Search Results

Search found 13437 results on 538 pages for 'trusted root certificates'.

Page 344/538 | < Previous Page | 340 341 342 343 344 345 346 347 348 349 350 351  | Next Page >

• Where is IIS7 redirect occuring?

  - by neildeadman

  I have a site that is set up in IIS7 and is working (although I don't understand how). The binding is www.mysite.fr on port 80. In the root of the site there are no files but several folders. The site loads fine but I don't understand how it is loading? If I go to https://www.mysite.fr/ it redirects to https://www.mysite.fr/fr/ which redirects back to https://www.mysite.fr/ So we end up in an endless loop which fails. Using fiddler it is a 301 redirect but I have no idea where this is set! I guess it might be in the website code but as I don't know which file is loaded first, I don't know where to look! Any ideas?? All other sites are working fine...

  Read the article

• Securing php on a shared apache

  - by Jack

  I'm going to install apache+php in a server where two users, A and B, will deploy their website. I'm trying to achieve isolation of users' space for security reasons: that is no scripts from site A should be able to read files in site B. To achieve this I installed suphp. Website files of user A are owned by A:A with perm=700 and user of B are owned by B:B with perm=700. Suphp works great, but apache complains about permissions to read .htaccess. How can I let apache to read .htaccess in every dir of A and B while keeping isolation between site A and site B? I played with ownership (group = www-data) and permissions (750) but I found no way to keep isolation granted. Any idea? Maybe by running apache as root, but in this case are there any drawbacks?

  Read the article

• Linux Centos - Mail Deamon Preferences

  - by Iestyn

  I keep getting emails from root into my inbox, I get about 30 a day which is annoying as hell and I'm wondering how I can filter these emails down so that I only receive the essential emails. I don't want to have an email every single time I log in via SSH, but when you 30-40 a day sometimes it can get pretty annoying. Is there a section in cPanel or WHM where I can tick or un-tick a section to choose which emails I wish to receive? I also get mail deamon bounce email messages which I'd also like to disable. I've looked and looked, but I think I'm either overlooking something simple or I'm looking in the wrong place.

  Read the article

• Cannot install Pecl (Imagick) extension on Centos server - autoconf missing

  - by Stevo

  I'm trying to install the pecl extension Imagick on a centos server, but I'm getting an error about autoconf. Autoconf is installed, as is make and gcc. but it's complaining about the path: [root@server ~]# pecl install imagick downloading imagick-3.0.1.tgz ... Starting to download imagick-3.0.1.tgz (93,920 bytes) .....................done: 93,920 bytes 13 source files, building running: phpize Configuring for: PHP Api Version: 20090626 Zend Module Api No: 20090626 Zend Extension Api No: 220090626 /usr/bin/phpize: /var/tmp/imagick/build/shtool: /bin/sh: bad interpreter: Permission denied Cannot find autoconf. Please check your autoconf installation and the $PHP_AUTOCONF environment variable. Then, rerun this script. ERROR: `phpize' failed What should I do?

  Read the article

• SSH tunnel & Rsync thru two proxy/firewalls

  - by cajwine

  Screnario: [internal_server_1]AA------AB[firewall_1]AC----+ 10.2.0.3-^ ^-10.2.0.2 | internet 10.3.0.3-v v-10.3.0.2 | [internal_server_2]BA------BB[firewall_2]BC----+ Ports AC,BC has valid internet addresses. All systems run linux and have root acces to all. Need securely rsync internal_server_1:/some/path into internal_server_2:/another/path My idea is make ssh secure tunnel between two firewalls, e.g. from firewall_1 firewall1# ssh -N -p 22 -c 3des user2@firewall_2.example.com -L xxx/10.3.0.3/xxxx and after will run rsync from internal_server_1 somewhat like: intenal1# rsync -az /some/path [email protected]:/another/path I don't know how to make a correct ssh tunnel for rsync (what ports need tunnel) and to where i will make the rsync? (remote comp address in case of ssh tunnel) Any idea or pointer to helpfull internet resource for this case? thanx.

  Read the article

• Exchange 2010 Internal Auto Discover Migrate away from current .local DNS name

  - by Bryan

  We have an Exchange 2010 Server, running within our Active Directory domain, with an internal hostname of server.example.local. The server is configured for Exchange anywhere, but currently has a self signed certificate with a name of server.example.local installed. Internally, clients connect and work fine, but externally, we are having certificate errors as you would expect. I'm about to purchase a UCC SSL Certificate to install on the server with all the relevant SANs on the certificate to correct this, but due to obvious problem obtaining a trusted cert with .local as a subject alternative name, I'm looking to configure clients on the internal network so that they don't use any reference to the .local hostname. I've configured our external DNS name for the server as exchange.example.com, and have created an CNAME for autodiscover.example.com which also (correctly) points to exchange.example.com. I've also configured internal DNS records for these two hostnames which point to the internal interface of the same server. I don't anticipate any problems here. I'm now trying to reconfigure Auto Discover internally, so that Outlook attempts to connect to exchange.example.com. I've followed the steps in KB940726 to prepare for this, and this appeared to work fine. No errors were generated and I was able to verify the CAS name in AD using ADSI edit. I've just tried testing this with a newly created test user account complete with a new Exchange mailbox, and Outlook 2007 connects fine on the internal network, but looking deeper in the Exchange profile, Outlook is still resolving the server name as server.example.local. Could it be the self signed cert, that is causing Outlook to display the server name as server.example.local, or is there still something wrong with my internal autodiscover configuration? Edit I've proven it isn't the certificate that is responsible for outlook returning server.example.local, by installing another self certified certificate with a name of test.example.com. When creating a new outlook profile, I get the mismatch error I'm expceting, but after accepting the cert, and finishing the config of the Outlook profile, again it still shows server.example.local as the server name. This means that if I were to purchase the UCC cert now, that external client would work fine, but internal clients would show a certificate name mismatch. Any ideas where to start diagnosing this?

  Read the article

• fstab line for auto mount drive that all users can read/write

  - by evilblender

  I have installed a cable that connects from the CPU's SATA motherboard connection to a removable drives' ESATA connection. I would like to be able to swap drives on the ESATA connection and have all users be able to read and write to these drives. I have created the directory /archive/ where I would like the drive(s) to mount. The drives are all formatted Fat 32 - but in the future I may use HFS for formatting. When I used the command (as root): mount /dev/sdc1 /archive the drive was mounted (but read only) What can I use in my /etc/fstab file that will allow drives to be mounted and unmounted by all users on the system? (both reading and writing) Also, will I be able to mount and unmount these drives without shutting down? or will I need to reboot every time I want to change drives? Thank you. Jeff

  Read the article

• failed to use mutt to send mail to company mailbox

  - by Acewind

  I'm using mutt&postfix on CentOS 6.2: mutt-1.5.20-2.20091214hg736b6a.el6_1.1.x86_64 postfix-2.6.6-2.2.el6_1.x86_64 When I try to send mail to my company mailbox, I receive an error: mutt -s "test" [email protected] < /home/mail.txt error from postfix: : host out1.ourcompany.com[10.30.17.100] said: 555 Syntax error (in reply to MAIL FROM command) Then I try to use service sendmail as SMTP server, but also failed: **----- The following addresses had permanent fatal errors ----- (reason: 555 Syntax error) ----- Transcript of session follows ----- ... while talking to out1.ourcompany.com.: MAIL From: SIZE=667 <<< 555 Syntax error 554 5.0.0 Service unavailable** Any body can tell me why? Thanks!!!! I can make sure DNS is OK, and I set realname "root@myserver" in /etc/Muttrc

  Read the article

• Need to set mailx variable to specify the From address

  - by user256817

  Running Oracle Linux 5.8 (which is just re-branded RedHat EL 5.8) I must change the From address. But we have scripts that use mailx which cannot be re-written to use any extra flags, so I'd like to use internal variables instead, which I see on the linux.die.net manpage on mailx is an alternative to the -r flag: -r address Sets the From address. Overrides any from variable specified in environment or startup files. Tilde escapes are disabled. The -r address options are passed to the mail transfer agent unless SMTP is used. This option exists for compatibility only; it is recommended to set the from variable directly instead. (Source: http://linux.die.net/man/1/mailx) How can we use these mailx variables? I tried adding this to /root/.mailrc, no go: set [email protected] I also added that to /etc/mail.rc with no gold. So I am turning to you, SuperUsers...

  Read the article

• Newly added virtualhost not working, domain points to /var/www/

  - by Morgan

  I've had no problem with vhosts before, but for some reason this one isn't pointing to the right document root. The domain is pointing to the correct IP, apache sees no errors with the config file in sites-available, yet it just isn't pointing correctly. Here is the vhost config for the domain: <VirtualHost *80> ServerAdmin [email protected] ServerName mydomain.info ServerAlias www.mydomain.info DirectoryIndex index.html DocumentRoot /var/www/vhosts/mydomain.info/htdocs LogLevel warn ErrorLog /var/www/vhosts/mydomain.info/log/error.log CustomLog /var/www/vhosts/mydomain.info/log/access.log combined </VirtualHost> For the record, I am running Apache2 on Ubuntu 12.10

  Read the article

• How to revert to "last known good configuration"

  - by Ripley

  Hi Guys. I failed to install ubuntu 10.04 with WUBI, for some reason it's showing me the root partion is not defined. I'm bored to fight with it so I just removed ubuntu in windows. However this installation made my original Windows XP cripple, a normal boot will end up with a blue screen, error code 7E, I'm still able to boot with the 'last known good configuration' tho. My understanding is booting like this will recover things and I'm supposed to be good when reboot, while this is not the case for me, I have to choose the 'boot from last known good configuration' each and every time to work around the blue screen. Could you suggest how could I resolve this? I feel it's foolish having to waste 10 more seconds each time starting the OS.

  Read the article

• Cannot install 64-bit version of Visio due to Microsoft Office Single Image 2010

  - by Ryan Kohn

  I tried to install Visio on Windows 7, but I received the below error message. You cannot install the 64-bit version of Office 2010 because you have 32-bit Office products installed. These 32-bit products are not supported with 64-bit installations: Microsoft Office Single Image 2010 If you want to install 64-bit Office 2010, you must uninstall all 32-bit Office products first, and then run setup.exe in the x64 folder. If you want to install 32-bit Office 2010, close this Setup program, and then either go to the x86 folder at the root of your CD or DVD and run setup.exe, or get the 32-bit Office 2010 from the same place you purchased 64-bit Office 2010. I cannot find Microsoft Office Single Image 2010 in the programs list, so I tried to use Microsoft's Fix It to remove the software, but this doesn't resolve my issue.

  Read the article

• Adding user to chroot environment

  - by Neo

  I've created a chroot system in my Ubuntu using schroot and debrootstrap, based on minimal ubuntu. However whenever I can't seem to add a new user into this chroot environment. Here is what happens. I enter schroot as root and add a new user.(Tried both adduser and useradd commands) The username lists up in /etc/passwd file and I can 'su' into the new user. So far so good. When I log out of schroot, and re-enter schroot, the user I created has vanished!! There is no mention of that user in /etc/passwd either. How do I make the new user permanent?

  Read the article

• How to recover C:\Users folder

  - by Matías Fidemraizer

  Today I was moving C:\Users to another partition using symlink method. I had the great idea of making the symlink from C:\Users = U:\, instead of C:\Users = U:\Users. Sadly, I've deleted the original "Users" folder and now, when I try to login, it says that The User Profile Service failed the logon. Maybe I'm wrong, but this is because the root directory of user profiles isn't the system one, so now when I create C:\Users, I can't log into Windows and I get the above error message. How can create a new C:\Users directory and workaround the problem? Thank you in advance!

  Read the article

• rsync - How to exclude one .htaccess but not all of them

  - by Cory Gagliardi

  I have an rsync command for copying my files from dev to production. I don't want to copy the .htaccess file that's in the root of the HTML directory but, I do want to copy the few .htaccess files that are in its sub directories. I'm using the argument --exclude .htaccess which is stopping all of the files from getting copied. The other arguments I'm including are -a --recursive --times --perms. Is it possible to configure rsync to do this? Edit: Here is my full command: rsync -a --recursive --times --perms \ --exclude prop_images --exclude tracking --exclude vtours \ --exclude .htaccess --exclude .htaccess_backup --exclude "*~" \ /home/user/dev_html/* /home/user/public_html/

  Read the article

• Not able to apt-get update from terminal, what to do now?

  - by Utkarsh

  Whenever I try to update from terminal, I get this error: root@Utkarsh[utkarsh]#apt-get update Hit http://packages.bosslinux.in anokha Release.gpg Hit http://packages.bosslinux.in anokha Release Hit http://packages.bosslinux.in anokha/contrib Sources Hit http://packages.bosslinux.in anokha/non-free Sources Hit http://packages.bosslinux.in anokha/main Sources Hit http://packages.bosslinux.in anokha/contrib i386 Packages Hit http://packages.bosslinux.in anokha/non-free i386 Packages Hit http://packages.bosslinux.in anokha/main i386 Packages Ign http://packages.bosslinux.in anokha/contrib Translation-en_US Ign http://packages.bosslinux.in anokha/contrib Translation-en Ign http://packages.bosslinux.in anokha/main Translation-en_US Ign http://packages.bosslinux.in anokha/main Translation-en Ign http://packages.bosslinux.in anokha/non-free Translation-en_US Ign http://packages.bosslinux.in anokha/non-free Translation-en Reading package lists... Done W: Duplicate sources.list entry http://packages.bosslinux.in/boss/ anokha/main i386 Packages (/var/lib/apt/lists/packages.bosslinux.in_boss_dists_anokha_main_binary-i386_Packages) W: Duplicate sources.list entry http://packages.bosslinux.in/boss/ anokha/contrib i386 Packages (/var/lib/apt/lists/packages.bosslinux.in_boss_dists_anokha_contrib_binary-i386_Packages) W: Duplicate sources.list entry http://packages.bosslinux.in/boss/ anokha/non-free i386 Packages (/var/lib/apt/lists/packages.bosslinux.in_boss_dists_anokha_non-free_binary-i386_Packages) W: You may want to run apt-get update to correct these problems

  Read the article

• Windows PE 3.0 detect what device it was booted from

  - by Brian

  I am creating a custom boot disk for work using Windows PE 3.0. I need to be able to tell what drive the system was booted from. it may be a CD, or a USB Flash drive. In the past, I have looked for a file on the root of the drive that holds some of our custom configuration. however that is getting a bit messy. Basically, in addition to Windows PE, the drive or disk also has other scripts and tools. I need to remount that USB drive or DVD to the U:\ Drive, to keep thing consistent. Basically, Diskpart.exe Select Volume $X assign Letter=U Exit I just need to figure out how to determine that nasty little $X.

  Read the article

• Problem reinstalling GRUB

  - by DisgruntledGoat

  I have a PC that dual-boots Ubuntu and Windows Vista. I recently reinstalled Windows Vista after some problems and now the bootloader's gone. I've been trying to follow this Ubuntu community guide but it's not working. I have Grub Legacy according to the first part (I installed Ubuntu 9.04 originally then upgraded). From the 9.04 LiveCD, I ran this: sudo grub-install --root-directory=/media/disk /dev/sda5 sda5 is the Ubuntu partition. I get this output: grub-probe: error: Cannot open `/boot/grub/device.map` [: 494: =: unexpected operator Installing GRUB to /dev/sda5 as (hd0,4)... Installation finished.No errors reported. This is the contents...(etc) (hd0) /dev/sda In the bit below, when I run setup (hd0) I get an error, "Error 17: Cannot mount selected partition" Little help?

  Read the article

• Can I ping via an arbitrary interface of a DD-WRT system?

  - by bytebuster

  There's a Linksys WRT54GL router with DD-WRT firmware (v23SP2). The network has a simple dual-WAN configuration (standby mode, switching by a script): ~ # ip route 192.168.3.0/24 dev br0 proto kernel scope link src 192.168.3.1 192.168.2.0/24 dev vlan2 proto kernel scope link src 192.168.2.2 192.168.1.0/24 dev vlan1 proto kernel scope link src 192.168.1.67 127.0.0.0/8 dev lo scope link default via 192.168.2.1 dev vlan2 I'm trying to ping a certain server arbitrary via vlan1 or vlan2. What I tried, as suggested here: ping -I vlan2 <address> ping 192.168.2.1 <address> In both cases ping simply exits with no error messages. Also, ping ignores many other parameters, again, by exiting silently. I failed to find any references that DD-WRT has a limited version of ping whatsoever. I also don't think it can be a permissions issue as mentioned here since the only user with DD-WRT is root. What's wrong?

  Read the article

• Getting an boot error when starting computer

  - by Rob Avery IV

  I was in the middle of watching a movie on Netflix, then suddenly everything started crashing. First, explorer.exe closed down, then Google chrome. I had multiple things running in the background (Steam, Raptr, etc.). Individuality, each of those apps closed down also. When they did, a small dialog box popped up for each of them, one at a time, saying that it was missing a file, it couldn't run anymore, or something similar to that. It also had some jumbled up "code" with numbers and letters that I couldn't read. Ever since then, everytime I turn my computer on, it will run for a few seconds and give this error "Reboot and select proper boot device or insert boot media in selected boot device and press a key_". No matter how many times I try to reboot it, it always gives me the same error. A day later after this happened I was able to start the computer, but before it booted, it told me that I didn't shut down the computer properly and asked how I wanted to run the OS (Run Windows in Safety Mode, Run Windows Normally, etc.). Once I logged, everything went SUPER slow and everything crashed almost instantly. The only thing I opened was Microsoft Security Essentials and only got in about two clicks before it was "Not Responding". Then, after that the whole computer froze and I had to restart it. Now, it's back to saying what it originally said, "Reboot and select proper boot device or insert boot media in selected boot device and press a key_". I built this PC back in February 2012. Here are the specs: OS: Windows 7 Ultimate CPU: AMD 8-core GPU: Nvidia GTX Force 560 Ti RAM: 16GB Hard Drive: Hitachi Deskstar 750GB I'm usually very good taking care of my PC. I don't download anything that's not from a trusted site or source. I don't open up any spam email or such or go to any harmful websites like porn or stream movies. I am very clean with the things I do with my PC and don't do many DIFFERENT things with it. I use it pretty often especially for video games and doing homework in Eclipse. Also, good to note that I don't have any Norton or antisoftware installed. I have Microsoft Security Essentials installed but never did a scan. Thanks!

  Read the article

• Is giving read permissions on /etc/shadow to apache user a wise decision from security point of view?

  - by Czar

  I have to use PAM authentication for DAV SVN, but when everything is configured as specified in mod_auth_pam documentation, authentication does not work. After some research I realized, that for this to work, httpd should be running under root user (which I don't like and won't implement) or apache user (under which httpd is running by default) should have permissions to read /etc/shadow file. So there is a pair of questions connected to each other which I want to ask: Is giving this permition to apache user a wise decision from security point of view? If answer to the first question is "yes", what is the correct way to do so? For now I've done following: groupadd shadow usermod -G shadow apache chmod g+r /etc/shadow Another way I can come up with is using acl: setfacl -m u:apache:r /etc/shadow Note: OS is Fedora 14 x86_64 (kernel: 2.6.35.11) httpd v2.2.17 mod_auth_pam v1.1.1

  Read the article

• CentOS - Configuring Puppet to play nice with SELinux

  - by Mike Purcell

  I am running into an issue every time I attempt to start the puppetmasterd service, for which I receive the following error message: root@service1 ~ # -> /etc/init.d/puppetmaster start Starting puppetmaster: Could not prepare for execution: Got 1 failure(s) while initializing: change from absent to directory failed: Could not set 'directory on ensure: Permission denied - /etc/puppet/ssl [FAILED] Apparently there was a known issue with this scenario as outlined in this bug report, however in the bug report it states the issue has been resolved in selinux-policy-3.9.16-29.fc15, but the latest CentOS default upstream version is 3.7.19-155.el6_3.4. So I am trying to figure out the best solution. I can either create a local security policy to allow puppetmasterd the access it needs, or keep researching and install a newer version of selinux-policy outside of the default upstream channel. Anyone have any recommendations? Please don't recommend disabling SELinux... ----- Update ----- Here is the puppet.conf: [main] # The Puppet log directory. # The default value is '$vardir/log'. logdir = /var/log/puppet # Where Puppet PID files are kept. # The default value is '$vardir/run'. rundir = /var/run/puppet # Where SSL certificates are kept. # The default value is '$confdir/ssl'. ssldir = $vardir/ssl [master] certname=puppetmaster.ownij.lan dns_alt_names=puppetmaster.ownij.lan [agent] # The file in which puppetd stores a list of the classes # associated with the retrieved configuratiion. Can be loaded in # the separate ``puppet`` executable using the ``--loadclasses`` # option. # The default value is '$confdir/classes.txt'. classfile = $vardir/classes.txt # Where puppetd caches the local configuration. An # extension indicating the cache format is added automatically. # The default value is '$confdir/localconfig'. localconfig = $vardir/localconfig server=puppetmaster.ownij.lan And here are the denials per the audit log: type=AVC msg=audit(1349751364.985:666): avc: denied { search } for pid=15093 comm="puppetmasterd" name="/" dev=dm-2 ino=2 scontext=unconfined_u:system_r:puppetmaster_t:s0 tcontext=system_u:object_r:home_root_t:s0 tclass=dir type=SYSCALL msg=audit(1349751364.985:666): arch=c000003e syscall=4 success=no exit=-13 a0=1391420 a1=7fffef09ed10 a2=7fffef09ed10 a3=120c500 items=0 ppid=15092 pid=15093 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts1 ses=13 comm="puppetmasterd" exe="/usr/bin/ruby" subj=unconfined_u:system_r:puppetmaster_t:s0 key=(null) type=AVC msg=audit(1349751365.302:667): avc: denied { search } for pid=15093 comm="puppetmasterd" name="/" dev=dm-2 ino=2 scontext=unconfined_u:system_r:puppetmaster_t:s0 tcontext=system_u:object_r:home_root_t:s0 tclass=dir type=SYSCALL msg=audit(1349751365.302:667): arch=c000003e syscall=4 success=no exit=-13 a0=1d18530 a1=7fffef0d04d0 a2=7fffef0d04d0 a3=8 items=0 ppid=15092 pid=15093 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts1 ses=13 comm="puppetmasterd" exe="/usr/bin/ruby" subj=unconfined_u:system_r:puppetmaster_t:s0 key=(null) type=AVC msg=audit(1349751365.465:668): avc: denied { search } for pid=15093 comm="puppetmasterd" name="/" dev=dm-2 ino=2 scontext=unconfined_u:system_r:puppetmaster_t:s0 tcontext=system_u:object_r:home_root_t:s0 tclass=dir type=SYSCALL msg=audit(1349751365.465:668): arch=c000003e syscall=4 success=no exit=-13 a0=1af3930 a1=7fffef0c5c70 a2=7fffef0c5c70 a3=8 items=0 ppid=15092 pid=15093 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts1 ses=13 comm="puppetmasterd" exe="/usr/bin/ruby" subj=unconfined_u:system_r:puppetmaster_t:s0 key=(null) type=AVC msg=audit(1349751365.467:669): avc: denied { search } for pid=15093 comm="puppetmasterd" name="/" dev=dm-2 ino=2 scontext=unconfined_u:system_r:puppetmaster_t:s0 tcontext=system_u:object_r:home_root_t:s0 tclass=dir type=SYSCALL msg=audit(1349751365.467:669): arch=c000003e syscall=4 success=no exit=-13 a0=1b17aa0 a1=7fffef0c5c70 a2=7fffef0c5c70 a3=8 items=0 ppid=15092 pid=15093 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts1 ses=13 comm="puppetmasterd" exe="/usr/bin/ruby" subj=unconfined_u:system_r:puppetmaster_t:s0 key=(null) type=AVC msg=audit(1349751366.401:670): avc: denied { write } for pid=15093 comm="puppetmasterd" name="puppet" dev=dm-0 ino=132035 scontext=unconfined_u:system_r:puppetmaster_t:s0 tcontext=system_u:object_r:puppet_etc_t:s0 tclass=dir type=SYSCALL msg=audit(1349751366.401:670): arch=c000003e syscall=83 success=no exit=-13 a0=2d7a400 a1=1f9 a2=2d7a40f a3=7fffef0a6df0 items=0 ppid=15092 pid=15093 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts1 ses=13 comm="puppetmasterd" exe="/usr/bin/ruby" subj=unconfined_u:system_r:puppetmaster_t:s0 key=(null) And the audit log if I pass through audit2allow: root@service1 ~ # -> fgrep puppetmasterd /var/log/audit/audit.log | audit2allow -m puppetmasterd module puppetmasterd 1.0; require { type home_root_t; type puppetmaster_t; type puppet_etc_t; type puppet_var_run_t; type httpd_sys_content_t; class lnk_file { relabelfrom relabelto }; class file { relabelfrom read getattr open }; class dir { write read search getattr setattr }; } #============= puppetmaster_t ============== allow puppetmaster_t home_root_t:dir { search getattr }; allow puppetmaster_t httpd_sys_content_t:dir read; allow puppetmaster_t httpd_sys_content_t:file { read getattr open }; #!!!! The source type 'puppetmaster_t' can write to a 'dir' of the following types: # puppet_log_t, puppet_var_lib_t, puppet_var_run_t, puppetmaster_tmp_t allow puppetmaster_t puppet_etc_t:dir { write setattr }; allow puppetmaster_t puppet_etc_t:lnk_file { relabelfrom relabelto }; allow puppetmaster_t puppet_var_run_t:file relabelfrom;

  Read the article

• vsFTPd and iptables - how to configure them in CentOS 5.5?

  - by Vincenzo

  I've installed vsFTPd in CentOS 5.5, on TWO servers, and added this rule to their iptable-s: -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 21 -j ACCEPT Looks like this is not enough, since when I'm trying to upload a file from one server to another, I'm getting this result (IP address is masked): # ftp 99.99.99.99 Connected to …com (99.99.99.99). 220 (vsFTPd 2.0.5) Name (99.99.99.99:root): vinny 331 Please specify the password. Password: 230 Login successful. Remote system type is UNIX. Using binary mode to transfer files. ftp> ls 227 Entering Passive Mode (99,99,99,99,107,74) ftp: connect: No route to host I've found a few articles in the net about the second rule I have to add to iptables, but I didn't find the right syntax for it. Could you please help?

  Read the article

• Question about exim4 config syntax

  - by PeterMmm

  I'm trying to send a notification to the sender of a message when a message is send to exactly one address in the local domain ([email protected]). Q1: How would be the syntax for the condition (the above don't work) ? : notify_reply: driver=accept domains = +local_domains senders = ! ^.*-request@.*:\ ! ^bounce-.*@.*:\ ! ^.*-bounce@.*:\ ! ^owner-.*@.*:\ ! ^postmaster@.*:\ ! ^webmaster@.*:\ ! ^listmaster@.*:\ ! ^mailer-daemon@.*:\ ! ^root@.*:\ ! ^noreply@.* condition = ${if eq {$received_for}{[email protected]}} no_expn transport=notify_transport unseen no_verify Q2: How to write multiline string in the config file for "text" ? : notify_transport: driver=autoreply [email protected] to=$sender_address subject=Your mail for text="Please resend your messasge to [email protected] This is a temporary modification."

  Read the article

• Apache 2 UserDir for only one VirtualHost

  - by dentarg

  Is it possible to enable the UserDir Directive for just one VirtualHost rather than have it on for all and then disable it (with "UserDir disable") for each VirtualHost you don't want it on? I have tried by putting this inside a <VirtualHost> and comment out everything in the global config (/etc/apache2/conf.d/userdir.conf). No luck though. <IfModule mod_userdir.c> UserDir public.www UserDir disabled root <Directory /home/*/public.www> AllowOverride FileInfo AuthConfig Limit Indexes Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec <Limit GET POST OPTIONS> Order allow,deny Allow from all </Limit> <LimitExcept GET POST OPTIONS> Order deny,allow Deny from all </LimitExcept> </Directory> </IfModule>

  Read the article

< Previous Page | 340 341 342 343 344 345 346 347 348 349 350 351  | Next Page >