resolv conf - Page 119 - Developer IT

How can I secure Postgres for remote access when not in a private network?

- by orokusaki

I have a database server on a VMWare VM (Ubuntu 12.04.1 LTS server), and it just occurred to me that the server is accessible via the web, since the same physical server contains a VM that hosts public websites. My iptables in the database are such that only SSH traffic, loopback traffic, and TCP on port 5432 are allowed. I will only allow host access to the Postgres server from the IP of the other VM on the same physical machine. Does this seem sufficient for security, assuming there aren't gaping holes in my general OS configuration, or is Postgres one of those services that should never be web facing, (assuming there are some of "those"). Will I need to use hostssl instead of host in my pg_hba.conf, even though the data will travel only on my own network, presumably?

Read the article

Should I replace libapache2-mod-php5-filter with libapache2-mod-php5 on Debian 6 Apache 2.2.16?

- by luison

Upgrading various virtual machines we are having an issue with the Debian package upgrade to version 2.2.16 The upgrade (surprisingly) seems to remove libapache2-mod-php5 replacing it with libapache2-mod-php5-filter. This gave us some headache as the php.ini was pointing to the "old" one and some of the apache.conf conditional module rules stopped working. We can fix all those but we can't figure out if there would be any issues if we just "reversed" this and simply install libapache2-mod-php5 again and load that module instead of the "filter" one or in there is anyway to "alias" a module. I tend to think that the change "has a reason" but after reading apache2 and php5: module or filter I understand the module differences are to do with post delivery security issues.

Read the article

How can I disable reverse DNS in Apache 2?

- by Creighton Hale

I want to disable reverse DNS in Apache 2. I have done the following steps: In apache2/apache2.conf file ,HostnameLookups is set as OFF Tcpdump session confirmed thatApache was doing double reverse lookups even though the HostnameLookupsdirective was clearly turned off. No hostnames insites-available. The problem still remains. UPD: version of apache is dpkg -l | grep apache2 ii apache2-mpm-prefork 2.2.16-6+squeeze4 Apache HTTP Server - traditional non-threaded model ii apache2-utils 2.2.16-6+squeeze4 utility programs for webservers ii apache2.2-bin 2.2.16-6+squeeze4 Apache HTTP Server common binary files ii apache2.2-common 2.2.16-6+squeeze4 Apache HTTP Server common files apache2 -l Compiled in modules: core.c mod_log_config.c mod_logio.c prefork.c http_core.c mod_so.c I think mod_security is not present.

Read the article

How to create public html (apache2) with LDAP authentication?

- by borjamf

Im running Apache2 on Ubuntu 12.04 Server because I want to create a home directory for each ldap user. I'm using LDAP for authentication and it's working ok. Also I've done some tests with LDAP module for Apache2 and it's working ok. The problem with this LDAP authentication is that any success login can access to ~user/public_html, even if the user is not the owner of that home. I dont know how to control that, for example, userldap2 access to userldap1/public_html. I want that only the userldap1 access to userldap1. Could anybody tell me how to control that with LDAP authentication? I hope that you'll understand me. My config (auth_ldap.conf) <Directory /home/disco2/*/public_html> AuthName "Authentication" AuthType basic AuthBasicProvider ldap AuthzLDAPAuthoritative off AuthLDAPURL ldap://prueba.borja/dc=prueba,dc=borja?uid? Require ldap-filter objectClass=posixAccount </Directory>

Read the article

Why am I unable to turn off recursion in ISC BIND?

- by nbolton

Here's my named.conf.options file: options { directory "/var/cache/bind"; dnssec-enable yes; auth-nxdomain no; # conform to RFC1035 listen-on-v6 { any; }; # disable recursion recursion no; }; I've tried adding allow-recursion { "none"; } before recursion but this also has no effect; I'm testing it by using nslookup on Windows, and using google.com. as the query (and it returns an IP, so I assume recursion is on). This issue occurs on two servers with similar setups.

Read the article

Touch Screen Ubuntu 10.04LTS

- by WalterJ89

I'm trying to get a touch screen working with Ubuntu 10.04LTS (64bit) -it is a serial touchsceen, connected at /dev/ttyS0 ,i know that works because I get garbage in the terminal when I enable it. -before the screen used a 3m driver (I believe) in XP. My knowledge of Linux is passive so I generally pick up something when I need it. To get this working I came accross a lot of tutorials (a lot outdated a bit), I'm still at a loss to get this work. I'm not sure where to put linux drivers (/usr/ or /dev/?) most tutorials kind of skip over that part. I have tried editing the /etc/X11/xorg.conf unsuccessfully. I'm not sure what the syntax for that is supposed to be. Thank You

Read the article

apache tomcat loadbalancing clustering on ubuntu

- by user740010

i am facing a problem in clustering the tomcat with apache as a loadbalancer using mod_jk on ubuntu. i have install apache2 on my ubuntu 11.04 and i have downloaded tomcat7 created two copies and kept them at two different location. 1st one is at /home/net4u/vishal/test/tomcatA 2nd one is at /home/net4u/vishal/test1/tomcatB i have made following changes to server.xml file in /conf folder 1. <Server port="8205" shutdown="SHUTDOWN"> 2. <Connector port="8280" protocol="HTTP/1.1" connectionTimeout="20000" redirectPort="8443" /> 3.<Connector port="8209" protocol="AJP/1.3" redirectPort="8443" /> <Engine name="Catalina" defaultHost="localhost" jvmRoute="tomcatB"> 4. <Cluster className="org.apache.catalina.ha.tcp.SimpleTcpCluster"/> similarly i have modified other tomcat i.e tomcatA server.xml content of the server.xml is as follow: --    <Connector port="8280" protocol="HTTP/1.1" connectionTimeout="20000" redirectPort="8443" />      <Connector port="8109" protocol="AJP/1.3" redirectPort="8443" />   <Engine name="Catalina" defaultHost="localhost" jvmRoute="tomcatB">   <Cluster className="org.apache.catalina.ha.tcp.SimpleTcpCluster"/>  <Realm className="org.apache.catalina.realm.LockOutRealm">  <Realm className="org.apache.catalina.realm.UserDatabaseRealm" resourceName="UserDatabase"/> </Realm> <Host name="localhost" appBase="webapps" unpackWARs="true" autoDeploy="true">    <Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs" prefix="localhost_access_log." suffix=".txt" pattern="%h %l %u %t "%r" %s %b" resolveHosts="false"/> </Host> </Engine> i have install libapache2-mod-jk step 1. i have Created jk.load file in /etc/apache2/mods-enabled/jk.load content is as follows: LoadModule jk_module /usr/lib/apache2/modules/mod_jk.so Create /etc/apache2/mods-enabled/jk.conf: JkWorkersFile /etc/apache2/workers.properties JkLogFile /var/log/apache2/jk.log JkMount /ecommerce/* worker1 JkMount /images/* worker1 JkMount /content/* worker1 step 2. Created workers.properties file in /etc/apache2/workers.properties content is as follows: workers.tomcat_home=/home/vishal/Desktop/test/tomcatA workers.java_home=/usr/lib/jvm/default-java ps=/ worker.list=tomcatA,tomcatB,loadbalancer worker.tomcatA.port=8109 worker.tomcatA.host=localhost worker.tomcatA.type=ajp13 worker.tomcatA.lbfactor=1 worker.tomcatB.port=8209 worker.tomcatB.host=localhost worker.tomcatB.type=ajp13 worker.tomcatB.lbfactor=1 worker.loadbalancer.type=lb worker.loadbalancer.balanced_workers=tomcatA,tomcatB worker.loadbalancer.sticky_session=1 i tried the same thing on the windows machine it is working.

Read the article

CentOS PAM+LDAP login and host attribute

- by pianisteg

My system is CentOS 6.3, openldap is configured well, PAM authorization works fine. But after turning pam_check_host_attr to yes, all LDAP-auths fail with message "Access denied for this host". hostname on the server returns correct value, the same value is listed in user's profile. "pam_check_host_attr no" works fine and allows everyone with correct uid/password a piece of /var/log/secure: Sep 26 05:33:01 ldap sshd[1588]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=my-host user=my-username Sep 26 05:33:01 ldap sshd[1588]: Failed password for my-username from 77.AA.BB.CC port 58528 ssh2 Sep 26 05:33:01 ldap sshd[1589]: fatal: Access denied for user my-username by PAM account configuration Another two servers (CentOS 5.7 Debian) authorizes on this LDAP server correctly. Even with pam_check_host_attr yes! I didn't edit /etc/security/access.conf, it is empty, only default comments. I don't know what to do! How to fix this?

Read the article

Is there any way to use arrays in a puppet module (not in template)?

- by KARASZI István

I want to use puppet to manage a hadoop cluster. On the machines we have several directories which must be created and set permissions. But i'm unable to add array values for defined methods. define hdfs_site( $dirs ) { file { $dirs: ensure => directory, owner => "hadoop", group => "hadoop", mode => 755; } file { "/opt/hadoop/conf/hdfs-site.xml": content => template("hdfs-site.xml.erb"), owner => "root", group => "root", mode => 644; } } define hadoop_slave( $mem, $cpu, $dirs ) { hadoop_base { mem => $mem, cpu => $cpu, } hdfs_site { dirs => $dirs, } } hadoop_base is similar to hdfs_site. Thanks!

Read the article

SVN check out to samba directory

- by Jon H

I'm trying to svn co to a directory on Ubuntu, shared via samba, to OS X, but I get the following error (in OS X). svn: In directory 'site/product/tests' svn: Can't open file 'site/product/tests/.svn/tmp/text-base/._base.py.svn-base': No such file or directory My smb.conf file includes the following changes: unix extensions = no browseable = yes public = yes writable = yes delete readonly = yes create mask = 0775 directory mask = 0775 valid users = %S read only = no The checkout works fine locally (on the Ubuntu machine). What am I missing? More detail: Later inspection showed that the svn error couldn't find the file with 3, then 2 underscores: .___init__.py.svn-base Whereas listing the directory in OS X showed 2, then 2 underscores: __init__.py.svn-base And listing the same directory in a successful checkout on Ubuntu shows nothing (because it's a temporary directory?) I've tried the mangled = no setting in share settings, to no effect.

Read the article

How to disable horizontal scrolling within virtualbox on Ubuntu guest, Windows 7 host?

- by Steven Rosato

I am using Windows 7 as Host, Ubuntu Karmic as guest OS with guest tools installed and I get an annoying glitch when switching from host to the guest machine: Vertical scrolling switches to horizontal! (using the mouse wheel). Since I don't really care about horizontal scrolling, how can I disable this? I have checked the web and the only thing I found was to play in the xorg.conf file and adding in the section "InputDevice" Option "ZAxisMapping" "4 5" which would enable vertical scrolling only. The thing is, I don't have that section in my config file so I guessed that I would need to add Section "InputDevice" Identifier "VBoxMouse" Driver "vboxmouse" Option "ZAxisMapping" "4 5" EndSection But that does not seem to work after restarting xserver. Any workaround for this?

Read the article

Linux Bridge, Samba netbios name/hostname access

- by Christopher Wilson

I am currently running a linux bridge in the following configuration ADSL Modem: 192.168.1.1 Linux Bridge: eth0: 192.168.1.2 eth1: no address Wireless Router: 192.168.0.1 My issue is that i cannot access the "Linux Bridge" shares using the WINS name of the server via client systems (yes i understand it is a transparent bridge but i can access it via the 192.168.1.2 address this is not on the same subnet as the client systems). This is the global section of my SMB.CONF [global] unix extensions = off os level = 20 netbios name = server guest account = nobody server string = 447 Server security = share #unix extensions = no #wins support = yes #wins server = 192.168.0.1 name resolve order = wins lmhosts hosts bcast interfaces bridge1 eth0 eth1 lo bind interfaces only = yes Can i access a bridged server using it's WINS name to access samba shares? Cheers Chris

Read the article

Postfix tutorial inconsistency

- by Desmond Hume

I'm following this tutorial to setup a Postfix/Dovecot mail server with Postfix Admin as a web front end. As regards directory structure for virtual mail users, the author of the tutorial writes: Virtual mail users are those that do not exist as Unix system users. They thus don't use the standard Unix methods of authentication or mail delivery and don't have home directories. That is how we are managing things here: mail users are defined in the database created by Postfix Admin rather than existing as system users. Mail will be kept in subfolders per domain and account under /var/vmail - e.g. [email protected] will have a mail directory of /var/vmail/example.com/me. But when he gives instructions about configuring Postfix Admin, he suggests this to be contained by Postfix Admin's config.inc.php: // Mailboxes // If you want to store the mailboxes per domain set this to 'YES'. // Examples: // YES: /usr/local/virtual/domain.tld/[email protected] // NO: /usr/local/virtual/[email protected] $CONF['domain_path'] = 'NO'; Is there an inconsistency?

Read the article

Why is Mac OS X 10.6 using /usr/lib to start Apache when I compiled PHP using /opt/local/lib?

- by Anthony

PHP 5.3.3 compiled on Mac OS X 10.6 - using /usr/lib when trying to start Apache... rather than /opt/local/lib specified when PHP was configured. Why is it trying to load from /usr/lib when I specified in my configure not to? httpd: Syntax error on line 115 of /private/etc/apache2/httpd.conf: Cannot load /usr/libexec/apache2/libphp5.so into server: dlopen(/usr/libexec/apache2/libphp5.so, 10): Library not loaded: /opt/local/lib/libiconv.2.dylib\n Referenced from: /usr/libexec/apache2/libphp5.so\n Reason: Incompatible library version: libphp5.so requires version 8.0.0 or later, but libiconv.2.dylib provides version 7.0.0 The error message above refers to /opt/local/lib which when I run: otool -LD /opt/local/lib/libiconv.2.dylib Message: /opt/local/lib/libiconv.2.dylib: /opt/local/lib/libiconv.2.dylib (compatibility version 8.0.0, current version 8.0.0) /usr/lib/libSystem.B.dylib (compatibility version 1.0.0, current version 125.0.0) It shows that the version is different than what httpd is erring out as. I have a feeling I need to recompile Apache using newer libraries, but the error message still doesn't make too much sense to me.

Read the article

logrotate by size outside the daily schedule

- by Josh Smeaton

We have a couple of applications that generate huge log files. It's not enough to rotate those logs daily, so I created the following logrotate conf: /var/log/ourapp/*log { compress copytruncate missingok size 200M rotate 10 } The idea is that we can keep 2GB of logs for this one application, no matter how quickly those files are filling up. The problem, though, is that logrotate only runs once daily. AFAIK, when logrotate kicks off at 4am, it will check to see that the size is at least 200M and rotate it if so. Ideally logrotate would run every minute, check the size, and rotate if the size is greater. Is there a standard way for rotating based on size outside of the daily cron schedule?

Read the article

starting nginx via upstart

- by Chiggsy

Background: DISTRIB_ID=Ubuntu DISTRIB_RELEASE=10.04 DISTRIB_CODENAME=lucid DISTRIB_DESCRIPTION="Ubuntu 10.04 LTS" I've built nginx, and I'd like to use upstart to start it: nginx upstart script from the site: description "nginx http daemon" start on runlevel 2 stop on runlevel 0 stop on runlevel 1 stop on runlevel 6 console owner exec /usr/sbin/nginx -c /etc/nginx/nginx.conf -g "daemon off;" respawn I get "unknown job" when i try to use initctl to run it, which I just learned apparently means there is an error, ( what's wrong with "Error" to describe errors?) Can someone point me in the right direction ? I've read the documentation , as it is, and it seems kind of sparse for a SysV init replacement... but whatever just need to add this job to the list, run it, and get on with what's left of my life... Any tips? EDIT: initctl version init (upstart 0.6.5)

Read the article

apache generating to many rotatelogs.exe on Windows?

- by Patrick

I'm seeing some odd behavior with Apache's rotatelogs.exe. On one of my servers I'm seeing multiple rotatelogs.exe counting into the 100's. Normally I usually only see 6 which I can rationalize to the 3 logs I have rotating. Does anyone know why this might be happening and how I can prevent it from happening. When the rotatelogs.exe processes get up into the 100's everything slows down and Apache is effectively shutdown because it can't process requests anymore. We are using the following line in our httpd.conf file: ErrorLog "|\"C:/Program Files/Apache2/bin/rotatelogs.exe\" \"C:/Program Files/Apache2/logs/error_log.%Y-%m-%d-%H_%M_%S\" 20M" Thanks in advance for the help!

Read the article

Apache Reverse Proxy server and SSL NTLM SharePoint

- by user50211

Hi, I'm trying to set Apache as proxy server to an internal SharePoint server. I have previously configured Apache to run as a proxy server to export internal webpages and web applications. However, the Sharepoint is using SSL and NTLM authentication, and this is new to me :( I have tried many options, the traffic seems to be forwared as I get the authentication popup window, but when I insert the user/pass, I get back to the same popup window. Anybody has configured Apache to do so? Here is a part of my httpd.conf: <VirtualHost *:443> ServerName repository.out.com SSLProxyEngine On RequestHeader set Front-End-Https "On" ProxyRequests Off ProxyPreserveHost On ProxyPass / https://sharepoint.in.com ProxyPassReverse / https://sharepoint.in.com CacheDisable * SetEnv force-proxy-request-1.0 1 SetEnv proxy-nokeepalive 1 ErrorLog logs/jlanza_log CustomLog logs/jlanza_log common </VirtualHost>

Read the article

OpenLDAP PAM authen does not support SSHA on FreeBSD10

- by suker200

OpenLDAP PAM authen does not support SSHA? Hi everyone, Now, I lost one day to figure out, the reason my FreeBSD10 can not authenticate SSH user via LDAP because pam_ldap and nss_ldap do not support SSHA password when OpenLDAP support SSHA method. I have checked /usr/local/etc/ldap.conf, they just have these pam_password methods: clear, crypt, nds, racf, ad, exop. So, If I switch to CRYPT, I can authenticate successfully. So, IMHO, I will be very appreciative for any point or suggestion from everyone to make my FreeBSD10 PAM support SSHA, is there any way or can not? Infor: Ldap Server (389 DS - Centos) - Ldap client (FreeBSD10) what I have got: authen via Ldap between Centos - Centos (Okie). Centos (Ldap Server) - FreeBSD failed (work if I using crypt) Thank and BR Suker200

Read the article

Running phpmyadmin and suphp

- by thor

I have a Debian Lenny web server. It is running apache2 with libapache2-mod-suphp. Unfortunately, suphp makes impossible to use phpmyadmin, as phpmyadmin is installed in /usr/share/phpmyadmin and owned by root, and suphp disables it's enging in this direcory: $ cat /etc/apache2/mods-enabled/suphp.conf <IfModule mod_suphp.c> AddType application/x-httpd-php .php .php3 .php4 .php5 .phtml suPHP_AddHandler application/x-httpd-php <Directory /> suPHP_Engine on </Directory> # By default, disable suPHP for debian packaged web applications as files # are owned by root and cannot be executed by suPHP because of min_uid. <Directory /usr/share> suPHP_Engine off </Directory> </IfModule> Is there a possibility to enable system phpmyadmin (may be through standard libapache2-mod-php5) while using suphp? How?

Read the article

PureFTPd : ChrootEveryone not working

- by Mistha Noobstha

I have a fresh install of Ubuntu 12.04 with pure-ftpd version 1.0.35-1. I don't use database for the only user I have (ftpuser1 - localuser), but I want to lock him into his home directory. /ftp/ftpuser1 is the home dir of ftpuser1. /etc/pure-ftpd/conf/ChrootEveryone has the yes string and in /etc/default/pure-ftpd-common VIRTUALCHROOT is set to false, but ftpuser1 can freely walk around. My startup line for pure-ftpd looks like this : /usr/sbin/pure-ftpd -l pam -A -8 UTF-8 -O clf:/var/log/pure-ftpd/transfer.log -u 1000 -E -B So there is the "-A" in it for the ChrootEveryone.

Read the article

How can I diagnose a "502 Bad Gateway" response from an Apache/Tomcat configuration?

- by Structure

I just finished up configuring a fairly default configuration of Tomcat. My Apache configuration was pre-existing and post-tomcat it still has no issues. I am using mod_jk to (if I am saying this correctly) interface between Apache and Tomcat and have my conf files setup for my workers, etc. I put my test file (Simply: http://tomcat.apache.org/tomcat-4.1-doc/appdev/sample/web/hello.jsp) into my tomcat/webapps/ directory and then call it via http://localhost/test/hello.jsp. From here Apache returns a "502 Bad Gateway" response. I confirmed this via the Apache logs, but beyond that I have no idea how to diagnose the issue. I assume the 502 is because Tomcat did not respond. I'd like to confirm if Tomcat received the request, but cannot locate the log file. At this point I had thought my installation was complete, so not sure where to go from here. Any input would be appreciated.

Read the article

Apache server doesn't create directory or file under www-data user [duplicate]

- by Harkonnen

This question already has an answer here: What permissions should my website files/folders have on a Linux webserver? 4 answers very newbie to Apache here I installed Apache 2.4 on my Arch server where I installed newznab (a newsgroups indexer). I have noticed that all files newznab needs to create are created under my login user, and not apache default user (www-data). I read here that it's bad security practice to allow www-data to write files. I agree. But as an apache newbie, I would like to know where (in the httpd.conf I suppose ?) the user allowed to write files can be configured, because I want another account to be allowed to write files instead of my main account.

Read the article

Serving static files fails - nginx

- by Sergei

Hi, I've been looking and trying around all night, but without success. I configured nginx to serve my static files and proxy all the other traffic: server { listen 80; server_name mydomain.com; access_log /home/boudewijn/www/bbt/brouwers/logs/access.log; error_log /home/boudewijn/www/bbt/brouwers/logs/error.log; location / { proxy_pass http://127.0.0.1:8080; include /etc/nginx/proxy.conf; } location /media/ { root /home/boudewijn/www/bbt/brouwers/; } } The proxy passing is no problem, but when I go to mydomain.com/media/ or try to access any testfile over there, it's without success. I paid attention to the difference between root and alias, my media folder exists, I paid attention to the trailing slashes, but still I get a 404 when trying to access my static media files. Any help?

Read the article

Debian 6 Internet connection sharing aka IP masquerade not working

- by Rautamiekka

The problem: the computers [Xbox 360 and a Kubuntu 12.04.1 laptop] can't access Internet through a recently-installed desktopless Debian 6 laptop (which is wirelessly connected to a WLAN station) but addresses are successfully given by dnsmasq. The attempts: 1.1) /etc/dnsmaq.conf conffed according to http://wiki.debian.org/HowTo/dnsmasq: add lines interface=eth0 dhcp-range=192.168.0.50,192.168.0.150,255.255.255.0,12h 1.2) Follow http://www.cyberciti.biz/faq/rhel-fedora-linux-internet-connection-sharing-howto/ and use their script to setup iptables. 2) Follow the Ubuntu Internet Gateway Method (iptables) at https://help.ubuntu.com/community/Internet/ConnectionSharing recommended and which worked at Share internet in Linux. The Debian laptop was rebooted many times and between each attempt, with and without the script auto-executing via /etc/rc.local. While adding the iptables-restore command to that file I disabled the script.

Search Results

Search found 4864 results on 195 pages for 'resolv conf'.

Page 119/195 | < Previous Page | 115 116 117 118 119 120 121 122 123 124 125 126 | Next Page >

- by orokusaki

- by luison

- by Creighton Hale

- by borjamf

- by nbolton

- by WalterJ89

- by user740010

- by pianisteg

- by KARASZI István

- by Jon H

- by Steven Rosato

- by Christopher Wilson

- by Desmond Hume

- by Anthony

- by Josh Smeaton

- by Chiggsy

- by Patrick

- by user50211

- by suker200

- by thor

- by Mistha Noobstha

- by Structure

- by Harkonnen

- by Sergei

- by Rautamiekka

< Previous Page | 115 116 117 118 119 120 121 122 123 124 125 126 | Next Page >