\n
\n
Does anyone know how to do it? Thanks in advance!\n
\n
@linux@lemmy.ml
"""
+lang: "en"
+commentCount: 30
+favouriteCount: 36
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1699069034 {#2916
date: 2023-11-04 04:37:14.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
]
+comments: Doctrine\ORM\PersistentCollection {#2917 …}
+votes: Doctrine\ORM\PersistentCollection {#2926 …}
+reports: Doctrine\ORM\PersistentCollection {#2928 …}
+favourites: Doctrine\ORM\PersistentCollection {#2960 …}
+notifications: Doctrine\ORM\PersistentCollection {#2956 …}
+children: [
App\Entity\PostComment {#1422
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1690 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1698 …}
+image: null
+body: """
@elscallr@lemmy.world I agree about the instance configuration, fixing that is the real solution \n
My question was not about running something as another user, but about hiding the superadmin privileges from a single command I'd execute without switching users. However it is clear that something like that doesn't exist so I'll do the right thing and set everything to work with a new user
"""
+lang: "en"
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1699022526 {#1785
date: 2023-11-03 15:42:06.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@astray@lemm.ee"
"@elscallr@lemmy.world"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1709 …}
+nested: Doctrine\ORM\PersistentCollection {#1458 …}
+votes: Doctrine\ORM\PersistentCollection {#1428 …}
+reports: Doctrine\ORM\PersistentCollection {#1765 …}
+favourites: Doctrine\ORM\PersistentCollection {#1584 …}
+notifications: Doctrine\ORM\PersistentCollection {#1583 …}
-id: 635
-bodyTs: "'agre':3 'anoth':22 'clear':43 'command':33 'configur':7 'd':35 'doesn':48 'elscallr@lemmy.world':1 'everyth':60 'execut':36 'exist':50 'fix':8 'hide':26 'howev':40 'instanc':6 'like':46 'll':53 'new':65 'privileg':29 'question':15 'real':12 'right':56 'run':19 'set':59 'singl':32 'solut':13 'someth':20,45 'superadmin':28 'switch':38 'thing':57 'user':23,39,66 'without':37 'work':62"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111347140288436938"
+editedAt: null
+createdAt: DateTimeImmutable @1699022526 {#1413
date: 2023-11-03 15:42:06.0 +01:00
}
}
App\Entity\PostComment {#1549}
App\Entity\PostComment {#1563
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1586 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1586 …}
+image: null
+body: "@ursakhiin@beehaw.org honestly, didn't consider it. Just checked and the "docker" command doesn't even exist so I assume that is not the case. Do you know if the is any other way I can be certain?"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1698980683 {#1551
date: 2023-11-03 04:04:43.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@ursakhiin@beehaw.org"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1562 …}
+nested: Doctrine\ORM\PersistentCollection {#1554 …}
+votes: Doctrine\ORM\PersistentCollection {#1556 …}
+reports: Doctrine\ORM\PersistentCollection {#1555 …}
+favourites: Doctrine\ORM\PersistentCollection {#1620 …}
+notifications: Doctrine\ORM\PersistentCollection {#1604 …}
-id: 629
-bodyTs: "'assum':19 'case':24 'certain':37 'check':8 'command':12 'consid':5 'didn':3 'docker':11 'doesn':13 'even':15 'exist':16 'honest':2 'know':27 'ursakhiin@beehaw.org':1 'way':33"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111344398050955313"
+editedAt: null
+createdAt: DateTimeImmutable @1698980683 {#1427
date: 2023-11-03 04:04:43.0 +01:00
}
}
App\Entity\PostComment {#1701
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1683 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1687
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: null
+root: null
+image: null
+body: """
Forgot to mention that creating a new user brings a lot of problems because of how that machine is configured and all the tools that would need to be added the new user's permission. In theory it would eventually work after some time working on it, but I'd like to know if there's a way to do it without creating users (or if it's impossible, so I can just go on with that only option) \n
@linux@lemmy.ml
"""
+lang: "en"
+favouriteCount: 4
+score: 0
+lastActive: DateTime @1698951882 {#1741
date: 2023-11-02 20:04:42.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#2457 …}
+nested: Doctrine\ORM\PersistentCollection {#2455 …}
+votes: Doctrine\ORM\PersistentCollection {#2468 …}
+reports: Doctrine\ORM\PersistentCollection {#2469 …}
+favourites: Doctrine\ORM\PersistentCollection {#2471 …}
+notifications: Doctrine\ORM\PersistentCollection {#2363 …}
-id: 608
-bodyTs: "'ad':30 'bring':9 'configur':20 'creat':5,63 'd':50 'eventu':40 'forgot':1 'go':74 'imposs':69 'know':53 'like':51 'linux@lemmy.ml':80 'lot':11 'machin':18 'mention':3 'need':27 'new':7,32 'option':79 'permiss':35 'problem':13 'theori':37 'time':44 'tool':24 'user':8,33,64 'way':58 'without':62 'work':41,45 'would':26,39"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342510555544223"
+editedAt: null
+createdAt: DateTimeImmutable @1698951882 {#1739
date: 2023-11-02 20:04:42.0 +01:00
}
+__isInitialized__: true
…2
}
+image: null
+body: """
@Oisteink@feddit.nl yep, that seems the right thing to do. Honestly, most of the real problem was lazyness to reconfigure everything, and that's why I published the question. But now I'm convinced that that's the only way lol \n
Thanks for the help!
"""
+lang: "en"
+favouriteCount: 2
+score: 0
+lastActive: DateTime @1698958797 {#1566
date: 2023-11-02 21:59:57.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@Oisteink@feddit.nl"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1680 …}
+nested: Doctrine\ORM\PersistentCollection {#1686 …}
+votes: Doctrine\ORM\PersistentCollection {#1692 …}
+reports: Doctrine\ORM\PersistentCollection {#1705 …}
+favourites: Doctrine\ORM\PersistentCollection {#1616 …}
+notifications: Doctrine\ORM\PersistentCollection {#1598 …}
-id: 620
-bodyTs: "'convinc':33 'everyth':20 'help':44 'honest':10 'lazy':17 'lol':40 'm':32 'oisteink@feddit.nl':1 'problem':15 'publish':26 'question':28 'real':14 'reconfigur':19 'right':6 'seem':4 'thank':41 'thing':7 'way':39 'yep':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342963738833873"
+editedAt: null
+createdAt: DateTimeImmutable @1698958797 {#1564
date: 2023-11-02 21:59:57.0 +01:00
}
}
App\Entity\PostComment {#1626
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1599 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1599 …}
+image: null
+body: """
@astraeus@programming.dev yep, completely agree on the security issues, that is a mistake that should be fixed. But for the moment I confirmed that root is the only user, and every file and program in the instance can only be used by root (I just created a new user and tried to run the command with su -c but got a lot of permission denials and command not found) \n
If I could hide or disable my own sudo permissions that would save me a lot of work, but I'm starting to think that something like that doesn't exist 🙁
"""
+lang: "en"
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1698954643 {#1702
date: 2023-11-02 20:50:43.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@astraeus@programming.dev"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1618 …}
+nested: Doctrine\ORM\PersistentCollection {#1597 …}
+votes: Doctrine\ORM\PersistentCollection {#1731 …}
+reports: Doctrine\ORM\PersistentCollection {#1723 …}
+favourites: Doctrine\ORM\PersistentCollection {#1721 …}
+notifications: Doctrine\ORM\PersistentCollection {#1728 …}
-id: 616
-bodyTs: "'agre':4 'astraeus@programming.dev':1 'c':57 'command':54,66 'complet':3 'confirm':22 'could':71 'creat':45 'denial':64 'disabl':74 'doesn':97 'everi':30 'exist':99 'file':31 'fix':16 'found':68 'got':59 'hide':72 'instanc':36 'issu':8 'like':95 'lot':61,84 'm':89 'mistak':12 'moment':20 'new':47 'permiss':63,78 'program':33 'root':24,42 'run':52 'save':81 'secur':7 'someth':94 'start':90 'su':56 'sudo':77 'think':92 'tri':50 'use':40 'user':28,48 'work':86 'would':80 'yep':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342691529612536"
+editedAt: null
+createdAt: DateTimeImmutable @1698954643 {#1619
date: 2023-11-02 20:50:43.0 +01:00
}
}
App\Entity\PostComment {#1734
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1732 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1687 …2}
+image: null
+body: "@Oisteink@feddit.nl in another comment (<https://social.vivaldi.net/users/nirogu/statuses/111342629815373353>) I explained why I'd prefer not to create another user, as it would require a lot of work to configure everything again for that command to work (it's a big process). I was thinking of hiding my sudo permissions from the program or something like that, if possible, because many things in the instance are only configured to be used with the root user, even if they don't require sudo. Anyway, I'm seeing that it might not be possible so creating a new user could be the only option 🙁"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1698954358 {#1628
date: 2023-11-02 20:45:58.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@Oisteink@feddit.nl"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1727 …}
+nested: Doctrine\ORM\PersistentCollection {#1733 …}
+votes: Doctrine\ORM\PersistentCollection {#1724 …}
+reports: Doctrine\ORM\PersistentCollection {#1715 …}
+favourites: Doctrine\ORM\PersistentCollection {#1718 …}
+notifications: Doctrine\ORM\PersistentCollection {#1716 …}
-id: 612
-bodyTs: "'/users/nirogu/statuses/111342629815373353':7 'anoth':3,17 'anyway':81 'big':39 'command':33 'comment':4 'configur':28,66 'could':96 'creat':16,92 'd':12 'even':74 'everyth':29 'explain':9 'hide':45 'instanc':63 'like':54 'lot':24 'm':83 'mani':59 'might':87 'new':94 'oisteink@feddit.nl':1 'option':100 'permiss':48 'possibl':57,90 'prefer':13 'process':40 'program':51 'requir':22,79 'root':72 'see':84 'social.vivaldi.net':6 'social.vivaldi.net/users/nirogu/statuses/111342629815373353':5 'someth':53 'sudo':47,80 'thing':60 'think':43 'use':69 'user':18,73,95 'work':26,35 'would':21"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342672818386955"
+editedAt: null
+createdAt: DateTimeImmutable @1698954358 {#1629
date: 2023-11-02 20:45:58.0 +01:00
}
}
App\Entity\PostComment {#1740
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1707 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1687 …2}
+image: null
+body: "@Rustmilian@lemmy.world yeah, already tried it. The problem is that all of the apps in the instance are only installed for the root user (e.g. python and all it's libraries. So, when I use su -c all I get is a lot of command not found messages that would take a lot to solve. Besides I expect a lot more problems when the command needs access to some files and some processes (like a sql database) that would require me to do a lot of stuff to grant permissions to the new user. That would eventually work but given the work it requires I thought that some kind of "anti sudo" command or something like that could exist so I can still be the root user but pretend I am not a superadmin"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1698953702 {#1737
date: 2023-11-02 20:35:02.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@Rustmilian@lemmy.world"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#2465 …}
+nested: Doctrine\ORM\PersistentCollection {#2463 …}
+votes: Doctrine\ORM\PersistentCollection {#2411 …}
+reports: Doctrine\ORM\PersistentCollection {#2422 …}
+favourites: Doctrine\ORM\PersistentCollection {#2458 …}
+notifications: Doctrine\ORM\PersistentCollection {#2456 …}
-id: 618
-bodyTs: "'access':66 'alreadi':3 'anti':110 'app':13 'besid':55 'c':36 'command':44,64,112 'could':117 'databas':76 'e.g':24 'eventu':96 'exist':118 'expect':57 'file':69 'found':46 'get':39 'given':99 'grant':88 'instal':19 'instanc':16 'kind':108 'librari':30 'like':73,115 'lot':42,52,59,84 'messag':47 'need':65 'new':92 'permiss':89 'pretend':128 'problem':7,61 'process':72 'python':25 'requir':79,103 'root':22,125 'rustmilian@lemmy.world':1 'solv':54 'someth':114 'sql':75 'still':122 'stuff':86 'su':35 'sudo':111 'superadmin':133 'take':50 'thought':105 'tri':4 'use':34 'user':23,93,126 'work':97,101 'would':49,78,95 'yeah':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342629815373353"
+editedAt: null
+createdAt: DateTimeImmutable @1698953702 {#1730
date: 2023-11-02 20:35:02.0 +01:00
}
}
Proxies\__CG__\App\Entity\PostComment {#1687 …2}
App\Entity\PostComment {#2359
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1698 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1698 …}
+image: null
+body: "@astray@lemm.ee yeah, that could be an option, but if more users exist in that machine then other processes might fail as that instance is part of a bigger cluster that has several processes running. It might not be a big deal, but checking that may still need some work. I'd prefer a way to do it without creating new users, if it exists"
+lang: "en"
+favouriteCount: 5
+score: 0
+lastActive: DateTime @1698951415 {#2452
date: 2023-11-02 19:56:55.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@astray@lemm.ee"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#2361 …}
+nested: Doctrine\ORM\PersistentCollection {#2372 …}
+votes: Doctrine\ORM\PersistentCollection {#2386 …}
+reports: Doctrine\ORM\PersistentCollection {#2385 …}
+favourites: Doctrine\ORM\PersistentCollection {#2378 …}
+notifications: Doctrine\ORM\PersistentCollection {#2381 …}
-id: 623
-bodyTs: "'astray@lemm.ee':1 'big':40 'bigger':28 'check':43 'cluster':29 'could':4 'creat':59 'd':51 'deal':41 'exist':12,64 'fail':20 'instanc':23 'machin':15 'may':45 'might':19,36 'need':47 'new':60 'option':7 'part':25 'prefer':52 'process':18,33 'run':34 'sever':32 'still':46 'user':11,61 'way':54 'without':58 'work':49 'yeah':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342479953246218"
+editedAt: null
+createdAt: DateTimeImmutable @1698951415 {#2453
date: 2023-11-02 19:56:55.0 +01:00
}
}
]
-id: 286
-bodyTs: "'advanc':103 'anyon':95 'aw':19 'block':65 'break':54 'command':2,16,31,73 'disabl':67 'everyon':8 'execut':35,40 'exist':26,81 'hi':7 'instanc':20,24 'know':96 'linux@lemmy.ml':104 'machin':52 'mention':77 'might':53 'mpirun':41 'not-root':4 'option':93 'particular':23 'privileg':38,70 'recommend':45 'root':6,28,37,84 'run':1,14,47,75 'sudo':49,69,88 'suppos':87 'thank':101 'u':89 'user':29,80 'way':63 'wonder':58 'work':10"
+upVotes: 0
+downVotes: 0
+ranking: 1699037071
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342431186356628"
+editedAt: null
+createdAt: DateTimeImmutable @1698950671 {#2915
date: 2023-11-02 19:44:31.0 +01:00
}
+__isInitialized__: true
…2
}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1576 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1586 …}
+image: null
+body: "@ursakhiin@beehaw.org honestly, I didn't even know an aws instance could be a docker image. Everything I did was creating the instance normally so I assumed it was just a regular vm. But already double checked and it is not a docker image, so no problem there 🙂"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1699021862 {#1447
date: 2023-11-03 15:31:02.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@ursakhiin@beehaw.org"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1573 …}
+nested: Doctrine\ORM\PersistentCollection {#1568 …}
+votes: Doctrine\ORM\PersistentCollection {#1528 …}
+reports: Doctrine\ORM\PersistentCollection {#1561 …}
+favourites: Doctrine\ORM\PersistentCollection {#1567 …}
+notifications: Doctrine\ORM\PersistentCollection {#1559 …}
-id: 633
-bodyTs: "'alreadi':34 'assum':26 'aw':9 'check':36 'could':11 'creat':20 'didn':4 'docker':14,42 'doubl':35 'even':6 'everyth':16 'honest':2 'imag':15,43 'instanc':10,22 'know':7 'normal':23 'problem':46 'regular':31 'ursakhiin@beehaw.org':1 'vm':32"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111347096751430470"
+editedAt: null
+createdAt: DateTimeImmutable @1699021862 {#1423
date: 2023-11-03 15:31:02.0 +01:00
}
} |
|
Show voter details
|
| 35 |
DENIED
|
edit
|
App\Entity\PostComment {#1549
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464
+user: App\Entity\User {#264 …}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+image: null
+slug: "Run-command-as-not-root-Hi-everyone-At-work-I-have"
+body: """
Run command as not-root\n
\n
Hi everyone\n
\n
At work, I have to run a command in an AWS instance. In that particular instance only exists the root user. The command should not be executed with root privileges (it executes mpirun, which is not recommended to run as sudo or the machine might break), so I was wondering if there is a way to block or disable the sudo privileges while the command is running. As mentioned, the only user existing there is root, so I suppose "sudo -u" is not an option.\n
\n
Does anyone know how to do it? Thanks in advance!\n
\n
@linux@lemmy.ml
"""
+lang: "en"
+commentCount: 30
+favouriteCount: 36
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1699069034 {#2916
date: 2023-11-04 04:37:14.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
]
+comments: Doctrine\ORM\PersistentCollection {#2917 …}
+votes: Doctrine\ORM\PersistentCollection {#2926 …}
+reports: Doctrine\ORM\PersistentCollection {#2928 …}
+favourites: Doctrine\ORM\PersistentCollection {#2960 …}
+notifications: Doctrine\ORM\PersistentCollection {#2956 …}
+children: [
App\Entity\PostComment {#1422
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1690 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1698 …}
+image: null
+body: """
@elscallr@lemmy.world I agree about the instance configuration, fixing that is the real solution \n
My question was not about running something as another user, but about hiding the superadmin privileges from a single command I'd execute without switching users. However it is clear that something like that doesn't exist so I'll do the right thing and set everything to work with a new user
"""
+lang: "en"
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1699022526 {#1785
date: 2023-11-03 15:42:06.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@astray@lemm.ee"
"@elscallr@lemmy.world"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1709 …}
+nested: Doctrine\ORM\PersistentCollection {#1458 …}
+votes: Doctrine\ORM\PersistentCollection {#1428 …}
+reports: Doctrine\ORM\PersistentCollection {#1765 …}
+favourites: Doctrine\ORM\PersistentCollection {#1584 …}
+notifications: Doctrine\ORM\PersistentCollection {#1583 …}
-id: 635
-bodyTs: "'agre':3 'anoth':22 'clear':43 'command':33 'configur':7 'd':35 'doesn':48 'elscallr@lemmy.world':1 'everyth':60 'execut':36 'exist':50 'fix':8 'hide':26 'howev':40 'instanc':6 'like':46 'll':53 'new':65 'privileg':29 'question':15 'real':12 'right':56 'run':19 'set':59 'singl':32 'solut':13 'someth':20,45 'superadmin':28 'switch':38 'thing':57 'user':23,39,66 'without':37 'work':62"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111347140288436938"
+editedAt: null
+createdAt: DateTimeImmutable @1699022526 {#1413
date: 2023-11-03 15:42:06.0 +01:00
}
}
App\Entity\PostComment {#1549}
App\Entity\PostComment {#1563
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1586 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1586 …}
+image: null
+body: "@ursakhiin@beehaw.org honestly, didn't consider it. Just checked and the "docker" command doesn't even exist so I assume that is not the case. Do you know if the is any other way I can be certain?"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1698980683 {#1551
date: 2023-11-03 04:04:43.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@ursakhiin@beehaw.org"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1562 …}
+nested: Doctrine\ORM\PersistentCollection {#1554 …}
+votes: Doctrine\ORM\PersistentCollection {#1556 …}
+reports: Doctrine\ORM\PersistentCollection {#1555 …}
+favourites: Doctrine\ORM\PersistentCollection {#1620 …}
+notifications: Doctrine\ORM\PersistentCollection {#1604 …}
-id: 629
-bodyTs: "'assum':19 'case':24 'certain':37 'check':8 'command':12 'consid':5 'didn':3 'docker':11 'doesn':13 'even':15 'exist':16 'honest':2 'know':27 'ursakhiin@beehaw.org':1 'way':33"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111344398050955313"
+editedAt: null
+createdAt: DateTimeImmutable @1698980683 {#1427
date: 2023-11-03 04:04:43.0 +01:00
}
}
App\Entity\PostComment {#1701
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1683 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1687
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: null
+root: null
+image: null
+body: """
Forgot to mention that creating a new user brings a lot of problems because of how that machine is configured and all the tools that would need to be added the new user's permission. In theory it would eventually work after some time working on it, but I'd like to know if there's a way to do it without creating users (or if it's impossible, so I can just go on with that only option) \n
@linux@lemmy.ml
"""
+lang: "en"
+favouriteCount: 4
+score: 0
+lastActive: DateTime @1698951882 {#1741
date: 2023-11-02 20:04:42.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#2457 …}
+nested: Doctrine\ORM\PersistentCollection {#2455 …}
+votes: Doctrine\ORM\PersistentCollection {#2468 …}
+reports: Doctrine\ORM\PersistentCollection {#2469 …}
+favourites: Doctrine\ORM\PersistentCollection {#2471 …}
+notifications: Doctrine\ORM\PersistentCollection {#2363 …}
-id: 608
-bodyTs: "'ad':30 'bring':9 'configur':20 'creat':5,63 'd':50 'eventu':40 'forgot':1 'go':74 'imposs':69 'know':53 'like':51 'linux@lemmy.ml':80 'lot':11 'machin':18 'mention':3 'need':27 'new':7,32 'option':79 'permiss':35 'problem':13 'theori':37 'time':44 'tool':24 'user':8,33,64 'way':58 'without':62 'work':41,45 'would':26,39"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342510555544223"
+editedAt: null
+createdAt: DateTimeImmutable @1698951882 {#1739
date: 2023-11-02 20:04:42.0 +01:00
}
+__isInitialized__: true
…2
}
+image: null
+body: """
@Oisteink@feddit.nl yep, that seems the right thing to do. Honestly, most of the real problem was lazyness to reconfigure everything, and that's why I published the question. But now I'm convinced that that's the only way lol \n
Thanks for the help!
"""
+lang: "en"
+favouriteCount: 2
+score: 0
+lastActive: DateTime @1698958797 {#1566
date: 2023-11-02 21:59:57.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@Oisteink@feddit.nl"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1680 …}
+nested: Doctrine\ORM\PersistentCollection {#1686 …}
+votes: Doctrine\ORM\PersistentCollection {#1692 …}
+reports: Doctrine\ORM\PersistentCollection {#1705 …}
+favourites: Doctrine\ORM\PersistentCollection {#1616 …}
+notifications: Doctrine\ORM\PersistentCollection {#1598 …}
-id: 620
-bodyTs: "'convinc':33 'everyth':20 'help':44 'honest':10 'lazy':17 'lol':40 'm':32 'oisteink@feddit.nl':1 'problem':15 'publish':26 'question':28 'real':14 'reconfigur':19 'right':6 'seem':4 'thank':41 'thing':7 'way':39 'yep':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342963738833873"
+editedAt: null
+createdAt: DateTimeImmutable @1698958797 {#1564
date: 2023-11-02 21:59:57.0 +01:00
}
}
App\Entity\PostComment {#1626
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1599 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1599 …}
+image: null
+body: """
@astraeus@programming.dev yep, completely agree on the security issues, that is a mistake that should be fixed. But for the moment I confirmed that root is the only user, and every file and program in the instance can only be used by root (I just created a new user and tried to run the command with su -c but got a lot of permission denials and command not found) \n
If I could hide or disable my own sudo permissions that would save me a lot of work, but I'm starting to think that something like that doesn't exist 🙁
"""
+lang: "en"
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1698954643 {#1702
date: 2023-11-02 20:50:43.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@astraeus@programming.dev"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1618 …}
+nested: Doctrine\ORM\PersistentCollection {#1597 …}
+votes: Doctrine\ORM\PersistentCollection {#1731 …}
+reports: Doctrine\ORM\PersistentCollection {#1723 …}
+favourites: Doctrine\ORM\PersistentCollection {#1721 …}
+notifications: Doctrine\ORM\PersistentCollection {#1728 …}
-id: 616
-bodyTs: "'agre':4 'astraeus@programming.dev':1 'c':57 'command':54,66 'complet':3 'confirm':22 'could':71 'creat':45 'denial':64 'disabl':74 'doesn':97 'everi':30 'exist':99 'file':31 'fix':16 'found':68 'got':59 'hide':72 'instanc':36 'issu':8 'like':95 'lot':61,84 'm':89 'mistak':12 'moment':20 'new':47 'permiss':63,78 'program':33 'root':24,42 'run':52 'save':81 'secur':7 'someth':94 'start':90 'su':56 'sudo':77 'think':92 'tri':50 'use':40 'user':28,48 'work':86 'would':80 'yep':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342691529612536"
+editedAt: null
+createdAt: DateTimeImmutable @1698954643 {#1619
date: 2023-11-02 20:50:43.0 +01:00
}
}
App\Entity\PostComment {#1734
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1732 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1687 …2}
+image: null
+body: "@Oisteink@feddit.nl in another comment (<https://social.vivaldi.net/users/nirogu/statuses/111342629815373353>) I explained why I'd prefer not to create another user, as it would require a lot of work to configure everything again for that command to work (it's a big process). I was thinking of hiding my sudo permissions from the program or something like that, if possible, because many things in the instance are only configured to be used with the root user, even if they don't require sudo. Anyway, I'm seeing that it might not be possible so creating a new user could be the only option 🙁"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1698954358 {#1628
date: 2023-11-02 20:45:58.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@Oisteink@feddit.nl"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1727 …}
+nested: Doctrine\ORM\PersistentCollection {#1733 …}
+votes: Doctrine\ORM\PersistentCollection {#1724 …}
+reports: Doctrine\ORM\PersistentCollection {#1715 …}
+favourites: Doctrine\ORM\PersistentCollection {#1718 …}
+notifications: Doctrine\ORM\PersistentCollection {#1716 …}
-id: 612
-bodyTs: "'/users/nirogu/statuses/111342629815373353':7 'anoth':3,17 'anyway':81 'big':39 'command':33 'comment':4 'configur':28,66 'could':96 'creat':16,92 'd':12 'even':74 'everyth':29 'explain':9 'hide':45 'instanc':63 'like':54 'lot':24 'm':83 'mani':59 'might':87 'new':94 'oisteink@feddit.nl':1 'option':100 'permiss':48 'possibl':57,90 'prefer':13 'process':40 'program':51 'requir':22,79 'root':72 'see':84 'social.vivaldi.net':6 'social.vivaldi.net/users/nirogu/statuses/111342629815373353':5 'someth':53 'sudo':47,80 'thing':60 'think':43 'use':69 'user':18,73,95 'work':26,35 'would':21"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342672818386955"
+editedAt: null
+createdAt: DateTimeImmutable @1698954358 {#1629
date: 2023-11-02 20:45:58.0 +01:00
}
}
App\Entity\PostComment {#1740
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1707 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1687 …2}
+image: null
+body: "@Rustmilian@lemmy.world yeah, already tried it. The problem is that all of the apps in the instance are only installed for the root user (e.g. python and all it's libraries. So, when I use su -c all I get is a lot of command not found messages that would take a lot to solve. Besides I expect a lot more problems when the command needs access to some files and some processes (like a sql database) that would require me to do a lot of stuff to grant permissions to the new user. That would eventually work but given the work it requires I thought that some kind of "anti sudo" command or something like that could exist so I can still be the root user but pretend I am not a superadmin"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1698953702 {#1737
date: 2023-11-02 20:35:02.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@Rustmilian@lemmy.world"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#2465 …}
+nested: Doctrine\ORM\PersistentCollection {#2463 …}
+votes: Doctrine\ORM\PersistentCollection {#2411 …}
+reports: Doctrine\ORM\PersistentCollection {#2422 …}
+favourites: Doctrine\ORM\PersistentCollection {#2458 …}
+notifications: Doctrine\ORM\PersistentCollection {#2456 …}
-id: 618
-bodyTs: "'access':66 'alreadi':3 'anti':110 'app':13 'besid':55 'c':36 'command':44,64,112 'could':117 'databas':76 'e.g':24 'eventu':96 'exist':118 'expect':57 'file':69 'found':46 'get':39 'given':99 'grant':88 'instal':19 'instanc':16 'kind':108 'librari':30 'like':73,115 'lot':42,52,59,84 'messag':47 'need':65 'new':92 'permiss':89 'pretend':128 'problem':7,61 'process':72 'python':25 'requir':79,103 'root':22,125 'rustmilian@lemmy.world':1 'solv':54 'someth':114 'sql':75 'still':122 'stuff':86 'su':35 'sudo':111 'superadmin':133 'take':50 'thought':105 'tri':4 'use':34 'user':23,93,126 'work':97,101 'would':49,78,95 'yeah':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342629815373353"
+editedAt: null
+createdAt: DateTimeImmutable @1698953702 {#1730
date: 2023-11-02 20:35:02.0 +01:00
}
}
Proxies\__CG__\App\Entity\PostComment {#1687 …2}
App\Entity\PostComment {#2359
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1698 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1698 …}
+image: null
+body: "@astray@lemm.ee yeah, that could be an option, but if more users exist in that machine then other processes might fail as that instance is part of a bigger cluster that has several processes running. It might not be a big deal, but checking that may still need some work. I'd prefer a way to do it without creating new users, if it exists"
+lang: "en"
+favouriteCount: 5
+score: 0
+lastActive: DateTime @1698951415 {#2452
date: 2023-11-02 19:56:55.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@astray@lemm.ee"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#2361 …}
+nested: Doctrine\ORM\PersistentCollection {#2372 …}
+votes: Doctrine\ORM\PersistentCollection {#2386 …}
+reports: Doctrine\ORM\PersistentCollection {#2385 …}
+favourites: Doctrine\ORM\PersistentCollection {#2378 …}
+notifications: Doctrine\ORM\PersistentCollection {#2381 …}
-id: 623
-bodyTs: "'astray@lemm.ee':1 'big':40 'bigger':28 'check':43 'cluster':29 'could':4 'creat':59 'd':51 'deal':41 'exist':12,64 'fail':20 'instanc':23 'machin':15 'may':45 'might':19,36 'need':47 'new':60 'option':7 'part':25 'prefer':52 'process':18,33 'run':34 'sever':32 'still':46 'user':11,61 'way':54 'without':58 'work':49 'yeah':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342479953246218"
+editedAt: null
+createdAt: DateTimeImmutable @1698951415 {#2453
date: 2023-11-02 19:56:55.0 +01:00
}
}
]
-id: 286
-bodyTs: "'advanc':103 'anyon':95 'aw':19 'block':65 'break':54 'command':2,16,31,73 'disabl':67 'everyon':8 'execut':35,40 'exist':26,81 'hi':7 'instanc':20,24 'know':96 'linux@lemmy.ml':104 'machin':52 'mention':77 'might':53 'mpirun':41 'not-root':4 'option':93 'particular':23 'privileg':38,70 'recommend':45 'root':6,28,37,84 'run':1,14,47,75 'sudo':49,69,88 'suppos':87 'thank':101 'u':89 'user':29,80 'way':63 'wonder':58 'work':10"
+upVotes: 0
+downVotes: 0
+ranking: 1699037071
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342431186356628"
+editedAt: null
+createdAt: DateTimeImmutable @1698950671 {#2915
date: 2023-11-02 19:44:31.0 +01:00
}
+__isInitialized__: true
…2
}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1576 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1586 …}
+image: null
+body: "@ursakhiin@beehaw.org honestly, I didn't even know an aws instance could be a docker image. Everything I did was creating the instance normally so I assumed it was just a regular vm. But already double checked and it is not a docker image, so no problem there 🙂"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1699021862 {#1447
date: 2023-11-03 15:31:02.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@ursakhiin@beehaw.org"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1573 …}
+nested: Doctrine\ORM\PersistentCollection {#1568 …}
+votes: Doctrine\ORM\PersistentCollection {#1528 …}
+reports: Doctrine\ORM\PersistentCollection {#1561 …}
+favourites: Doctrine\ORM\PersistentCollection {#1567 …}
+notifications: Doctrine\ORM\PersistentCollection {#1559 …}
-id: 633
-bodyTs: "'alreadi':34 'assum':26 'aw':9 'check':36 'could':11 'creat':20 'didn':4 'docker':14,42 'doubl':35 'even':6 'everyth':16 'honest':2 'imag':15,43 'instanc':10,22 'know':7 'normal':23 'problem':46 'regular':31 'ursakhiin@beehaw.org':1 'vm':32"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111347096751430470"
+editedAt: null
+createdAt: DateTimeImmutable @1699021862 {#1423
date: 2023-11-03 15:31:02.0 +01:00
}
} |
|
Show voter details
|
| 36 |
DENIED
|
moderate
|
App\Entity\PostComment {#1549
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464
+user: App\Entity\User {#264 …}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+image: null
+slug: "Run-command-as-not-root-Hi-everyone-At-work-I-have"
+body: """
Run command as not-root\n
\n
Hi everyone\n
\n
At work, I have to run a command in an AWS instance. In that particular instance only exists the root user. The command should not be executed with root privileges (it executes mpirun, which is not recommended to run as sudo or the machine might break), so I was wondering if there is a way to block or disable the sudo privileges while the command is running. As mentioned, the only user existing there is root, so I suppose "sudo -u" is not an option.\n
\n
Does anyone know how to do it? Thanks in advance!\n
\n
@linux@lemmy.ml
"""
+lang: "en"
+commentCount: 30
+favouriteCount: 36
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1699069034 {#2916
date: 2023-11-04 04:37:14.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
]
+comments: Doctrine\ORM\PersistentCollection {#2917 …}
+votes: Doctrine\ORM\PersistentCollection {#2926 …}
+reports: Doctrine\ORM\PersistentCollection {#2928 …}
+favourites: Doctrine\ORM\PersistentCollection {#2960 …}
+notifications: Doctrine\ORM\PersistentCollection {#2956 …}
+children: [
App\Entity\PostComment {#1422
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1690 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1698 …}
+image: null
+body: """
@elscallr@lemmy.world I agree about the instance configuration, fixing that is the real solution \n
My question was not about running something as another user, but about hiding the superadmin privileges from a single command I'd execute without switching users. However it is clear that something like that doesn't exist so I'll do the right thing and set everything to work with a new user
"""
+lang: "en"
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1699022526 {#1785
date: 2023-11-03 15:42:06.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@astray@lemm.ee"
"@elscallr@lemmy.world"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1709 …}
+nested: Doctrine\ORM\PersistentCollection {#1458 …}
+votes: Doctrine\ORM\PersistentCollection {#1428 …}
+reports: Doctrine\ORM\PersistentCollection {#1765 …}
+favourites: Doctrine\ORM\PersistentCollection {#1584 …}
+notifications: Doctrine\ORM\PersistentCollection {#1583 …}
-id: 635
-bodyTs: "'agre':3 'anoth':22 'clear':43 'command':33 'configur':7 'd':35 'doesn':48 'elscallr@lemmy.world':1 'everyth':60 'execut':36 'exist':50 'fix':8 'hide':26 'howev':40 'instanc':6 'like':46 'll':53 'new':65 'privileg':29 'question':15 'real':12 'right':56 'run':19 'set':59 'singl':32 'solut':13 'someth':20,45 'superadmin':28 'switch':38 'thing':57 'user':23,39,66 'without':37 'work':62"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111347140288436938"
+editedAt: null
+createdAt: DateTimeImmutable @1699022526 {#1413
date: 2023-11-03 15:42:06.0 +01:00
}
}
App\Entity\PostComment {#1549}
App\Entity\PostComment {#1563
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1586 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1586 …}
+image: null
+body: "@ursakhiin@beehaw.org honestly, didn't consider it. Just checked and the "docker" command doesn't even exist so I assume that is not the case. Do you know if the is any other way I can be certain?"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1698980683 {#1551
date: 2023-11-03 04:04:43.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@ursakhiin@beehaw.org"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1562 …}
+nested: Doctrine\ORM\PersistentCollection {#1554 …}
+votes: Doctrine\ORM\PersistentCollection {#1556 …}
+reports: Doctrine\ORM\PersistentCollection {#1555 …}
+favourites: Doctrine\ORM\PersistentCollection {#1620 …}
+notifications: Doctrine\ORM\PersistentCollection {#1604 …}
-id: 629
-bodyTs: "'assum':19 'case':24 'certain':37 'check':8 'command':12 'consid':5 'didn':3 'docker':11 'doesn':13 'even':15 'exist':16 'honest':2 'know':27 'ursakhiin@beehaw.org':1 'way':33"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111344398050955313"
+editedAt: null
+createdAt: DateTimeImmutable @1698980683 {#1427
date: 2023-11-03 04:04:43.0 +01:00
}
}
App\Entity\PostComment {#1701
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1683 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1687
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: null
+root: null
+image: null
+body: """
Forgot to mention that creating a new user brings a lot of problems because of how that machine is configured and all the tools that would need to be added the new user's permission. In theory it would eventually work after some time working on it, but I'd like to know if there's a way to do it without creating users (or if it's impossible, so I can just go on with that only option) \n
@linux@lemmy.ml
"""
+lang: "en"
+favouriteCount: 4
+score: 0
+lastActive: DateTime @1698951882 {#1741
date: 2023-11-02 20:04:42.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#2457 …}
+nested: Doctrine\ORM\PersistentCollection {#2455 …}
+votes: Doctrine\ORM\PersistentCollection {#2468 …}
+reports: Doctrine\ORM\PersistentCollection {#2469 …}
+favourites: Doctrine\ORM\PersistentCollection {#2471 …}
+notifications: Doctrine\ORM\PersistentCollection {#2363 …}
-id: 608
-bodyTs: "'ad':30 'bring':9 'configur':20 'creat':5,63 'd':50 'eventu':40 'forgot':1 'go':74 'imposs':69 'know':53 'like':51 'linux@lemmy.ml':80 'lot':11 'machin':18 'mention':3 'need':27 'new':7,32 'option':79 'permiss':35 'problem':13 'theori':37 'time':44 'tool':24 'user':8,33,64 'way':58 'without':62 'work':41,45 'would':26,39"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342510555544223"
+editedAt: null
+createdAt: DateTimeImmutable @1698951882 {#1739
date: 2023-11-02 20:04:42.0 +01:00
}
+__isInitialized__: true
…2
}
+image: null
+body: """
@Oisteink@feddit.nl yep, that seems the right thing to do. Honestly, most of the real problem was lazyness to reconfigure everything, and that's why I published the question. But now I'm convinced that that's the only way lol \n
Thanks for the help!
"""
+lang: "en"
+favouriteCount: 2
+score: 0
+lastActive: DateTime @1698958797 {#1566
date: 2023-11-02 21:59:57.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@Oisteink@feddit.nl"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1680 …}
+nested: Doctrine\ORM\PersistentCollection {#1686 …}
+votes: Doctrine\ORM\PersistentCollection {#1692 …}
+reports: Doctrine\ORM\PersistentCollection {#1705 …}
+favourites: Doctrine\ORM\PersistentCollection {#1616 …}
+notifications: Doctrine\ORM\PersistentCollection {#1598 …}
-id: 620
-bodyTs: "'convinc':33 'everyth':20 'help':44 'honest':10 'lazy':17 'lol':40 'm':32 'oisteink@feddit.nl':1 'problem':15 'publish':26 'question':28 'real':14 'reconfigur':19 'right':6 'seem':4 'thank':41 'thing':7 'way':39 'yep':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342963738833873"
+editedAt: null
+createdAt: DateTimeImmutable @1698958797 {#1564
date: 2023-11-02 21:59:57.0 +01:00
}
}
App\Entity\PostComment {#1626
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1599 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1599 …}
+image: null
+body: """
@astraeus@programming.dev yep, completely agree on the security issues, that is a mistake that should be fixed. But for the moment I confirmed that root is the only user, and every file and program in the instance can only be used by root (I just created a new user and tried to run the command with su -c but got a lot of permission denials and command not found) \n
If I could hide or disable my own sudo permissions that would save me a lot of work, but I'm starting to think that something like that doesn't exist 🙁
"""
+lang: "en"
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1698954643 {#1702
date: 2023-11-02 20:50:43.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@astraeus@programming.dev"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1618 …}
+nested: Doctrine\ORM\PersistentCollection {#1597 …}
+votes: Doctrine\ORM\PersistentCollection {#1731 …}
+reports: Doctrine\ORM\PersistentCollection {#1723 …}
+favourites: Doctrine\ORM\PersistentCollection {#1721 …}
+notifications: Doctrine\ORM\PersistentCollection {#1728 …}
-id: 616
-bodyTs: "'agre':4 'astraeus@programming.dev':1 'c':57 'command':54,66 'complet':3 'confirm':22 'could':71 'creat':45 'denial':64 'disabl':74 'doesn':97 'everi':30 'exist':99 'file':31 'fix':16 'found':68 'got':59 'hide':72 'instanc':36 'issu':8 'like':95 'lot':61,84 'm':89 'mistak':12 'moment':20 'new':47 'permiss':63,78 'program':33 'root':24,42 'run':52 'save':81 'secur':7 'someth':94 'start':90 'su':56 'sudo':77 'think':92 'tri':50 'use':40 'user':28,48 'work':86 'would':80 'yep':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342691529612536"
+editedAt: null
+createdAt: DateTimeImmutable @1698954643 {#1619
date: 2023-11-02 20:50:43.0 +01:00
}
}
App\Entity\PostComment {#1734
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1732 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1687 …2}
+image: null
+body: "@Oisteink@feddit.nl in another comment (<https://social.vivaldi.net/users/nirogu/statuses/111342629815373353>) I explained why I'd prefer not to create another user, as it would require a lot of work to configure everything again for that command to work (it's a big process). I was thinking of hiding my sudo permissions from the program or something like that, if possible, because many things in the instance are only configured to be used with the root user, even if they don't require sudo. Anyway, I'm seeing that it might not be possible so creating a new user could be the only option 🙁"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1698954358 {#1628
date: 2023-11-02 20:45:58.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@Oisteink@feddit.nl"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1727 …}
+nested: Doctrine\ORM\PersistentCollection {#1733 …}
+votes: Doctrine\ORM\PersistentCollection {#1724 …}
+reports: Doctrine\ORM\PersistentCollection {#1715 …}
+favourites: Doctrine\ORM\PersistentCollection {#1718 …}
+notifications: Doctrine\ORM\PersistentCollection {#1716 …}
-id: 612
-bodyTs: "'/users/nirogu/statuses/111342629815373353':7 'anoth':3,17 'anyway':81 'big':39 'command':33 'comment':4 'configur':28,66 'could':96 'creat':16,92 'd':12 'even':74 'everyth':29 'explain':9 'hide':45 'instanc':63 'like':54 'lot':24 'm':83 'mani':59 'might':87 'new':94 'oisteink@feddit.nl':1 'option':100 'permiss':48 'possibl':57,90 'prefer':13 'process':40 'program':51 'requir':22,79 'root':72 'see':84 'social.vivaldi.net':6 'social.vivaldi.net/users/nirogu/statuses/111342629815373353':5 'someth':53 'sudo':47,80 'thing':60 'think':43 'use':69 'user':18,73,95 'work':26,35 'would':21"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342672818386955"
+editedAt: null
+createdAt: DateTimeImmutable @1698954358 {#1629
date: 2023-11-02 20:45:58.0 +01:00
}
}
App\Entity\PostComment {#1740
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1707 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1687 …2}
+image: null
+body: "@Rustmilian@lemmy.world yeah, already tried it. The problem is that all of the apps in the instance are only installed for the root user (e.g. python and all it's libraries. So, when I use su -c all I get is a lot of command not found messages that would take a lot to solve. Besides I expect a lot more problems when the command needs access to some files and some processes (like a sql database) that would require me to do a lot of stuff to grant permissions to the new user. That would eventually work but given the work it requires I thought that some kind of "anti sudo" command or something like that could exist so I can still be the root user but pretend I am not a superadmin"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1698953702 {#1737
date: 2023-11-02 20:35:02.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@Rustmilian@lemmy.world"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#2465 …}
+nested: Doctrine\ORM\PersistentCollection {#2463 …}
+votes: Doctrine\ORM\PersistentCollection {#2411 …}
+reports: Doctrine\ORM\PersistentCollection {#2422 …}
+favourites: Doctrine\ORM\PersistentCollection {#2458 …}
+notifications: Doctrine\ORM\PersistentCollection {#2456 …}
-id: 618
-bodyTs: "'access':66 'alreadi':3 'anti':110 'app':13 'besid':55 'c':36 'command':44,64,112 'could':117 'databas':76 'e.g':24 'eventu':96 'exist':118 'expect':57 'file':69 'found':46 'get':39 'given':99 'grant':88 'instal':19 'instanc':16 'kind':108 'librari':30 'like':73,115 'lot':42,52,59,84 'messag':47 'need':65 'new':92 'permiss':89 'pretend':128 'problem':7,61 'process':72 'python':25 'requir':79,103 'root':22,125 'rustmilian@lemmy.world':1 'solv':54 'someth':114 'sql':75 'still':122 'stuff':86 'su':35 'sudo':111 'superadmin':133 'take':50 'thought':105 'tri':4 'use':34 'user':23,93,126 'work':97,101 'would':49,78,95 'yeah':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342629815373353"
+editedAt: null
+createdAt: DateTimeImmutable @1698953702 {#1730
date: 2023-11-02 20:35:02.0 +01:00
}
}
Proxies\__CG__\App\Entity\PostComment {#1687 …2}
App\Entity\PostComment {#2359
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1698 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1698 …}
+image: null
+body: "@astray@lemm.ee yeah, that could be an option, but if more users exist in that machine then other processes might fail as that instance is part of a bigger cluster that has several processes running. It might not be a big deal, but checking that may still need some work. I'd prefer a way to do it without creating new users, if it exists"
+lang: "en"
+favouriteCount: 5
+score: 0
+lastActive: DateTime @1698951415 {#2452
date: 2023-11-02 19:56:55.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@astray@lemm.ee"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#2361 …}
+nested: Doctrine\ORM\PersistentCollection {#2372 …}
+votes: Doctrine\ORM\PersistentCollection {#2386 …}
+reports: Doctrine\ORM\PersistentCollection {#2385 …}
+favourites: Doctrine\ORM\PersistentCollection {#2378 …}
+notifications: Doctrine\ORM\PersistentCollection {#2381 …}
-id: 623
-bodyTs: "'astray@lemm.ee':1 'big':40 'bigger':28 'check':43 'cluster':29 'could':4 'creat':59 'd':51 'deal':41 'exist':12,64 'fail':20 'instanc':23 'machin':15 'may':45 'might':19,36 'need':47 'new':60 'option':7 'part':25 'prefer':52 'process':18,33 'run':34 'sever':32 'still':46 'user':11,61 'way':54 'without':58 'work':49 'yeah':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342479953246218"
+editedAt: null
+createdAt: DateTimeImmutable @1698951415 {#2453
date: 2023-11-02 19:56:55.0 +01:00
}
}
]
-id: 286
-bodyTs: "'advanc':103 'anyon':95 'aw':19 'block':65 'break':54 'command':2,16,31,73 'disabl':67 'everyon':8 'execut':35,40 'exist':26,81 'hi':7 'instanc':20,24 'know':96 'linux@lemmy.ml':104 'machin':52 'mention':77 'might':53 'mpirun':41 'not-root':4 'option':93 'particular':23 'privileg':38,70 'recommend':45 'root':6,28,37,84 'run':1,14,47,75 'sudo':49,69,88 'suppos':87 'thank':101 'u':89 'user':29,80 'way':63 'wonder':58 'work':10"
+upVotes: 0
+downVotes: 0
+ranking: 1699037071
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342431186356628"
+editedAt: null
+createdAt: DateTimeImmutable @1698950671 {#2915
date: 2023-11-02 19:44:31.0 +01:00
}
+__isInitialized__: true
…2
}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1576 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1586 …}
+image: null
+body: "@ursakhiin@beehaw.org honestly, I didn't even know an aws instance could be a docker image. Everything I did was creating the instance normally so I assumed it was just a regular vm. But already double checked and it is not a docker image, so no problem there 🙂"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1699021862 {#1447
date: 2023-11-03 15:31:02.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@ursakhiin@beehaw.org"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1573 …}
+nested: Doctrine\ORM\PersistentCollection {#1568 …}
+votes: Doctrine\ORM\PersistentCollection {#1528 …}
+reports: Doctrine\ORM\PersistentCollection {#1561 …}
+favourites: Doctrine\ORM\PersistentCollection {#1567 …}
+notifications: Doctrine\ORM\PersistentCollection {#1559 …}
-id: 633
-bodyTs: "'alreadi':34 'assum':26 'aw':9 'check':36 'could':11 'creat':20 'didn':4 'docker':14,42 'doubl':35 'even':6 'everyth':16 'honest':2 'imag':15,43 'instanc':10,22 'know':7 'normal':23 'problem':46 'regular':31 'ursakhiin@beehaw.org':1 'vm':32"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111347096751430470"
+editedAt: null
+createdAt: DateTimeImmutable @1699021862 {#1423
date: 2023-11-03 15:31:02.0 +01:00
}
} |
|
Show voter details
|
| 37 |
DENIED
|
ROLE_USER
|
null |
|
Show voter details
|
| 38 |
DENIED
|
moderate
|
App\Entity\PostComment {#1422
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464
+user: App\Entity\User {#264 …}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+image: null
+slug: "Run-command-as-not-root-Hi-everyone-At-work-I-have"
+body: """
Run command as not-root\n
\n
Hi everyone\n
\n
At work, I have to run a command in an AWS instance. In that particular instance only exists the root user. The command should not be executed with root privileges (it executes mpirun, which is not recommended to run as sudo or the machine might break), so I was wondering if there is a way to block or disable the sudo privileges while the command is running. As mentioned, the only user existing there is root, so I suppose "sudo -u" is not an option.\n
\n
Does anyone know how to do it? Thanks in advance!\n
\n
@linux@lemmy.ml
"""
+lang: "en"
+commentCount: 30
+favouriteCount: 36
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1699069034 {#2916
date: 2023-11-04 04:37:14.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
]
+comments: Doctrine\ORM\PersistentCollection {#2917 …}
+votes: Doctrine\ORM\PersistentCollection {#2926 …}
+reports: Doctrine\ORM\PersistentCollection {#2928 …}
+favourites: Doctrine\ORM\PersistentCollection {#2960 …}
+notifications: Doctrine\ORM\PersistentCollection {#2956 …}
+children: [
App\Entity\PostComment {#1422}
App\Entity\PostComment {#1549
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1576 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1586 …}
+image: null
+body: "@ursakhiin@beehaw.org honestly, I didn't even know an aws instance could be a docker image. Everything I did was creating the instance normally so I assumed it was just a regular vm. But already double checked and it is not a docker image, so no problem there 🙂"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1699021862 {#1447
date: 2023-11-03 15:31:02.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@ursakhiin@beehaw.org"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1573 …}
+nested: Doctrine\ORM\PersistentCollection {#1568 …}
+votes: Doctrine\ORM\PersistentCollection {#1528 …}
+reports: Doctrine\ORM\PersistentCollection {#1561 …}
+favourites: Doctrine\ORM\PersistentCollection {#1567 …}
+notifications: Doctrine\ORM\PersistentCollection {#1559 …}
-id: 633
-bodyTs: "'alreadi':34 'assum':26 'aw':9 'check':36 'could':11 'creat':20 'didn':4 'docker':14,42 'doubl':35 'even':6 'everyth':16 'honest':2 'imag':15,43 'instanc':10,22 'know':7 'normal':23 'problem':46 'regular':31 'ursakhiin@beehaw.org':1 'vm':32"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111347096751430470"
+editedAt: null
+createdAt: DateTimeImmutable @1699021862 {#1423
date: 2023-11-03 15:31:02.0 +01:00
}
}
App\Entity\PostComment {#1563
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1586 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1586 …}
+image: null
+body: "@ursakhiin@beehaw.org honestly, didn't consider it. Just checked and the "docker" command doesn't even exist so I assume that is not the case. Do you know if the is any other way I can be certain?"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1698980683 {#1551
date: 2023-11-03 04:04:43.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@ursakhiin@beehaw.org"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1562 …}
+nested: Doctrine\ORM\PersistentCollection {#1554 …}
+votes: Doctrine\ORM\PersistentCollection {#1556 …}
+reports: Doctrine\ORM\PersistentCollection {#1555 …}
+favourites: Doctrine\ORM\PersistentCollection {#1620 …}
+notifications: Doctrine\ORM\PersistentCollection {#1604 …}
-id: 629
-bodyTs: "'assum':19 'case':24 'certain':37 'check':8 'command':12 'consid':5 'didn':3 'docker':11 'doesn':13 'even':15 'exist':16 'honest':2 'know':27 'ursakhiin@beehaw.org':1 'way':33"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111344398050955313"
+editedAt: null
+createdAt: DateTimeImmutable @1698980683 {#1427
date: 2023-11-03 04:04:43.0 +01:00
}
}
App\Entity\PostComment {#1701
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1683 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1687
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: null
+root: null
+image: null
+body: """
Forgot to mention that creating a new user brings a lot of problems because of how that machine is configured and all the tools that would need to be added the new user's permission. In theory it would eventually work after some time working on it, but I'd like to know if there's a way to do it without creating users (or if it's impossible, so I can just go on with that only option) \n
@linux@lemmy.ml
"""
+lang: "en"
+favouriteCount: 4
+score: 0
+lastActive: DateTime @1698951882 {#1741
date: 2023-11-02 20:04:42.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#2457 …}
+nested: Doctrine\ORM\PersistentCollection {#2455 …}
+votes: Doctrine\ORM\PersistentCollection {#2468 …}
+reports: Doctrine\ORM\PersistentCollection {#2469 …}
+favourites: Doctrine\ORM\PersistentCollection {#2471 …}
+notifications: Doctrine\ORM\PersistentCollection {#2363 …}
-id: 608
-bodyTs: "'ad':30 'bring':9 'configur':20 'creat':5,63 'd':50 'eventu':40 'forgot':1 'go':74 'imposs':69 'know':53 'like':51 'linux@lemmy.ml':80 'lot':11 'machin':18 'mention':3 'need':27 'new':7,32 'option':79 'permiss':35 'problem':13 'theori':37 'time':44 'tool':24 'user':8,33,64 'way':58 'without':62 'work':41,45 'would':26,39"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342510555544223"
+editedAt: null
+createdAt: DateTimeImmutable @1698951882 {#1739
date: 2023-11-02 20:04:42.0 +01:00
}
+__isInitialized__: true
…2
}
+image: null
+body: """
@Oisteink@feddit.nl yep, that seems the right thing to do. Honestly, most of the real problem was lazyness to reconfigure everything, and that's why I published the question. But now I'm convinced that that's the only way lol \n
Thanks for the help!
"""
+lang: "en"
+favouriteCount: 2
+score: 0
+lastActive: DateTime @1698958797 {#1566
date: 2023-11-02 21:59:57.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@Oisteink@feddit.nl"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1680 …}
+nested: Doctrine\ORM\PersistentCollection {#1686 …}
+votes: Doctrine\ORM\PersistentCollection {#1692 …}
+reports: Doctrine\ORM\PersistentCollection {#1705 …}
+favourites: Doctrine\ORM\PersistentCollection {#1616 …}
+notifications: Doctrine\ORM\PersistentCollection {#1598 …}
-id: 620
-bodyTs: "'convinc':33 'everyth':20 'help':44 'honest':10 'lazy':17 'lol':40 'm':32 'oisteink@feddit.nl':1 'problem':15 'publish':26 'question':28 'real':14 'reconfigur':19 'right':6 'seem':4 'thank':41 'thing':7 'way':39 'yep':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342963738833873"
+editedAt: null
+createdAt: DateTimeImmutable @1698958797 {#1564
date: 2023-11-02 21:59:57.0 +01:00
}
}
App\Entity\PostComment {#1626
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1599 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1599 …}
+image: null
+body: """
@astraeus@programming.dev yep, completely agree on the security issues, that is a mistake that should be fixed. But for the moment I confirmed that root is the only user, and every file and program in the instance can only be used by root (I just created a new user and tried to run the command with su -c but got a lot of permission denials and command not found) \n
If I could hide or disable my own sudo permissions that would save me a lot of work, but I'm starting to think that something like that doesn't exist 🙁
"""
+lang: "en"
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1698954643 {#1702
date: 2023-11-02 20:50:43.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@astraeus@programming.dev"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1618 …}
+nested: Doctrine\ORM\PersistentCollection {#1597 …}
+votes: Doctrine\ORM\PersistentCollection {#1731 …}
+reports: Doctrine\ORM\PersistentCollection {#1723 …}
+favourites: Doctrine\ORM\PersistentCollection {#1721 …}
+notifications: Doctrine\ORM\PersistentCollection {#1728 …}
-id: 616
-bodyTs: "'agre':4 'astraeus@programming.dev':1 'c':57 'command':54,66 'complet':3 'confirm':22 'could':71 'creat':45 'denial':64 'disabl':74 'doesn':97 'everi':30 'exist':99 'file':31 'fix':16 'found':68 'got':59 'hide':72 'instanc':36 'issu':8 'like':95 'lot':61,84 'm':89 'mistak':12 'moment':20 'new':47 'permiss':63,78 'program':33 'root':24,42 'run':52 'save':81 'secur':7 'someth':94 'start':90 'su':56 'sudo':77 'think':92 'tri':50 'use':40 'user':28,48 'work':86 'would':80 'yep':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342691529612536"
+editedAt: null
+createdAt: DateTimeImmutable @1698954643 {#1619
date: 2023-11-02 20:50:43.0 +01:00
}
}
App\Entity\PostComment {#1734
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1732 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1687 …2}
+image: null
+body: "@Oisteink@feddit.nl in another comment (<https://social.vivaldi.net/users/nirogu/statuses/111342629815373353>) I explained why I'd prefer not to create another user, as it would require a lot of work to configure everything again for that command to work (it's a big process). I was thinking of hiding my sudo permissions from the program or something like that, if possible, because many things in the instance are only configured to be used with the root user, even if they don't require sudo. Anyway, I'm seeing that it might not be possible so creating a new user could be the only option 🙁"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1698954358 {#1628
date: 2023-11-02 20:45:58.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@Oisteink@feddit.nl"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1727 …}
+nested: Doctrine\ORM\PersistentCollection {#1733 …}
+votes: Doctrine\ORM\PersistentCollection {#1724 …}
+reports: Doctrine\ORM\PersistentCollection {#1715 …}
+favourites: Doctrine\ORM\PersistentCollection {#1718 …}
+notifications: Doctrine\ORM\PersistentCollection {#1716 …}
-id: 612
-bodyTs: "'/users/nirogu/statuses/111342629815373353':7 'anoth':3,17 'anyway':81 'big':39 'command':33 'comment':4 'configur':28,66 'could':96 'creat':16,92 'd':12 'even':74 'everyth':29 'explain':9 'hide':45 'instanc':63 'like':54 'lot':24 'm':83 'mani':59 'might':87 'new':94 'oisteink@feddit.nl':1 'option':100 'permiss':48 'possibl':57,90 'prefer':13 'process':40 'program':51 'requir':22,79 'root':72 'see':84 'social.vivaldi.net':6 'social.vivaldi.net/users/nirogu/statuses/111342629815373353':5 'someth':53 'sudo':47,80 'thing':60 'think':43 'use':69 'user':18,73,95 'work':26,35 'would':21"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342672818386955"
+editedAt: null
+createdAt: DateTimeImmutable @1698954358 {#1629
date: 2023-11-02 20:45:58.0 +01:00
}
}
App\Entity\PostComment {#1740
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1707 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1687 …2}
+image: null
+body: "@Rustmilian@lemmy.world yeah, already tried it. The problem is that all of the apps in the instance are only installed for the root user (e.g. python and all it's libraries. So, when I use su -c all I get is a lot of command not found messages that would take a lot to solve. Besides I expect a lot more problems when the command needs access to some files and some processes (like a sql database) that would require me to do a lot of stuff to grant permissions to the new user. That would eventually work but given the work it requires I thought that some kind of "anti sudo" command or something like that could exist so I can still be the root user but pretend I am not a superadmin"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1698953702 {#1737
date: 2023-11-02 20:35:02.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@Rustmilian@lemmy.world"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#2465 …}
+nested: Doctrine\ORM\PersistentCollection {#2463 …}
+votes: Doctrine\ORM\PersistentCollection {#2411 …}
+reports: Doctrine\ORM\PersistentCollection {#2422 …}
+favourites: Doctrine\ORM\PersistentCollection {#2458 …}
+notifications: Doctrine\ORM\PersistentCollection {#2456 …}
-id: 618
-bodyTs: "'access':66 'alreadi':3 'anti':110 'app':13 'besid':55 'c':36 'command':44,64,112 'could':117 'databas':76 'e.g':24 'eventu':96 'exist':118 'expect':57 'file':69 'found':46 'get':39 'given':99 'grant':88 'instal':19 'instanc':16 'kind':108 'librari':30 'like':73,115 'lot':42,52,59,84 'messag':47 'need':65 'new':92 'permiss':89 'pretend':128 'problem':7,61 'process':72 'python':25 'requir':79,103 'root':22,125 'rustmilian@lemmy.world':1 'solv':54 'someth':114 'sql':75 'still':122 'stuff':86 'su':35 'sudo':111 'superadmin':133 'take':50 'thought':105 'tri':4 'use':34 'user':23,93,126 'work':97,101 'would':49,78,95 'yeah':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342629815373353"
+editedAt: null
+createdAt: DateTimeImmutable @1698953702 {#1730
date: 2023-11-02 20:35:02.0 +01:00
}
}
Proxies\__CG__\App\Entity\PostComment {#1687 …2}
App\Entity\PostComment {#2359
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1698 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1698 …}
+image: null
+body: "@astray@lemm.ee yeah, that could be an option, but if more users exist in that machine then other processes might fail as that instance is part of a bigger cluster that has several processes running. It might not be a big deal, but checking that may still need some work. I'd prefer a way to do it without creating new users, if it exists"
+lang: "en"
+favouriteCount: 5
+score: 0
+lastActive: DateTime @1698951415 {#2452
date: 2023-11-02 19:56:55.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@astray@lemm.ee"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#2361 …}
+nested: Doctrine\ORM\PersistentCollection {#2372 …}
+votes: Doctrine\ORM\PersistentCollection {#2386 …}
+reports: Doctrine\ORM\PersistentCollection {#2385 …}
+favourites: Doctrine\ORM\PersistentCollection {#2378 …}
+notifications: Doctrine\ORM\PersistentCollection {#2381 …}
-id: 623
-bodyTs: "'astray@lemm.ee':1 'big':40 'bigger':28 'check':43 'cluster':29 'could':4 'creat':59 'd':51 'deal':41 'exist':12,64 'fail':20 'instanc':23 'machin':15 'may':45 'might':19,36 'need':47 'new':60 'option':7 'part':25 'prefer':52 'process':18,33 'run':34 'sever':32 'still':46 'user':11,61 'way':54 'without':58 'work':49 'yeah':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342479953246218"
+editedAt: null
+createdAt: DateTimeImmutable @1698951415 {#2453
date: 2023-11-02 19:56:55.0 +01:00
}
}
]
-id: 286
-bodyTs: "'advanc':103 'anyon':95 'aw':19 'block':65 'break':54 'command':2,16,31,73 'disabl':67 'everyon':8 'execut':35,40 'exist':26,81 'hi':7 'instanc':20,24 'know':96 'linux@lemmy.ml':104 'machin':52 'mention':77 'might':53 'mpirun':41 'not-root':4 'option':93 'particular':23 'privileg':38,70 'recommend':45 'root':6,28,37,84 'run':1,14,47,75 'sudo':49,69,88 'suppos':87 'thank':101 'u':89 'user':29,80 'way':63 'wonder':58 'work':10"
+upVotes: 0
+downVotes: 0
+ranking: 1699037071
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342431186356628"
+editedAt: null
+createdAt: DateTimeImmutable @1698950671 {#2915
date: 2023-11-02 19:44:31.0 +01:00
}
+__isInitialized__: true
…2
}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1690 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1698 …}
+image: null
+body: """
@elscallr@lemmy.world I agree about the instance configuration, fixing that is the real solution \n
My question was not about running something as another user, but about hiding the superadmin privileges from a single command I'd execute without switching users. However it is clear that something like that doesn't exist so I'll do the right thing and set everything to work with a new user
"""
+lang: "en"
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1699022526 {#1785
date: 2023-11-03 15:42:06.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@astray@lemm.ee"
"@elscallr@lemmy.world"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1709 …}
+nested: Doctrine\ORM\PersistentCollection {#1458 …}
+votes: Doctrine\ORM\PersistentCollection {#1428 …}
+reports: Doctrine\ORM\PersistentCollection {#1765 …}
+favourites: Doctrine\ORM\PersistentCollection {#1584 …}
+notifications: Doctrine\ORM\PersistentCollection {#1583 …}
-id: 635
-bodyTs: "'agre':3 'anoth':22 'clear':43 'command':33 'configur':7 'd':35 'doesn':48 'elscallr@lemmy.world':1 'everyth':60 'execut':36 'exist':50 'fix':8 'hide':26 'howev':40 'instanc':6 'like':46 'll':53 'new':65 'privileg':29 'question':15 'real':12 'right':56 'run':19 'set':59 'singl':32 'solut':13 'someth':20,45 'superadmin':28 'switch':38 'thing':57 'user':23,39,66 'without':37 'work':62"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111347140288436938"
+editedAt: null
+createdAt: DateTimeImmutable @1699022526 {#1413
date: 2023-11-03 15:42:06.0 +01:00
}
} |
|
Show voter details
|
| 39 |
DENIED
|
edit
|
App\Entity\PostComment {#1422
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464
+user: App\Entity\User {#264 …}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+image: null
+slug: "Run-command-as-not-root-Hi-everyone-At-work-I-have"
+body: """
Run command as not-root\n
\n
Hi everyone\n
\n
At work, I have to run a command in an AWS instance. In that particular instance only exists the root user. The command should not be executed with root privileges (it executes mpirun, which is not recommended to run as sudo or the machine might break), so I was wondering if there is a way to block or disable the sudo privileges while the command is running. As mentioned, the only user existing there is root, so I suppose "sudo -u" is not an option.\n
\n
Does anyone know how to do it? Thanks in advance!\n
\n
@linux@lemmy.ml
"""
+lang: "en"
+commentCount: 30
+favouriteCount: 36
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1699069034 {#2916
date: 2023-11-04 04:37:14.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
]
+comments: Doctrine\ORM\PersistentCollection {#2917 …}
+votes: Doctrine\ORM\PersistentCollection {#2926 …}
+reports: Doctrine\ORM\PersistentCollection {#2928 …}
+favourites: Doctrine\ORM\PersistentCollection {#2960 …}
+notifications: Doctrine\ORM\PersistentCollection {#2956 …}
+children: [
App\Entity\PostComment {#1422}
App\Entity\PostComment {#1549
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1576 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1586 …}
+image: null
+body: "@ursakhiin@beehaw.org honestly, I didn't even know an aws instance could be a docker image. Everything I did was creating the instance normally so I assumed it was just a regular vm. But already double checked and it is not a docker image, so no problem there 🙂"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1699021862 {#1447
date: 2023-11-03 15:31:02.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@ursakhiin@beehaw.org"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1573 …}
+nested: Doctrine\ORM\PersistentCollection {#1568 …}
+votes: Doctrine\ORM\PersistentCollection {#1528 …}
+reports: Doctrine\ORM\PersistentCollection {#1561 …}
+favourites: Doctrine\ORM\PersistentCollection {#1567 …}
+notifications: Doctrine\ORM\PersistentCollection {#1559 …}
-id: 633
-bodyTs: "'alreadi':34 'assum':26 'aw':9 'check':36 'could':11 'creat':20 'didn':4 'docker':14,42 'doubl':35 'even':6 'everyth':16 'honest':2 'imag':15,43 'instanc':10,22 'know':7 'normal':23 'problem':46 'regular':31 'ursakhiin@beehaw.org':1 'vm':32"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111347096751430470"
+editedAt: null
+createdAt: DateTimeImmutable @1699021862 {#1423
date: 2023-11-03 15:31:02.0 +01:00
}
}
App\Entity\PostComment {#1563
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1586 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1586 …}
+image: null
+body: "@ursakhiin@beehaw.org honestly, didn't consider it. Just checked and the "docker" command doesn't even exist so I assume that is not the case. Do you know if the is any other way I can be certain?"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1698980683 {#1551
date: 2023-11-03 04:04:43.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@ursakhiin@beehaw.org"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1562 …}
+nested: Doctrine\ORM\PersistentCollection {#1554 …}
+votes: Doctrine\ORM\PersistentCollection {#1556 …}
+reports: Doctrine\ORM\PersistentCollection {#1555 …}
+favourites: Doctrine\ORM\PersistentCollection {#1620 …}
+notifications: Doctrine\ORM\PersistentCollection {#1604 …}
-id: 629
-bodyTs: "'assum':19 'case':24 'certain':37 'check':8 'command':12 'consid':5 'didn':3 'docker':11 'doesn':13 'even':15 'exist':16 'honest':2 'know':27 'ursakhiin@beehaw.org':1 'way':33"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111344398050955313"
+editedAt: null
+createdAt: DateTimeImmutable @1698980683 {#1427
date: 2023-11-03 04:04:43.0 +01:00
}
}
App\Entity\PostComment {#1701
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1683 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1687
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: null
+root: null
+image: null
+body: """
Forgot to mention that creating a new user brings a lot of problems because of how that machine is configured and all the tools that would need to be added the new user's permission. In theory it would eventually work after some time working on it, but I'd like to know if there's a way to do it without creating users (or if it's impossible, so I can just go on with that only option) \n
@linux@lemmy.ml
"""
+lang: "en"
+favouriteCount: 4
+score: 0
+lastActive: DateTime @1698951882 {#1741
date: 2023-11-02 20:04:42.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#2457 …}
+nested: Doctrine\ORM\PersistentCollection {#2455 …}
+votes: Doctrine\ORM\PersistentCollection {#2468 …}
+reports: Doctrine\ORM\PersistentCollection {#2469 …}
+favourites: Doctrine\ORM\PersistentCollection {#2471 …}
+notifications: Doctrine\ORM\PersistentCollection {#2363 …}
-id: 608
-bodyTs: "'ad':30 'bring':9 'configur':20 'creat':5,63 'd':50 'eventu':40 'forgot':1 'go':74 'imposs':69 'know':53 'like':51 'linux@lemmy.ml':80 'lot':11 'machin':18 'mention':3 'need':27 'new':7,32 'option':79 'permiss':35 'problem':13 'theori':37 'time':44 'tool':24 'user':8,33,64 'way':58 'without':62 'work':41,45 'would':26,39"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342510555544223"
+editedAt: null
+createdAt: DateTimeImmutable @1698951882 {#1739
date: 2023-11-02 20:04:42.0 +01:00
}
+__isInitialized__: true
…2
}
+image: null
+body: """
@Oisteink@feddit.nl yep, that seems the right thing to do. Honestly, most of the real problem was lazyness to reconfigure everything, and that's why I published the question. But now I'm convinced that that's the only way lol \n
Thanks for the help!
"""
+lang: "en"
+favouriteCount: 2
+score: 0
+lastActive: DateTime @1698958797 {#1566
date: 2023-11-02 21:59:57.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@Oisteink@feddit.nl"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1680 …}
+nested: Doctrine\ORM\PersistentCollection {#1686 …}
+votes: Doctrine\ORM\PersistentCollection {#1692 …}
+reports: Doctrine\ORM\PersistentCollection {#1705 …}
+favourites: Doctrine\ORM\PersistentCollection {#1616 …}
+notifications: Doctrine\ORM\PersistentCollection {#1598 …}
-id: 620
-bodyTs: "'convinc':33 'everyth':20 'help':44 'honest':10 'lazy':17 'lol':40 'm':32 'oisteink@feddit.nl':1 'problem':15 'publish':26 'question':28 'real':14 'reconfigur':19 'right':6 'seem':4 'thank':41 'thing':7 'way':39 'yep':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342963738833873"
+editedAt: null
+createdAt: DateTimeImmutable @1698958797 {#1564
date: 2023-11-02 21:59:57.0 +01:00
}
}
App\Entity\PostComment {#1626
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1599 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1599 …}
+image: null
+body: """
@astraeus@programming.dev yep, completely agree on the security issues, that is a mistake that should be fixed. But for the moment I confirmed that root is the only user, and every file and program in the instance can only be used by root (I just created a new user and tried to run the command with su -c but got a lot of permission denials and command not found) \n
If I could hide or disable my own sudo permissions that would save me a lot of work, but I'm starting to think that something like that doesn't exist 🙁
"""
+lang: "en"
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1698954643 {#1702
date: 2023-11-02 20:50:43.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@astraeus@programming.dev"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1618 …}
+nested: Doctrine\ORM\PersistentCollection {#1597 …}
+votes: Doctrine\ORM\PersistentCollection {#1731 …}
+reports: Doctrine\ORM\PersistentCollection {#1723 …}
+favourites: Doctrine\ORM\PersistentCollection {#1721 …}
+notifications: Doctrine\ORM\PersistentCollection {#1728 …}
-id: 616
-bodyTs: "'agre':4 'astraeus@programming.dev':1 'c':57 'command':54,66 'complet':3 'confirm':22 'could':71 'creat':45 'denial':64 'disabl':74 'doesn':97 'everi':30 'exist':99 'file':31 'fix':16 'found':68 'got':59 'hide':72 'instanc':36 'issu':8 'like':95 'lot':61,84 'm':89 'mistak':12 'moment':20 'new':47 'permiss':63,78 'program':33 'root':24,42 'run':52 'save':81 'secur':7 'someth':94 'start':90 'su':56 'sudo':77 'think':92 'tri':50 'use':40 'user':28,48 'work':86 'would':80 'yep':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342691529612536"
+editedAt: null
+createdAt: DateTimeImmutable @1698954643 {#1619
date: 2023-11-02 20:50:43.0 +01:00
}
}
App\Entity\PostComment {#1734
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1732 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1687 …2}
+image: null
+body: "@Oisteink@feddit.nl in another comment (<https://social.vivaldi.net/users/nirogu/statuses/111342629815373353>) I explained why I'd prefer not to create another user, as it would require a lot of work to configure everything again for that command to work (it's a big process). I was thinking of hiding my sudo permissions from the program or something like that, if possible, because many things in the instance are only configured to be used with the root user, even if they don't require sudo. Anyway, I'm seeing that it might not be possible so creating a new user could be the only option 🙁"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1698954358 {#1628
date: 2023-11-02 20:45:58.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@Oisteink@feddit.nl"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1727 …}
+nested: Doctrine\ORM\PersistentCollection {#1733 …}
+votes: Doctrine\ORM\PersistentCollection {#1724 …}
+reports: Doctrine\ORM\PersistentCollection {#1715 …}
+favourites: Doctrine\ORM\PersistentCollection {#1718 …}
+notifications: Doctrine\ORM\PersistentCollection {#1716 …}
-id: 612
-bodyTs: "'/users/nirogu/statuses/111342629815373353':7 'anoth':3,17 'anyway':81 'big':39 'command':33 'comment':4 'configur':28,66 'could':96 'creat':16,92 'd':12 'even':74 'everyth':29 'explain':9 'hide':45 'instanc':63 'like':54 'lot':24 'm':83 'mani':59 'might':87 'new':94 'oisteink@feddit.nl':1 'option':100 'permiss':48 'possibl':57,90 'prefer':13 'process':40 'program':51 'requir':22,79 'root':72 'see':84 'social.vivaldi.net':6 'social.vivaldi.net/users/nirogu/statuses/111342629815373353':5 'someth':53 'sudo':47,80 'thing':60 'think':43 'use':69 'user':18,73,95 'work':26,35 'would':21"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342672818386955"
+editedAt: null
+createdAt: DateTimeImmutable @1698954358 {#1629
date: 2023-11-02 20:45:58.0 +01:00
}
}
App\Entity\PostComment {#1740
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1707 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1687 …2}
+image: null
+body: "@Rustmilian@lemmy.world yeah, already tried it. The problem is that all of the apps in the instance are only installed for the root user (e.g. python and all it's libraries. So, when I use su -c all I get is a lot of command not found messages that would take a lot to solve. Besides I expect a lot more problems when the command needs access to some files and some processes (like a sql database) that would require me to do a lot of stuff to grant permissions to the new user. That would eventually work but given the work it requires I thought that some kind of "anti sudo" command or something like that could exist so I can still be the root user but pretend I am not a superadmin"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1698953702 {#1737
date: 2023-11-02 20:35:02.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@Rustmilian@lemmy.world"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#2465 …}
+nested: Doctrine\ORM\PersistentCollection {#2463 …}
+votes: Doctrine\ORM\PersistentCollection {#2411 …}
+reports: Doctrine\ORM\PersistentCollection {#2422 …}
+favourites: Doctrine\ORM\PersistentCollection {#2458 …}
+notifications: Doctrine\ORM\PersistentCollection {#2456 …}
-id: 618
-bodyTs: "'access':66 'alreadi':3 'anti':110 'app':13 'besid':55 'c':36 'command':44,64,112 'could':117 'databas':76 'e.g':24 'eventu':96 'exist':118 'expect':57 'file':69 'found':46 'get':39 'given':99 'grant':88 'instal':19 'instanc':16 'kind':108 'librari':30 'like':73,115 'lot':42,52,59,84 'messag':47 'need':65 'new':92 'permiss':89 'pretend':128 'problem':7,61 'process':72 'python':25 'requir':79,103 'root':22,125 'rustmilian@lemmy.world':1 'solv':54 'someth':114 'sql':75 'still':122 'stuff':86 'su':35 'sudo':111 'superadmin':133 'take':50 'thought':105 'tri':4 'use':34 'user':23,93,126 'work':97,101 'would':49,78,95 'yeah':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342629815373353"
+editedAt: null
+createdAt: DateTimeImmutable @1698953702 {#1730
date: 2023-11-02 20:35:02.0 +01:00
}
}
Proxies\__CG__\App\Entity\PostComment {#1687 …2}
App\Entity\PostComment {#2359
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1698 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1698 …}
+image: null
+body: "@astray@lemm.ee yeah, that could be an option, but if more users exist in that machine then other processes might fail as that instance is part of a bigger cluster that has several processes running. It might not be a big deal, but checking that may still need some work. I'd prefer a way to do it without creating new users, if it exists"
+lang: "en"
+favouriteCount: 5
+score: 0
+lastActive: DateTime @1698951415 {#2452
date: 2023-11-02 19:56:55.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@astray@lemm.ee"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#2361 …}
+nested: Doctrine\ORM\PersistentCollection {#2372 …}
+votes: Doctrine\ORM\PersistentCollection {#2386 …}
+reports: Doctrine\ORM\PersistentCollection {#2385 …}
+favourites: Doctrine\ORM\PersistentCollection {#2378 …}
+notifications: Doctrine\ORM\PersistentCollection {#2381 …}
-id: 623
-bodyTs: "'astray@lemm.ee':1 'big':40 'bigger':28 'check':43 'cluster':29 'could':4 'creat':59 'd':51 'deal':41 'exist':12,64 'fail':20 'instanc':23 'machin':15 'may':45 'might':19,36 'need':47 'new':60 'option':7 'part':25 'prefer':52 'process':18,33 'run':34 'sever':32 'still':46 'user':11,61 'way':54 'without':58 'work':49 'yeah':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342479953246218"
+editedAt: null
+createdAt: DateTimeImmutable @1698951415 {#2453
date: 2023-11-02 19:56:55.0 +01:00
}
}
]
-id: 286
-bodyTs: "'advanc':103 'anyon':95 'aw':19 'block':65 'break':54 'command':2,16,31,73 'disabl':67 'everyon':8 'execut':35,40 'exist':26,81 'hi':7 'instanc':20,24 'know':96 'linux@lemmy.ml':104 'machin':52 'mention':77 'might':53 'mpirun':41 'not-root':4 'option':93 'particular':23 'privileg':38,70 'recommend':45 'root':6,28,37,84 'run':1,14,47,75 'sudo':49,69,88 'suppos':87 'thank':101 'u':89 'user':29,80 'way':63 'wonder':58 'work':10"
+upVotes: 0
+downVotes: 0
+ranking: 1699037071
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342431186356628"
+editedAt: null
+createdAt: DateTimeImmutable @1698950671 {#2915
date: 2023-11-02 19:44:31.0 +01:00
}
+__isInitialized__: true
…2
}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1690 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1698 …}
+image: null
+body: """
@elscallr@lemmy.world I agree about the instance configuration, fixing that is the real solution \n
My question was not about running something as another user, but about hiding the superadmin privileges from a single command I'd execute without switching users. However it is clear that something like that doesn't exist so I'll do the right thing and set everything to work with a new user
"""
+lang: "en"
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1699022526 {#1785
date: 2023-11-03 15:42:06.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@astray@lemm.ee"
"@elscallr@lemmy.world"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1709 …}
+nested: Doctrine\ORM\PersistentCollection {#1458 …}
+votes: Doctrine\ORM\PersistentCollection {#1428 …}
+reports: Doctrine\ORM\PersistentCollection {#1765 …}
+favourites: Doctrine\ORM\PersistentCollection {#1584 …}
+notifications: Doctrine\ORM\PersistentCollection {#1583 …}
-id: 635
-bodyTs: "'agre':3 'anoth':22 'clear':43 'command':33 'configur':7 'd':35 'doesn':48 'elscallr@lemmy.world':1 'everyth':60 'execut':36 'exist':50 'fix':8 'hide':26 'howev':40 'instanc':6 'like':46 'll':53 'new':65 'privileg':29 'question':15 'real':12 'right':56 'run':19 'set':59 'singl':32 'solut':13 'someth':20,45 'superadmin':28 'switch':38 'thing':57 'user':23,39,66 'without':37 'work':62"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111347140288436938"
+editedAt: null
+createdAt: DateTimeImmutable @1699022526 {#1413
date: 2023-11-03 15:42:06.0 +01:00
}
} |
|
Show voter details
|
| 40 |
DENIED
|
moderate
|
App\Entity\PostComment {#1422
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464
+user: App\Entity\User {#264 …}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+image: null
+slug: "Run-command-as-not-root-Hi-everyone-At-work-I-have"
+body: """
Run command as not-root\n
\n
Hi everyone\n
\n
At work, I have to run a command in an AWS instance. In that particular instance only exists the root user. The command should not be executed with root privileges (it executes mpirun, which is not recommended to run as sudo or the machine might break), so I was wondering if there is a way to block or disable the sudo privileges while the command is running. As mentioned, the only user existing there is root, so I suppose "sudo -u" is not an option.\n
\n
Does anyone know how to do it? Thanks in advance!\n
\n
@linux@lemmy.ml
"""
+lang: "en"
+commentCount: 30
+favouriteCount: 36
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1699069034 {#2916
date: 2023-11-04 04:37:14.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
]
+comments: Doctrine\ORM\PersistentCollection {#2917 …}
+votes: Doctrine\ORM\PersistentCollection {#2926 …}
+reports: Doctrine\ORM\PersistentCollection {#2928 …}
+favourites: Doctrine\ORM\PersistentCollection {#2960 …}
+notifications: Doctrine\ORM\PersistentCollection {#2956 …}
+children: [
App\Entity\PostComment {#1422}
App\Entity\PostComment {#1549
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1576 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1586 …}
+image: null
+body: "@ursakhiin@beehaw.org honestly, I didn't even know an aws instance could be a docker image. Everything I did was creating the instance normally so I assumed it was just a regular vm. But already double checked and it is not a docker image, so no problem there 🙂"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1699021862 {#1447
date: 2023-11-03 15:31:02.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@ursakhiin@beehaw.org"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1573 …}
+nested: Doctrine\ORM\PersistentCollection {#1568 …}
+votes: Doctrine\ORM\PersistentCollection {#1528 …}
+reports: Doctrine\ORM\PersistentCollection {#1561 …}
+favourites: Doctrine\ORM\PersistentCollection {#1567 …}
+notifications: Doctrine\ORM\PersistentCollection {#1559 …}
-id: 633
-bodyTs: "'alreadi':34 'assum':26 'aw':9 'check':36 'could':11 'creat':20 'didn':4 'docker':14,42 'doubl':35 'even':6 'everyth':16 'honest':2 'imag':15,43 'instanc':10,22 'know':7 'normal':23 'problem':46 'regular':31 'ursakhiin@beehaw.org':1 'vm':32"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111347096751430470"
+editedAt: null
+createdAt: DateTimeImmutable @1699021862 {#1423
date: 2023-11-03 15:31:02.0 +01:00
}
}
App\Entity\PostComment {#1563
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1586 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1586 …}
+image: null
+body: "@ursakhiin@beehaw.org honestly, didn't consider it. Just checked and the "docker" command doesn't even exist so I assume that is not the case. Do you know if the is any other way I can be certain?"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1698980683 {#1551
date: 2023-11-03 04:04:43.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@ursakhiin@beehaw.org"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1562 …}
+nested: Doctrine\ORM\PersistentCollection {#1554 …}
+votes: Doctrine\ORM\PersistentCollection {#1556 …}
+reports: Doctrine\ORM\PersistentCollection {#1555 …}
+favourites: Doctrine\ORM\PersistentCollection {#1620 …}
+notifications: Doctrine\ORM\PersistentCollection {#1604 …}
-id: 629
-bodyTs: "'assum':19 'case':24 'certain':37 'check':8 'command':12 'consid':5 'didn':3 'docker':11 'doesn':13 'even':15 'exist':16 'honest':2 'know':27 'ursakhiin@beehaw.org':1 'way':33"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111344398050955313"
+editedAt: null
+createdAt: DateTimeImmutable @1698980683 {#1427
date: 2023-11-03 04:04:43.0 +01:00
}
}
App\Entity\PostComment {#1701
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1683 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1687
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: null
+root: null
+image: null
+body: """
Forgot to mention that creating a new user brings a lot of problems because of how that machine is configured and all the tools that would need to be added the new user's permission. In theory it would eventually work after some time working on it, but I'd like to know if there's a way to do it without creating users (or if it's impossible, so I can just go on with that only option) \n
@linux@lemmy.ml
"""
+lang: "en"
+favouriteCount: 4
+score: 0
+lastActive: DateTime @1698951882 {#1741
date: 2023-11-02 20:04:42.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#2457 …}
+nested: Doctrine\ORM\PersistentCollection {#2455 …}
+votes: Doctrine\ORM\PersistentCollection {#2468 …}
+reports: Doctrine\ORM\PersistentCollection {#2469 …}
+favourites: Doctrine\ORM\PersistentCollection {#2471 …}
+notifications: Doctrine\ORM\PersistentCollection {#2363 …}
-id: 608
-bodyTs: "'ad':30 'bring':9 'configur':20 'creat':5,63 'd':50 'eventu':40 'forgot':1 'go':74 'imposs':69 'know':53 'like':51 'linux@lemmy.ml':80 'lot':11 'machin':18 'mention':3 'need':27 'new':7,32 'option':79 'permiss':35 'problem':13 'theori':37 'time':44 'tool':24 'user':8,33,64 'way':58 'without':62 'work':41,45 'would':26,39"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342510555544223"
+editedAt: null
+createdAt: DateTimeImmutable @1698951882 {#1739
date: 2023-11-02 20:04:42.0 +01:00
}
+__isInitialized__: true
…2
}
+image: null
+body: """
@Oisteink@feddit.nl yep, that seems the right thing to do. Honestly, most of the real problem was lazyness to reconfigure everything, and that's why I published the question. But now I'm convinced that that's the only way lol \n
Thanks for the help!
"""
+lang: "en"
+favouriteCount: 2
+score: 0
+lastActive: DateTime @1698958797 {#1566
date: 2023-11-02 21:59:57.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@Oisteink@feddit.nl"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1680 …}
+nested: Doctrine\ORM\PersistentCollection {#1686 …}
+votes: Doctrine\ORM\PersistentCollection {#1692 …}
+reports: Doctrine\ORM\PersistentCollection {#1705 …}
+favourites: Doctrine\ORM\PersistentCollection {#1616 …}
+notifications: Doctrine\ORM\PersistentCollection {#1598 …}
-id: 620
-bodyTs: "'convinc':33 'everyth':20 'help':44 'honest':10 'lazy':17 'lol':40 'm':32 'oisteink@feddit.nl':1 'problem':15 'publish':26 'question':28 'real':14 'reconfigur':19 'right':6 'seem':4 'thank':41 'thing':7 'way':39 'yep':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342963738833873"
+editedAt: null
+createdAt: DateTimeImmutable @1698958797 {#1564
date: 2023-11-02 21:59:57.0 +01:00
}
}
App\Entity\PostComment {#1626
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1599 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1599 …}
+image: null
+body: """
@astraeus@programming.dev yep, completely agree on the security issues, that is a mistake that should be fixed. But for the moment I confirmed that root is the only user, and every file and program in the instance can only be used by root (I just created a new user and tried to run the command with su -c but got a lot of permission denials and command not found) \n
If I could hide or disable my own sudo permissions that would save me a lot of work, but I'm starting to think that something like that doesn't exist 🙁
"""
+lang: "en"
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1698954643 {#1702
date: 2023-11-02 20:50:43.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@astraeus@programming.dev"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1618 …}
+nested: Doctrine\ORM\PersistentCollection {#1597 …}
+votes: Doctrine\ORM\PersistentCollection {#1731 …}
+reports: Doctrine\ORM\PersistentCollection {#1723 …}
+favourites: Doctrine\ORM\PersistentCollection {#1721 …}
+notifications: Doctrine\ORM\PersistentCollection {#1728 …}
-id: 616
-bodyTs: "'agre':4 'astraeus@programming.dev':1 'c':57 'command':54,66 'complet':3 'confirm':22 'could':71 'creat':45 'denial':64 'disabl':74 'doesn':97 'everi':30 'exist':99 'file':31 'fix':16 'found':68 'got':59 'hide':72 'instanc':36 'issu':8 'like':95 'lot':61,84 'm':89 'mistak':12 'moment':20 'new':47 'permiss':63,78 'program':33 'root':24,42 'run':52 'save':81 'secur':7 'someth':94 'start':90 'su':56 'sudo':77 'think':92 'tri':50 'use':40 'user':28,48 'work':86 'would':80 'yep':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342691529612536"
+editedAt: null
+createdAt: DateTimeImmutable @1698954643 {#1619
date: 2023-11-02 20:50:43.0 +01:00
}
}
App\Entity\PostComment {#1734
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1732 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1687 …2}
+image: null
+body: "@Oisteink@feddit.nl in another comment (<https://social.vivaldi.net/users/nirogu/statuses/111342629815373353>) I explained why I'd prefer not to create another user, as it would require a lot of work to configure everything again for that command to work (it's a big process). I was thinking of hiding my sudo permissions from the program or something like that, if possible, because many things in the instance are only configured to be used with the root user, even if they don't require sudo. Anyway, I'm seeing that it might not be possible so creating a new user could be the only option 🙁"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1698954358 {#1628
date: 2023-11-02 20:45:58.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@Oisteink@feddit.nl"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1727 …}
+nested: Doctrine\ORM\PersistentCollection {#1733 …}
+votes: Doctrine\ORM\PersistentCollection {#1724 …}
+reports: Doctrine\ORM\PersistentCollection {#1715 …}
+favourites: Doctrine\ORM\PersistentCollection {#1718 …}
+notifications: Doctrine\ORM\PersistentCollection {#1716 …}
-id: 612
-bodyTs: "'/users/nirogu/statuses/111342629815373353':7 'anoth':3,17 'anyway':81 'big':39 'command':33 'comment':4 'configur':28,66 'could':96 'creat':16,92 'd':12 'even':74 'everyth':29 'explain':9 'hide':45 'instanc':63 'like':54 'lot':24 'm':83 'mani':59 'might':87 'new':94 'oisteink@feddit.nl':1 'option':100 'permiss':48 'possibl':57,90 'prefer':13 'process':40 'program':51 'requir':22,79 'root':72 'see':84 'social.vivaldi.net':6 'social.vivaldi.net/users/nirogu/statuses/111342629815373353':5 'someth':53 'sudo':47,80 'thing':60 'think':43 'use':69 'user':18,73,95 'work':26,35 'would':21"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342672818386955"
+editedAt: null
+createdAt: DateTimeImmutable @1698954358 {#1629
date: 2023-11-02 20:45:58.0 +01:00
}
}
App\Entity\PostComment {#1740
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1707 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1687 …2}
+image: null
+body: "@Rustmilian@lemmy.world yeah, already tried it. The problem is that all of the apps in the instance are only installed for the root user (e.g. python and all it's libraries. So, when I use su -c all I get is a lot of command not found messages that would take a lot to solve. Besides I expect a lot more problems when the command needs access to some files and some processes (like a sql database) that would require me to do a lot of stuff to grant permissions to the new user. That would eventually work but given the work it requires I thought that some kind of "anti sudo" command or something like that could exist so I can still be the root user but pretend I am not a superadmin"
+lang: "en"
+favouriteCount: 0
+score: 0
+lastActive: DateTime @1698953702 {#1737
date: 2023-11-02 20:35:02.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@Rustmilian@lemmy.world"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#2465 …}
+nested: Doctrine\ORM\PersistentCollection {#2463 …}
+votes: Doctrine\ORM\PersistentCollection {#2411 …}
+reports: Doctrine\ORM\PersistentCollection {#2422 …}
+favourites: Doctrine\ORM\PersistentCollection {#2458 …}
+notifications: Doctrine\ORM\PersistentCollection {#2456 …}
-id: 618
-bodyTs: "'access':66 'alreadi':3 'anti':110 'app':13 'besid':55 'c':36 'command':44,64,112 'could':117 'databas':76 'e.g':24 'eventu':96 'exist':118 'expect':57 'file':69 'found':46 'get':39 'given':99 'grant':88 'instal':19 'instanc':16 'kind':108 'librari':30 'like':73,115 'lot':42,52,59,84 'messag':47 'need':65 'new':92 'permiss':89 'pretend':128 'problem':7,61 'process':72 'python':25 'requir':79,103 'root':22,125 'rustmilian@lemmy.world':1 'solv':54 'someth':114 'sql':75 'still':122 'stuff':86 'su':35 'sudo':111 'superadmin':133 'take':50 'thought':105 'tri':4 'use':34 'user':23,93,126 'work':97,101 'would':49,78,95 'yeah':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342629815373353"
+editedAt: null
+createdAt: DateTimeImmutable @1698953702 {#1730
date: 2023-11-02 20:35:02.0 +01:00
}
}
Proxies\__CG__\App\Entity\PostComment {#1687 …2}
App\Entity\PostComment {#2359
+user: App\Entity\User {#264 …}
+post: Proxies\__CG__\App\Entity\Post {#1464 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1698 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1698 …}
+image: null
+body: "@astray@lemm.ee yeah, that could be an option, but if more users exist in that machine then other processes might fail as that instance is part of a bigger cluster that has several processes running. It might not be a big deal, but checking that may still need some work. I'd prefer a way to do it without creating new users, if it exists"
+lang: "en"
+favouriteCount: 5
+score: 0
+lastActive: DateTime @1698951415 {#2452
date: 2023-11-02 19:56:55.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@astray@lemm.ee"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#2361 …}
+nested: Doctrine\ORM\PersistentCollection {#2372 …}
+votes: Doctrine\ORM\PersistentCollection {#2386 …}
+reports: Doctrine\ORM\PersistentCollection {#2385 …}
+favourites: Doctrine\ORM\PersistentCollection {#2378 …}
+notifications: Doctrine\ORM\PersistentCollection {#2381 …}
-id: 623
-bodyTs: "'astray@lemm.ee':1 'big':40 'bigger':28 'check':43 'cluster':29 'could':4 'creat':59 'd':51 'deal':41 'exist':12,64 'fail':20 'instanc':23 'machin':15 'may':45 'might':19,36 'need':47 'new':60 'option':7 'part':25 'prefer':52 'process':18,33 'run':34 'sever':32 'still':46 'user':11,61 'way':54 'without':58 'work':49 'yeah':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342479953246218"
+editedAt: null
+createdAt: DateTimeImmutable @1698951415 {#2453
date: 2023-11-02 19:56:55.0 +01:00
}
}
]
-id: 286
-bodyTs: "'advanc':103 'anyon':95 'aw':19 'block':65 'break':54 'command':2,16,31,73 'disabl':67 'everyon':8 'execut':35,40 'exist':26,81 'hi':7 'instanc':20,24 'know':96 'linux@lemmy.ml':104 'machin':52 'mention':77 'might':53 'mpirun':41 'not-root':4 'option':93 'particular':23 'privileg':38,70 'recommend':45 'root':6,28,37,84 'run':1,14,47,75 'sudo':49,69,88 'suppos':87 'thank':101 'u':89 'user':29,80 'way':63 'wonder':58 'work':10"
+upVotes: 0
+downVotes: 0
+ranking: 1699037071
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111342431186356628"
+editedAt: null
+createdAt: DateTimeImmutable @1698950671 {#2915
date: 2023-11-02 19:44:31.0 +01:00
}
+__isInitialized__: true
…2
}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1695 …}
+parent: Proxies\__CG__\App\Entity\PostComment {#1690 …}
+root: Proxies\__CG__\App\Entity\PostComment {#1698 …}
+image: null
+body: """
@elscallr@lemmy.world I agree about the instance configuration, fixing that is the real solution \n
My question was not about running something as another user, but about hiding the superadmin privileges from a single command I'd execute without switching users. However it is clear that something like that doesn't exist so I'll do the right thing and set everything to work with a new user
"""
+lang: "en"
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1699022526 {#1785
date: 2023-11-03 15:42:06.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@linux@lemmy.ml"
"@nirogu@vivaldi.net"
"@astray@lemm.ee"
"@elscallr@lemmy.world"
]
+isAdult: false
+updateMark: false
+children: Doctrine\ORM\PersistentCollection {#1709 …}
+nested: Doctrine\ORM\PersistentCollection {#1458 …}
+votes: Doctrine\ORM\PersistentCollection {#1428 …}
+reports: Doctrine\ORM\PersistentCollection {#1765 …}
+favourites: Doctrine\ORM\PersistentCollection {#1584 …}
+notifications: Doctrine\ORM\PersistentCollection {#1583 …}
-id: 635
-bodyTs: "'agre':3 'anoth':22 'clear':43 'command':33 'configur':7 'd':35 'doesn':48 'elscallr@lemmy.world':1 'everyth':60 'execut':36 'exist':50 'fix':8 'hide':26 'howev':40 'instanc':6 'like':46 'll':53 'new':65 'privileg':29 'question':15 'real':12 'right':56 'run':19 'set':59 'singl':32 'solut':13 'someth':20,45 'superadmin':28 'switch':38 'thing':57 'user':23,39,66 'without':37 'work':62"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://social.vivaldi.net/users/nirogu/statuses/111347140288436938"
+editedAt: null
+createdAt: DateTimeImmutable @1699022526 {#1413
date: 2023-11-03 15:42:06.0 +01:00
}
} |
|
Show voter details
|