Mike Petersen

Network Admin, Technical Writer, Programmer, GNU/Linux Fan, etc.

• Home Page
• Documents
  • Deploying Suse Linux Enterprise Server
  • Samba Server Information & Guides
  • GNU/Linux Guides
  • Networking Related Guides
  • Misc Articles I wrote
• Downloads
  • Custom Built GNU/Linux Packages
  • NIMA Virtual Machine
  • Windows SPE Templates for Samba
  • Various Network Utilities I created
  • Misc Code
• Misc / FAQS
  • Contact Information
  • GNU/Linux FAQs
  • Network Admin FAQs
  • My Resume

GNU/Linux FAQs & Tips

How do I allow multiple users to logon with a password using GDM ?

If you have multiple users on a single computer, it may be beneficial to allow them to login by simply clicking on their user icon from a GDM Login screen. To do this simply add a file that lists all the users you want to be able to login without a password, such as: /etc/gdmnopassusers

# /etc/gdmnopassusers
user1
user2

Then add the following within pam:

auth     sufficient     pam_listfile.so file=/etc/gdmnopassusers sense=allow item=user

In SLED10 this line should be added to the top of /etc/pam.d/gdm

How can I Launch Graphical Apps with Sudo ?

For convenience, you can create launchers that will allow someone to launch a X11 app with sudo. Normally the X server will not allow this, but if you create a script that contains the following:

#!/bin/sh
XAUTHORITY=/home/username/.Xauthority; export XAUTHORITY
DISPLAY=:0.0; export DISPLAY
/usr/bin/program

Then if you launch "sudo scriptname" the X11 program will launch. Normally I save all the scripts into /usr/local/bin that way you can create a "launcher" that has the command "sudo scriptname" and the Graphical Program will launch.

As a side note, if you want to create a launcher for a shell program that you want root access, simply adjust the above script with the command:

xterm -e /usr/bin/program

Then when you use the launcher xterm will automatically come up and execute the command. NOTE: these are best used when you setup sudo to not ask for a password.

How can I use SSH to bypass a firewall

For some organizations it is nearly impossible to get them to open up a firewall. Here is a tip that will allow you to redirect traffic from an internal computer through the firewall and to your computer. NOTE: You must be able to logon to the firewall computer through SSH.

Say you want to redirect an internal website through the firewall and onto your remote computer. First you will need to decide what local port you want to use, in this example I will simply use port 9999 on your machine, port 8888 on the firewall machine and port 80 (web server) on the "internal machine".

* First connect to the firewall with SSH enabling the port forwarding. (Note that I will use compression on the connection with the -C option)

ssh -C -L 9999:localhost:8888 username@firewall.example.com

* Once you are connected, run the following to forward web traffic to the firewall computer (you run this within the SSH session that you just initiated above)

ssh -L 8888:localhost:80 userame@interalserver.example.com

* Now if you open a web browser and point it to localhost:9999 you will see the internal webserver's site