Re: FN-FORUM Users on FreeBSD

date posted 1st February 2003 03:02

Well it's nearly 3am, not alot to do but follow up on your own posts... :)

I've been digging around, as my original answer below probably doesn't
answer your question totally. What rights to the users have?

AFAIK there are two ways a user can get root priv's -- this is through being
in the group 'wheel' AND knowing the roots password, or being a sudoer. If
you have never installed sudo, ignore what I will say about it.

I have been looking around for a bit, and cant find an easy way to do this,
maybe someone here who's great at perl can knock up a script in 2 seconds,
or maybe someone knows a much much easier way, but for now... :)

'id' is a useful tool, it will tell you if the specified user is in the
group 'wheel' (that means they have access to root access IF they know the
root password), but sadly you have to specifiy the user... however, you
could have a script which looks in /home/ for all users, and then runs the
'id' tool for each one until at the end, whilst grepping the output for
wheel. Dont know if that makes sense, its rather late...

So, the script does:

ls /home/
gets a list of users
id -p |grep wheel
id -p |grep wheel

and so on, the output looks like this

[CS]02:53:15 0 $ id -p ben |grep wheel
groups ben wheel
[CS]02:53:34 0 $ id -p ant |grep wheel


This tells you then ben (thats me :) is in the 'wheel' group, so if they
know the root password, they can have root access. Like I said, really long
winded but it tells you. The other is sudoers, the sudoers file
/usr/local/etc/sudoers will contain details of all users that have
access.... Now, this may/may not work depending on how/IF you have the
sudoers file setup. Do you use sudo? If so, the three main groups are
fulltimers, parttimers and webmasters, but you can alter it how you like,
and if you've altered it, then you know what they are ;) to checkout the
output you can do:

cat /usr/local/etc/sudoers |grep FULLTIMERS
cat /usr/local/etc/sudoers |grep PARTTIMERS
cat /usr/local/etc/sudoers |grep WEBMASTERS

Remember, by default there are loads of made up users, so if it doesnt look
right, check to see if the line is commented out with a #

does this make sense? I wouldn't be surprised if it didnt. I think its time
for bed....

Hope it helps anyway :)

Ben

--
Ben Waters
ChunkySystems
http://www.chunkysystems.co.uk





----- Original Message -----
From: "Ben Waters" [EMAIL REMOVED]
To: [EMAIL REMOVED]
Sent: Saturday, February 01, 2003 12:27 AM
Subject: Re: FN-FORUM Users on FreeBSD


> What version of BSD?
>
> Depending on the versions of BSD it may be different, and I dont know the
> best way to do this tbh, but to list *ALL* users you can do
>
> cat /etc/passwd
>
> and if you have given them all bash shells, the easiest way to filter out
> teh crap ones is:
>
> cat /etc/passwd |grep bash
>
> or replace bash with whatever their shell is.
>
> HTH,
>
> Ben
>
> --
> Ben Waters
> ChunkySystems
> http://www.chunkysystems.co.uk
>
>
> ----- Original Message -----
> From: "John Wards" [EMAIL REMOVED]
> To: [EMAIL REMOVED]
> Sent: Friday, January 31, 2003 7:14 PM
> Subject: FN-FORUM Users on FreeBSD
>
>
> > Hi folks,
> >
> > Quick question, any ideas how to list users on FreeBSD and find out
about
> what
> > rights they have on a system etc?
> >
> > Cheers
> > John
> > ========
> > Freelancers and Freelance Jobs: http://www.freelancers.net
> >
> > Advertise with Freelancers.net http://www.freelancers.net/advert.php
> >
> > To unsubscribe please email:
> > [EMAIL REMOVED]
> >
> > If you have difficulties unsubscribing please email:
> [EMAIL REMOVED]
> >
>
>
> ========
> Freelancers and Freelance Jobs: http://www.freelancers.net
>
> Advertise with Freelancers.net http://www.freelancers.net/advert.php
>
> To unsubscribe please email:
> [EMAIL REMOVED]
>
> If you have difficulties unsubscribing please email:
[EMAIL REMOVED]
>