UrbanPro
true

Learn Hadoop Testing from the Best Tutors

  • Affordable fees
  • 1-1 or Group class
  • Flexible Timings
  • Verified Tutors

Search in

REDHAT

Configuring sudo
Basic syntax
USER MACHINE = (RUN_AS) COMMANDS
Examples:
%group ALL = (root) /sbin/ifconfig
%wheel ALL=(ALL) ALL
%admins ALL=(ALL) NOPASSWD: ALL
Grant use access to commands in NETWORKING group
joseph ALL=NETWORKING
Use User_Alias to grant access to list of users
User_Alias ADMINS = lex, john
Use Cmnd_Alias to set a list of commands
Cmnd_Alias NETWORKING = /sbin/ruote, /sbin/ifconfig
Aliases are "string of uppercase letters, numbers, and the underscore characters"
Groups are denoted with %group, username, #uid:
# man sudoers Runas_Member ::= '!'* user name | '!'* '#'uid | '!'* '%'group | '!'* +netgroup | '!'* Runas_Alias
Kerberos Authentication:
  • Kerberos more secure than LDAP as it doesn't pass passwords over network.
  • How it works?:
    • KDC: Key distribution center: Grant tickets
    • KAdmin Server: Used to update passwords.
    • Realm: Set of systems which use the same KDCs.
  • Configuring auth:
    • Via GUI: system-config-authentication.
    • Via command-line: authconfig.
    • Question: Which command line tool can be used for configuring Kerberos?
    • Answer: authconfig
    > authconfig --enableldap --ldapserver=instructor.example.com \ --enableldaptls --ldaploadcacert=ftp://instructor.example.com/pub/example-ca.crt \ --ldapbasedn="dc=example,dc=com" --disableldapauth --enablekrb5 \ --krb5kdc=instructor.example.com --krb5adminserver=instructor.example.com \ --krb5realm=EXAMPLE.COM --enablesssdauth --update
  • Packages required:
    • yum groupinstall directory-client
    • yum install openldap-clients
    • yum install krb5-workstation
  • Kerberos commands:
    • klist: List tickets.
    • kdestroy: Delete tickets.
    • kinit: Get new tickets.
    • Example:$ klist Ticket cache: FILE:/tmp/krb5cc_1701_5hTCSt Default principal: ldapuser1@EXAMPLE.COM Valid starting Expires Service principal 08/05/13 12:35:36 08/06/13 12:35:35 krbtgt/EXAMPLE.COM@EXAMPLE.COM renew until 08/05/13 12:35:36 $ kdestroy $ klist klist: No credentials cache found (ticket cache FILE:/tmp/krb5cc_1701_5hTCSt) $ kinit Password for ldapuser1@EXAMPLE.COM: $ klist Ticket cache: FILE:/tmp/krb5cc_1701_5hTCSt Default principal: ldapuser1@EXAMPLE.COM Valid starting Expires Service principal 08/05/13 12:35:46 08/06/13 12:35:44
    • Offline LDAP and Kerberos servers can prevent login, but sssd can cache credentials allowing offline login
    • Edit the /etc/sssd/sssd.conf to configure SSSD.
    • Use authconfig to edit it via the command-line.
    • Service could be cached hiding a downed server.
    • Logging:
      • /var/log/sssd.
      • Increase verbosity in /etc/sssd/sssd.conf by adding debug_level=10 under [domain/default] (0 - 10).
0 Dislike
Follow 2

Please Enter a comment

Submit

Other Lessons for You

How to create UDF (User Defined Function) in Hive
1. User Defined Function (UDF) in Hive using Java. 2. Download hive-0.4.1.jar and add it to lib-> Buil Path -> Add jar to libraries 3. Q:Find the Cube of number passed: import org.apache.hadoop.hive.ql.exec.UDF; public...
S

Sachin Patil

0 0
0

How To Be A Hadoop Developer?
i. Becoming a Hadoop Developer: Dice survey revealed that 9 out of 10 high paid IT jobs require big data skills. A McKinsey Research Report on Big Data highlights that by end of 2018 the demand for...

Lesson: Hive Queries
Lesson: Hive Queries This lesson will cover the following topics: Simple selects ? selecting columns Simple selects – selecting rows Creating new columns Hive Functions In SQL, of which...
C

Why is the Hadoop essential?
Capacity to store and process large measures of any information, rapidly. With information volumes and assortments always expanding, particularly from web-based life and the Internet of Things (IoT), that...

Use of Piggybank and Registration in Pig
What is a Piggybank? Piggybank is a jar and its a collection of user contributed UDF’s that is released along with Pig. These are not included in the Pig JAR, so we have to register them manually...
S

Sachin Patil

0 0
0
X

Looking for Hadoop Testing Classes?

The best tutors for Hadoop Testing Classes are on UrbanPro

  • Select the best Tutor
  • Book & Attend a Free Demo
  • Pay and start Learning

Learn Hadoop Testing with the Best Tutors

The best Tutors for Hadoop Testing Classes are on UrbanPro

This website uses cookies

We use cookies to improve user experience. Choose what cookies you allow us to use. You can read more about our Cookie Policy in our Privacy Policy

Accept All
Decline All

UrbanPro.com is India's largest network of most trusted tutors and institutes. Over 55 lakh students rely on UrbanPro.com, to fulfill their learning requirements across 1,000+ categories. Using UrbanPro.com, parents, and students can compare multiple Tutors and Institutes and choose the one that best suits their requirements. More than 7.5 lakh verified Tutors and Institutes are helping millions of students every day and growing their tutoring business on UrbanPro.com. Whether you are looking for a tutor to learn mathematics, a German language trainer to brush up your German language skills or an institute to upgrade your IT skills, we have got the best selection of Tutors and Training Institutes for you. Read more