Search Results

Search found 27515 results on 1101 pages for 'embedded linux'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 459/1101 | < Previous Page | 455 456 457 458 459 460 461 462 463 464 465 466  | Next Page >

  • File permissions on web server

    - by plua
    I have just read this useful article on files permissions, and I am about to implement a as-strict-as-possible file permissions policy on our webserver. Our situation: we have a web server accessed through sftp by different users from within our company, and we have the general public accessing Apache - sometimes uploading files through PHP. I distinguish folders and files by their use. So based on this reading, here is my plan: All people who need to upload files will have separate users. But all of those users will belong to two groups: uploaders, and webserver. Apache will belong to the group webserver. Directories Permission: 771 Owner: user:uploaders Explanation: to access files in the folder, everybody needs to have execute permission. Only uploaders will be adding/removing files, so they also get r+w permission. Files within the web-root Permission: 664 Owner: user:uploaders Explanation: they will be uploaded and changed by different users, so both owner and group need to have w+r permissions. Webserver needs to only read files, so r permission only. Upload-directories Permission: 771 Owner: user:webserver Explanation: when files need to be uploaded, Apache needs to be able to write to this directory. But I figure it is safer to change the owner to webroot, thus giving Apache sufficient privileges (and all uploaders also belong to this group and will have the same permissions), while safeguarding from "others" writing to this folder. Uploaded files Permission: 664 Owner: user:webserver Explanation: after uploading Apache might need to delete files, but this is no problem because they have w+r permission of the folder. So no need to make this file any more accessible than r access for group. Being not an expert on file permissions, my question is whether or not this is the best possible policy for our situation? Any suggestions welcome.

    Read the article

  • DHCP server inside a virtual machine can't see other machines

    - by William
    Hi, I setup a private network from virtual machines and one of the machines is the DHCP server for the group. I want to specify a next-server for the DHCP server but I'm having trouble connecting to any of the machines that I lease IPs to. I'm just trying to do a simple ping/ssh to 10.0.0.252 (a machine with a lease) but it doesn't seem to respond. Any advice? I'm assuming I need to be able to connect to my next-server but maybe I'm wrong. Thanks.

    Read the article

  • How to restrict all services to single domain in Ubuntu?

    - by harold
    Someone has pointed an unknown domain to my server's IP address likely via A records. I would like to reject access to ALL services (httpd, ssh, mail, etc.) from this domain and only allow requests from my domain. I want to make it so when I connect to that domain it's completely rejected from my server. I can disallow access from HTTP by changing my web server settings, but I want to do this for every single type of connection. How can I do this?

    Read the article

  • Allow outgoing connections for DNS

    - by Jimmy
    I'm new to IPtables, but I am trying to setup a secure server to host a website and allow SSH. This is what I have so far: #!/bin/sh i=/sbin/iptables # Flush all rules $i -F $i -X # Setup default filter policy $i -P INPUT DROP $i -P OUTPUT DROP $i -P FORWARD DROP # Respond to ping requests $i -A INPUT -p icmp --icmp-type any -j ACCEPT # Force SYN checks $i -A INPUT -p tcp ! --syn -m state --state NEW -j DROP # Drop all fragments $i -A INPUT -f -j DROP # Drop XMAS packets $i -A INPUT -p tcp --tcp-flags ALL ALL -j DROP # Drop NULL packets $i -A INPUT -p tcp --tcp-flags ALL NONE -j DROP # Stateful inspection $i -A INPUT -m state --state NEW -p tcp --dport 22 -j ACCEPT # Allow established connections $i -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT # Allow unlimited traffic on loopback $i -A INPUT -i lo -j ACCEPT $i -A OUTPUT -o lo -j ACCEPT # Open nginx $i -A INPUT -p tcp --dport 443 -j ACCEPT $i -A INPUT -p tcp --dport 80 -j ACCEPT # Open SSH $i -A INPUT -p tcp --dport 22 -j ACCEPT However I've locked down my outgoing connections and it means I can't resolve any DNS. How do I allow that? Also, any other feedback is appreciated. James

    Read the article

  • Barnyard Service - MySQL Error

    - by SLYN
    I installed barnyard2 and saved as a service. When I run service barnyard2 start, Barnyard2 is failed. After I run tail -100 /var/log/messages and I encounter a fault like this. ERROR database: 'mysql' support is not compiled into this build of snort#012 Aug 22 11:52:06 barnyard2[25771]: FATAL ERROR: If this build of barnyard2 was obtained as a binary distribution (e.g., rpm,#012or Windows), then check for alternate builds that contains the necessary#012'mysql' support.#012#012If this build of barnyard2 was compiled by you, then re-run the#012the ./configure script using the '--with-mysql' switch.#012For non-standard installations of a database, the '--with-mysql=DIR'#012syntax may need to be used to specify the base directory of the DB install.#012#012See the database documentation for cursory details (doc/README.database).#012and the URL to the most recent database plugin documentation. Aug 22 11:52:06 barnyard2[25771]: Barnyard2 exiting What sould I do for solving this problem? When I installed Barnyard2, I used these commands: # ./configure --with-mysql --with-mysql-libraries=/usr/lib64/mysql # make ; make install (My System is CentOS 6.5 x86_64.)

    Read the article

  • Running two Magentos installations, one of which has 3 stores set up as multi-store. Which server?

    - by Pedro Peixoto
    I want to run 4 Magento stores in 2 different installations. 1 is a standalonne installation with 3 languages. The other is a multi-store with 3 different online stores in different domains. At the moment we have a VPS with 1GB memory, would that be enough? I ask because I've finished the standalone store and already put it online, and the server is already running on 62% memory. The ideal would be that this is enough as my company wouldn't like to move to a Dedicated Server (as it involves costs). I'm sure I can try to optimize Magento to run on lower memory (I'm expecting visits averaging 2000/day on all sites), if I could have some tips on the best way to do that Id appreciate it too.

    Read the article

  • Using screen to monitor non-interactive scripts (or some other solution)

    - by Michael
    I have some autonomous scripts that run commands on remote machines over ssh. These scripts rely on getting stdout, stderr, and the return code of each command run. I want to be able to monitor the progress of the scripts on each target machine so that I can see if something has hung and possibly intervene if necessary. My initial idea was to have the scripts run commands in a screen session, so that the person monitoring could simply attach to the session with screen -x. However, it was hard to do that from a script since screen is an interactive program. I can send a command to the screen session with screen -S session -X stuff "command^M", but then I don't get the output and return code that I need back. My second idea was to put script /path/to/log in ~/.bash_profile and log the entire session to a file. Then the monitoring person could simply tail the log file. However, this doesn't provide the interactivity that I was looking for. Any ideas on how to solve this problem?

    Read the article

  • setting up a samba PDC -error with testparm

    - by Rungano
    Hi guys I have installed a samba PDC but when I test the samba configurations file I am getting errors like these, "Invalid combination of parameters for service homes. Map system can only work if create mask includes octal 010 (S_IXGRP)." My Configuration file is as follows [homes] comment = Home Directories path = /home_srv1/%u valid users = %S read only = No create mask = 0660 directory mask = 0770 browseable = No I tried to google but with no luck, Serverfault is always my best hope. Thanks for helping out.

    Read the article

  • Samba domain controller: remove 1 Windows client

    - by K B
    my domain is controlled by a Samba domain controller running on openSUSE 11.3. It manages other openSUSE boxes and some Windows 7 boxes. Now one harddisk of a Windows 7 computer crashed and I had to reinstall. I wasn't able to get the computer name ("Win26") of the broken PC out of the domain and so I couldn't add the reinstalled "Win26" to the domain again. So how can I remove the entry of the old "Win26" computer out of the domain controller, so that I can add the new "Win26" to the domain again? Is it one configuration file I have to edit and restart Samba? Which file would this be? Thanks in advance for your help! Regards, KB

    Read the article

  • Display CPU usage separately (without root privileges)

    - by synaptik
    I need to display the CPU usage for each processing core on a single shared-memory 12-core (SMP) machine. I don't have access to install htop, else I would simply use that. I don't need fancy graphs or meters, though they would be nice. For example, simply displaying: X X X X X X X X X X X X where each X is the percentage utilization of 1 of the 12 processing cores on my machine. FYI: I know I can simply look at the utilization in "top" and divide that number by the number of cores on my machine, but I prefer a solution that shows each core separately.

    Read the article

  • sendmail appends server name to external domains when relaying

    - by Chris
    My server is set to send all email to a corporate relay server. For the company domain, it works perfectly. I've recently found emails being sent to an outside domain are getting the hostname of my server appended to the email prior to being sent. Here is the log entry for one such attempt. Nov 6 09:46:45 myservername sendmail[45023]: rA6EkjiI045023: [email protected], delay=00:00:00, xdelay=00:00:00, mailer=relay, pri=30590, relay=[127.0.0.1] [127.0.0.1], dsn=2.0.0, stat=Sent (rA6Ekj2g045037 Message accepted for delivery) Nov 6 09:46:45 myservername sendmail[45061]: rA6Ekj2g045037: to=<[email protected]>, delay=00:00:00, xdelay=00:00:00, mailer=relay, pri=120885, relay=relay.company.com [x.x.x.x], dsn=2.0.0, stat=Sent (ok: Message 342335947 accepted) Notice the email address difference between it being accepted by my server for delivery (correct email address), and being sent and accepted by the corporate relay (incorrect with server name appended). To make it more interesting, the application on my server uses email for user account verification/activation. In August, this particular user was able to register his account and activate it. I have made no configuration changes to mail since setting the server up over a year ago. DNS is also a corporate service. I've never touched my /etc/resolv.conf configuration. domain company.com nameserver <ip1> nameserver <ip2> search myservername Thanks!

    Read the article

  • CentOS 6 init script doesn't work properly

    - by user711643
    I'm setting up my ruby production server based on CentOS 6. I need a process called god (which is a process monitoring tool) to start at boot. I'm using an init script that I found here. Just as stated in the guide I ran: chkconfig --add god and then chkconfig --level 345 god on After this if I run "service god start|restart" everything works. It loads the available configurations and brings up the related processes (if they are not running). Problem is it doesn't work at boot. If I reboot the system, then I do "ps -aux | grep god". At this point "god" is running but apparently it didn't load the configuration files. If i run again service god restart, it loads everything without problems. What am I doing wrong?

    Read the article

  • Does anyone know where I could find a 2 input USB voltage meter?

    - by John O
    What we really need is a tiny UPS, of sorts. We'll be hooking up a solar cell and a battery to a single board computer. Currently, that SBC is a custom Pic32 device, and it does it's own UPS and voltage monitoring duties. I've been tasked with trying to replicate all of its features with off the shelf products... and for the most part I've succeeded. But I don't currently have any way to switch between two sources of juice, or monitor when they're getting low. These guys have something: http://www.mini-box.com/picoUPS-100-12V-DC-micro-UPS-system-battery-backup-system I really like it, the price is well within the budget. We might even work it in though it does 12V and I'll probably be using 5V... there are enough engineers on hand to figure out something. But I'd still have no idea what the voltage was for the PV or battery. I was hoping that there was some simple little USB multimeter thing that I could use to monitor this with, but I can't seem to come up with anything. I've found all sorts of cool hardware, but nothing that will help us. Does anyone know of anything?

    Read the article

  • What is the `shadow` group used for?

    - by Shtééf
    On my Ubuntu 9.10 system, there's a shadow system group. There does not appear to be any user assigned to this group at all. The only files that I can find belonging to this group are /etc/shadow and /etc/gshadow. I'm aware that the purpose of these files is to store the passwords separately, out of reach from regular users who still might want to access passwd for other reasons. But what is the purpose of the shadow group? The reason I'm curious about this, is because I'm thinking about configuring nsswitch.conf to store it elsewhere, and would like to know if anything is actually trying to access the shadow database using shadow group credentials.

    Read the article

  • Server market shares

    - by Bill Gray
    here can I find somewhat reliable indications of server market shares, without having to fork out $$$$$ for IDC or Gartner reports? I have considered the W3 statistics, net applications etc, and these are not what I would consider reliable. Is there anything more, that is free?

    Read the article

  • How does Heartbeat determine when to switch to the secondary? Can you force it to switch?

    - by John
    I've been trying to understand exactly how Heartbeat works - I understand how when one server dies, it switches to the backup. But, for me, it also switches when the primary has a large increase in workload. But, it doesn't always switch at the same value. There doesn't seem to much information on the web about how it works. The best I've found is this article. How does Heartbeat determine when to switch to the secondary, and how does it determine when it switch back to the primary? Is this an editable setting, and can I force it to switch between one and the other? Sometimes when Heartbeat will switch to the secondary, it takes a few days or I've even seen two weeks before it switches back to the primary. This is well after the primary traffic has gone down. I'm currently using BlueOnyx, and my Heartbeat settings are: Auto Failback: on Keepalive: 1 seconds Warntime: 10 seconds Deadtime: 20 seconds Initdead: 30 seconds

    Read the article

  • BIND having trouble resolving service.graphicly.com

    - by Keith Burgoyne
    Since about two weeks ago, we haven't been able to resolve service.graphicly.com: dig @192.168.0.12 service.graphicly.com ; <<>> DiG 9.3.4-P1 <<>> @192.168.0.12 service.graphicly.com ; (1 server found) ;; global options: printcmd ;; connection timed out; no servers could be reached Digging on the name servers listed for graphicly.com shows that service.graphicly.com is a CNAME to takecomicsadmin.cloudapp.net. Digging on cloudapp.net's name servers seems to fail: dig @NS1.LIVEDNS.MSFT.NET takecomicsadmin.cloudapp.net ; <<>> DiG 9.3.4-P1 <<>> @NS1.LIVEDNS.MSFT.NET takecomicsadmin.cloudapp.net ; (1 server found) ;; global options: printcmd ;; connection timed out; no servers could be reached Somehow, my home ISP's name servers can resolve service.graphicly.com without issue. Has anyone else noticed this problem? Does anyone know what the cause of this problem could be? Thanks!

    Read the article

  • Autosaving on emacs or xemacs files (preferably on loss of focus)

    - by Spencer
    Ideally I want to replicate with emacs functionality from TextMate, whereby on loss of focus i.e. I click away from the buffer, my file saves. If this isn't possible, I want to customize emacs so that it will autosave the file for every character I write. When I say this I don't mean I want to autosave to the ~ backup files. I want to save the file I am currently working on. I am working on a Fedora VM. Note I am not looking for a backup or autosave. I want the file I am actually in to save, so that if I loaded the html file I am editing in a web browser it would reflect my new changes without me having to explicitly change it.

    Read the article

  • $DISPLAY dependent gtk themes

    - by Vlad Seghete
    I have a computer at home that I log into remotely. The "monitor" for it is a TV, so I want gtk applications to use a large font and icon theme, which I managed to do by editing the ~/.gtkrc-2.0 file and some other similar stuff. What I want to be able to do is have a separate theme for when I'm logging in remotely. The best way to explain is that I would like my gtk theme choice to be dependent on the X display that the application is started on. For example, if I start something on :0.0 then that is the TV and I want large fonts, but if I start it on localhost:10.0 I want to use a regular size font, because it will get rendered on my laptop screen. The elegant solution would be to have some sort of IF statement in the .gtkrc-2.0 file that checks the $DISPLAY variable and behaves accordingly. The problem is I can't find any documentation on control structures in .gktrc files, or if it's even possible to do that.

    Read the article

  • How to troubleshoot this memory usage?

    - by Camran
    I have a classifieds website. I use PHP, MySql, and SOLR. Solr uses a Servlet Container, in my case JETTY, which is java application. I just noticed that something was terribly wrong on my website. I opened the terminal and entered the "top" command and noticed that JAVA was EATING all the cpu and mem. Now I thought "Ok, maybe I need more mem and cpu" So I increased it. But along with the increase the java app started eating more. This has never happened before, and it is either a bug, or a hack of some kind. Anyways, I need to troubleshoot this now, and so I wonder how do I do this? Can I somehow pinpoint exactly when the memory usage started to go up from some error log? How does one troubleshoot this? How do I prevent it? Is it possible to prevent too many requests somehow, if they are within a timeline? Thanks

    Read the article

  • Mark packets across computers?

    - by eudemo
    I use Transmission on Ubuntu and I'm having this issue, which basically says that QoS is broken because there is no way to limit which outgoing ports uses. I was thinking of doing a dirty and ugly hack and create an interface alias and define QoS based on source address, but was wondering if is there another way. Is it possible to mark the packets on the original machine in some way, using the owner and mark modules of iptables and sending this to the router who does the QoS? From what I understand, mark on iptables only applies to the local machine, so this will not work, but is there another way?

    Read the article

  • How to set the laptop screen brightness programatically?

    - by zls
    I'm currently migrating to openbox without gnome session. In unity i can use the vendor keys to set the screen brightness, but in openbox I'm on my own. /sys/class/backlight/acpi_video0/brightness works fine, the problem is that I need sudo to set the brightness and that wouldn't work with keyboard mappings. xbacklight -get/set doesn't do or output anything. I don't really want to use xrandr --brightness. Are there any other options or a way to fix the problems with xbacklight or acpi_video0 ?

    Read the article

  • iptables rule for forwarding outbound traffic

    - by Claudiu
    I am trying to forward the outbound traffic to another server. Current rule is: /sbin/iptables -A OUTPUT -p tcp -s localhost -o 91.xxx.xxx.xxx --dport 65000:65010 -j ACCEPT but when I do a iptables -L, the rule its showed like this: ACCEPT tcp -- localhost.localdomain anywhere tcp dpts:65000:65010 So I guess my rule is bad written since the "destination" column shows "anywhere" Can you help me with this?

    Read the article

  • GRUB2 not detecting OS on raid partitions

    - by sleeves
    I have recently added a drive to a system and have successfully raid'ed (RAID-1) the paritions, with the exception of the boot partition. I have it ready and mirrored, but can't get GRUB2 (update-grub) to find it. System: Ubuntu 11.04 Raid Metadata: 1.2 If I run update-grub, it finds the kernel images on the /dev/sda2 partition (present root) but not the images on /dev/md127. /dev/md127 is composed of "missing" and "/dev/sdb2". fdisk on /dev/sdb confirms that sdb2 is of type fd (raid autodetect) and is also flagged bootable. I have two things I want to do. Make the boot.cfg on /dev/sdb2 have a menu option to have the root be /dev/md127 Install grub onto /dev/md127 so the actual boot.cfg from there is being used. Thanks!

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 455 456 457 458 459 460 461 462 463 464 465 466  | Next Page >