Search Results

Search found 1499 results on 60 pages for 'mr chmod'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 15/60 | < Previous Page | 11 12 13 14 15 16 17 18 19 20 21 22  | Next Page >

  • need help writing puppet module for sssd.conf using Hiera

    - by mr.zog
    I need to build a module to manage /etc/sssd/sssd.conf on our Red Hat VMs. The sssd modules published on the forge don't seem to do what I want, nor do I feel like forking any of them. I want to keep all the configuration data in Hiera's common.yaml file. Below is my sssd.conf file. [sssd] config_file_version = 2 services = nss, pam domains = default [nss] filter_groups = root filter_users = root reconnection_retries = 3 entry_cache_timeout = 300 entry_cache_nowait_percentage = 75 [pam] [domain/default] auth_provider = ldap ldap_id_use_start_tls = True chpass_provider = ldap cache_credentials = True ldap_search_base = dc=ederp,dc=com id_provider = ldap ldap_uri = ldaps://lvldap1.lvs01.ederp.com/ ldaps://lvldap2.lvs01.ederp.com/ ldap_tls_cacertdir = /etc/openldap/cacerts What is the best, most economical way to build the sssd.conf file? Should I have multiple .pp files such as domain.pp, pam.pp etc. or should all the lines of configuration land in init.pp?

    Read the article

  • Set up linux box for secure local hosting a-z

    - by microchasm
    I am in the process of reinstalling the OS on a machine that will be used to host a couple of apps for our business. The apps will be local only; access from external clients will be via vpn only. The prior setup used a hosting control panel (Plesk) for most of the admin, and I was looking at using another similar piece of software for the reinstall - but I figured I should finally learn how it all works. I can do most of the things the software would do for me, but am unclear on the symbiosis of it all. This is all an attempt to further distance myself from the land of Configuration Programmer/Programmer, if at all possible. I can't find a full walkthrough anywhere for what I'm looking for, so I thought I'd put up this question, and if people can help me on the way I will edit this with the answers, and document my progress/pitfalls. Hopefully someday this will help someone down the line. The details: CentOS 5.5 x86_64 httpd: Apache/2.2.3 mysql: 5.0.77 (to be upgraded) php: 5.1 (to be upgraded) The requirements: SECURITY!! Secure file transfer Secure client access (SSL Certs and CA) Secure data storage Virtualhosts/multiple subdomains Local email would be nice, but not critical The Steps: Download latest CentOS DVD-iso (torrent worked great for me). Install CentOS: While going through the install, I checked the Server Components option thinking I was going to be using another Plesk-like admin. In hindsight, considering I've decided to try to go my own way, this probably wasn't the best idea. Basic config: Setup users, networking/ip address etc. Yum update/upgrade. Upgrade PHP/MySQL: To upgrade PHP and MySQL to the latest versions, I had to look to another repo outside CentOS. IUS looks great and I'm happy I found it! Add IUS repository to our package manager cd /tmp wget http://dl.iuscommunity.org/pub/ius/stable/Redhat/5/x86_64/epel-release-1-1.ius.el5.noarch.rpm rpm -Uvh epel-release-1-1.ius.el5.noarch.rpm wget http://dl.iuscommunity.org/pub/ius/stable/Redhat/5/x86_64/ius-release-1-4.ius.el5.noarch.rpm rpm -Uvh ius-release-1-4.ius.el5.noarch.rpm yum list | grep -w \.ius\. # list all the packages in the IUS repository; use this to find PHP/MySQL version and libraries you want to install Remove old version of PHP and install newer version from IUS rpm -qa | grep php # to list all of the installed php packages we want to remove yum shell # open an interactive yum shell remove php-common php-mysql php-cli #remove installed PHP components install php53 php53-mysql php53-cli php53-common #add packages you want transaction solve #important!! checks for dependencies transaction run #important!! does the actual installation of packages. [control+d] #exit yum shell php -v PHP 5.3.2 (cli) (built: Apr 6 2010 18:13:45) Upgrade MySQL from IUS repository /etc/init.d/mysqld stop rpm -qa | grep mysql # to see installed mysql packages yum shell remove mysql mysql-server #remove installed MySQL components install mysql51 mysql51-server mysql51-devel transaction solve #important!! checks for dependencies transaction run #important!! does the actual installation of packages. [control+d] #exit yum shell service mysqld start mysql -v Server version: 5.1.42-ius Distributed by The IUS Community Project Upgrade instructions courtesy of IUS wiki: http://wiki.iuscommunity.org/Doc/ClientUsageGuide Install rssh (restricted shell) to provide scp and sftp access, without allowing ssh login cd /tmp wget http://dag.wieers.com/rpm/packages/rssh/rssh-2.3.2-1.2.el5.rf.x86_64.rpm rpm -ivh rssh-2.3.2-1.2.el5.rf.x86_64.rpm useradd -m -d /home/dev -s /usr/bin/rssh dev passwd dev Edit /etc/rssh.conf to grant access to SFTP to rssh users. vi /etc/rssh.conf Uncomment or add: allowscp allowsftp This allows me to connect to the machine via SFTP protocol in Transmit (my FTP program of choice; I'm sure it's similar with other FTP apps). rssh instructions appropriated (with appreciation!) from http://www.cyberciti.biz/tips/linux-unix-restrict-shell-access-with-rssh.html Set up virtual interfaces ifconfig eth1:1 192.168.1.3 up #start up the virtual interface cd /etc/sysconfig/network-scripts/ cp ifcfg-eth1 ifcfg-eth1:1 #copy default script and match name to our virtual interface vi ifcfg-eth1:1 #modify eth1:1 script #ifcfg-eth1:1 | modify so it looks like this: DEVICE=eth1:1 IPADDR=192.168.1.3 NETMASK=255.255.255.0 NETWORK=192.168.1.0 ONBOOT=yes NAME=eth1:1 Add more Virtual interfaces as needed by repeating. Because of the ONBOOT=yes line in the ifcfg-eth1:1 file, this interface will be brought up when the system boots, or the network starts/restarts. service network restart Shutting down interface eth0: [ OK ] Shutting down interface eth1: [ OK ] Shutting down loopback interface: [ OK ] Bringing up loopback interface: [ OK ] Bringing up interface eth0: [ OK ] Bringing up interface eth1: [ OK ] ping 192.168.1.3 64 bytes from 192.168.1.3: icmp_seq=1 ttl=64 time=0.105 ms Virtualhosts In the rssh section above I added a user to use for SFTP. In this users' home directory, I created a folder called 'https'. This is where the documents for this site will live, so I need to add a virtualhost that will point to it. I will use the above virtual interface for this site (herein called dev.site.local). vi /etc/http/conf/httpd.conf Add the following to the end of httpd.conf: <VirtualHost 192.168.1.3:80> ServerAdmin [email protected] DocumentRoot /home/dev/https ServerName dev.site.local ErrorLog /home/dev/logs/error_log TransferLog /home/dev/logs/access_log </VirtualHost> I put a dummy index.html file in the https directory just to check everything out. I tried browsing to it, and was met with permission denied errors. The logs only gave an obscure reference to what was going on: [Mon May 17 14:57:11 2010] [error] [client 192.168.1.100] (13)Permission denied: access to /index.html denied I tried chmod 777 et. al., but to no avail. Turns out, I needed to chmod+x the https directory and its' parent directories. chmod +x /home chmod +x /home/dev chmod +x /home/dev/https This solved that problem. DNS I'm handling DNS via our local Windows Server 2003 box. However, the CentOS documentation for BIND can be found here: http://www.centos.org/docs/5/html/Deployment_Guide-en-US/ch-bind.html SSL To get SSL working, I changed the following in httpd.conf: NameVirtualHost 192.168.1.3:443 #make sure this line is in httpd.conf <VirtualHost 192.168.1.3:443> #change port to 443 ServerAdmin [email protected] DocumentRoot /home/dev/https ServerName dev.site.local ErrorLog /home/dev/logs/error_log TransferLog /home/dev/logs/access_log </VirtualHost> Unfortunately, I keep getting (Error code: ssl_error_rx_record_too_long) errors when trying to access a page with SSL. As JamesHannah gracefully pointed out below, I had not set up the locations of the certs in httpd.conf, and thusly was getting the page thrown at the broswer as the cert making the browser balk. So first, I needed to set up a CA and make certificate files. I found a great (if old) walkthrough on the process here: http://www.debian-administration.org/articles/284. Here are the relevant steps I took from that article: mkdir /home/CA cd /home/CA/ mkdir newcerts private echo '01' > serial touch index.txt #this and the above command are for the database that will keep track of certs Create an openssl.cnf file in the /home/CA/ dir and edit it per the walkthrough linked above. (For reference, my finished openssl.cnf file looked like this: http://pastebin.com/raw.php?i=hnZDij4T) openssl req -new -x509 -extensions v3_ca -keyout private/cakey.pem -out cacert.pem -days 3650 -config ./openssl.cnf #this creates the cacert.pem which gets distributed and imported to the browser(s) Modified openssl.cnf again per walkthrough instructions. openssl req -new -nodes -out dev.req.pem -config ./openssl.cnf #generates certificate request, and key.pem which I renamed dev.key.pem. Modified openssl.cnf again per walkthrough instructions. openssl ca -out dev.cert.pem -config ./openssl.cnf -infiles dev.req.pem #create and sign certificate. cp dev.cert.pem /home/dev/certs/cert.pem cp dev.key.pem /home/certs/key.pem I updated httpd.conf to reflect the certs and turn SSLEngine on: NameVirtualHost 192.168.1.3:443 <VirtualHost 192.168.1.3:443> ServerAdmin [email protected] DocumentRoot /home/dev/https SSLEngine on SSLCertificateFile /home/dev/certs/cert.pem SSLCertificateKeyFile /home/dev/certs/key.pem ServerName dev.site.local ErrorLog /home/dev/logs/error_log TransferLog /home/dev/logs/access_log </VirtualHost> Put the CA cert.pem in a web-accessible place, and downloaded/imported it into my browser. Now I can visit https://dev.site.local with no errors or warnings. And this is where I'm at. I will keep editing this as I make progress. Any tips on how to configure SSL email would be appreciated.

    Read the article

  • RHEL 5.2 installing on ProLiant BL460c - hangs at 'now booting the kernel'

    - by Dr Rocket Mr Socket
    As the title states, I have a problem. This server and the installation disc are also on the other side of the world to me so... So far, I have tried to start the install with the parameters: linux text noapic noacpi no=apic no=acpi which results in the same hang. I have also disabled a PCI ethernet adapter, I am uneasy about disabling the onboard ethernet adapter I do not know if ILO uses this. Anyone have any advice? Much appreciated. EDIT: full output after trying to begin the installation. boot: linux text Loading initrd.img.................. Loading vmlinuz....... Uncompressing Linux...done. Now booting the kernel stays on this for hours EDIT2: adding the 'mem=40960M' (server has 40 gigs of ram) parameter allows it to proceed but the following output directly after 'Now booting the kernal' Memory: sized by int13 0e801h initrd extends beyond end of memory (0x00ef2090 > 0x00000000) disabling initrd Console: 16 point font, 400 scans Console: colour VGA+ 80x25, 1 virtual console (max 63) pcibios_init : BIOS32 Service Directory Structure at 0x000ffee0 pcibios_init : BIOS32 Service Directory entry at 0xf0000

    Read the article

  • Can't open Windows firewall?

    - by Mr. Noob.
    I accidentally opened a virus on my windows XP, now i can't open the Windows firewall. Control Panel Click on Windows firewall Gives me this error - "Unable to display Windows Firewall settings due to an unidentified problem" What shall i do? (Sorry for my poor english)

    Read the article

  • PS/2 and USB Keyboard is not working !!

    - by Mr-Right
    hello, let me make is clear that it is a different question from other related questions already posted here. Here is the scenario,No OS is installed in Computer. I am trying to install windows xp professional but due to keyboard failure I can't make it. PS/2 keyboard is not working at all. USB keyboard is working only before POST,I can work in BIOS. As soon as it starts booting from CD disc,keyboard fails to respond. And I can't go ahead from this message Press any key to boot from CD......

    Read the article

  • Ctrl Button Sticks

    - by Mr Shoubs
    I am running windows XP, I have a MS Natural Erganomic Keyboard 4000 v1.0, now and again the Ctrl button will stick (not physically), usually in the process of changing to a different window. It happens around 6 or 7 times a day. Really annoying. I've changed Keyboards (same type). Anyone know how to prevent this from happening?

    Read the article

  • Basic clarification about Limited FTP/sFTP users

    - by mattewre
    I would like to get some clarification about the correct way to create limited users to access to my VPS user as WEBSERVER with Nginix. I'm used to NOT install FTP and access via SFTP only. It is ok for every set up? this is what I usually do from to create a limited user called "admin" that should be able to have access via SFTP to the folder with the website data mkdir -p /var/www/mysite.com/ adduser admin adduser admin www-data chown -R root:root /var/www chmod -R 755 /var/www chmod -R 755 /var/www/mysite.com chown -R admin:www-data /var/www/mysite.com/ It seems not to be the correct way, I always have problems with permission when I upload some files (for example with Wordpress in general). I would like to create an user that does work exactly as the one that the "provides" give to their client when they buy an Hosting service (that is a FTP, I would prefer SFTP access). It is for personal user, but I think that a limited user is a lot safer to use then the "root" via SFTP.

    Read the article

  • Ctrl Button Sicks

    - by Mr Shoubs
    I am running windows XP, I have a MS Natural Erganomic Keyboard 4000 v1.0, now and again the Ctrl button will stick (not physically), usually in the process of changing to a different window. It happens around 6 or 7 times a day. Really annoying. I've changed Keyboards (same type). Anyone know how to prevent this from happening?

    Read the article

  • Ctrl Button Sicks

    - by Mr Shoubs
    I am running windows XP, I have a MS Natural Erganomic Keyboard 4000 v1.0, now and again the Ctrl button will stick (not physically), usually in the process of changing to a different window. It happens around 6 or 7 times a day. Really annoying. I've changed Keyboards (same type). Anyone know how to prevent this from happening?

    Read the article

  • Can I bridge two wired networks with a Netgear WG602 (v4)

    - by Mr. Flibble
    I have two networks and I want to join them. Only one has a router. The other is currently just a bunch of computers joined via a switch. So it looks a little like this: 1. Router + comp1 + comp2 + wireless ap 2. comp3 + comp4 + Netgear WG602 Is it possible to use the WG602 to connect to the WIFI of the main network (the one with the router) and connect via wire to the 2nd network - therefore allowing the computers on network 2 to use the router on network 1?

    Read the article

  • Mac OS X Snow Leopard: permissions changed on /var results in dns lookup issues

    - by Ivan
    I was attempting to solve an issue ("/var/log/msmtp.log: permissions denied" error when attempting to send mail using msmtp) when I did this: > chmod -R 770 /var After that, my machine would not resolve domain names via cURL. (ping also fails) But, oddly, I can enter domain names into Safari and visit any web pages w/o a problem... I'm actually not sure if the chmod command is the cause of the problem, but I suspect it is. Also, if I ls -l on /var (or /private/var) it doesn't seem that any of the subdirectories or files there actually changed permission, but there are many, so I can't say that conclusively... Incidentally, I fixed the original error (msmtp.log permission denied) by setting TMPDIR=/tmp in my local environment (bash). Now the error goes away, but I get this error: msmtp: cannot locate host domainname.org: nodename nor servname provided, or not known Any ideas about how to go about getting DNS working again?

    Read the article

  • SFTP permission denied on files owned by www-data

    - by Charles Roper
    I have a pretty standard server set up running Apache and PHP. An app I am running creates files and these are owned by the Apache user www-data. Files that I upload via SFTP are owned by my own user charlesr. All files are part of the www-data group. My problem is that I cannot modify or overwrite any of the files via SFTP which are owned by www-data, even though charlesr is part of the www-data group. I can modify the files no problem via a SSH session. So I'm not sure what to do. How do I give my SFTP session permissions to modify www-data owned files? For a bit of background, these are the notes I wrote for myself when setting-up the server: Now set up permissions on `/var/www` where your files are served from by default: $ sudo adduser $USER www-data $ sudo chgrp -R www-data /var/www $ sudo chmod -R g+rw /var/www $ sudo chmod -R g+s /var/www Now log out and log in again to make the changes take hold. The previous set of commands does the following: 1. adds the current user ($USER) to the `www-data` group; 2. changes `/var/www` to belong to the `www-data` group; 3. adds read/write permissions to the group that `/var/www` belongs to; 4. sets the SGID bit on `/var/www`; this final point bears some explaining. And then I go on to explain to myself what setting the SGID bit means (i.e. all files created in /var/www become part of the www-data group automatically). Btw, nothing feels sweeter than going back and reading your own detailed notes on the what, how and why of your own server set up when trying to troubleshoot like this - I recommend it highly to all beginners like myself :-)

    Read the article

  • How do I force specific permissions for new files/folders on Linux file server?

    - by humble_coder
    I'm having an issue with my install of Ubuntu 9.10 (file server) and its samba permissions. Logging in and reading works fine. However, creation of new directories by users restricts access for other users. For instance, if Bob (Windows user who maps the drive) creates a folder in the directory, Jane (Mac user that simply smb mounts) can read from it, but can't write to it -- and vice versa. I then must go CHMOD 777 the directory for everyone to be happy. I've tried editing the "create/directory mask", and "force" options in the smb.conf file but this doesn't seem to help. I'm about to resort to CRONTABing a recursive chmod routine, although I'm sure this isn't the fix. How do I get all new items to always be 777? Does anyone have any suggestions to fix this ever-occurring situation? Best

    Read the article

  • Incompatible group permissions in Linux - Is it a bug?

    - by Sachin
    I am on Ubuntu 11.04. I am creating another user and placing an existing user in the group of other user, hoping to write in the home directory of other user. # uname -a Linux vini 2.6.38-11-generic #50-Ubuntu SMP Mon Sep 12 21:18:14 UTC 2011 i686 athlon i386 GNU/Linux # whoami sachin # su root # useradd -m -U foo // create user foo # usermod -a -G foo sachin // add user `sachin' to group `foo' # chmod 770 /home/foo/ # exit # whoami sachin # cd /home/foo/ bash: cd: /home/foo/: Permission denied # groups sachin sachin : sachin foo This is totally weird. Though user sachin is in group foo, and group bits for /home/foo/ is set to rwx, sachin can't chdir to /home/foo/. I am not able to understand this. But, if at the exit step, I switch to sachin user from root, this is what happens: # uname -a Linux vini 2.6.38-11-generic #50-Ubuntu SMP Mon Sep 12 21:18:14 UTC 2011 i686 athlon i386 GNU/Linux # whoami sachin # su root # useradd -m -U foo // create user foo # usermod -a -G foo sachin // add user `sachin' to group `foo' # chmod 770 /home/foo/ # su sachin # whoami sachin # cd /home/foo/ # ls examples.desktop Now, whatever is happening here is totally incomprehensible. Does su sachin inherits some permissions from the root user at this step? Any explanations would be much appreciated.

    Read the article

  • OpenLDAP RHEL 6

    - by AndyM
    Hi all I've been configuring OpenLDAP on RHEL 6 and its seems you have run the following to rebuild the config dirs. I'm ok with that , but my issues is , say I want to change the server passwd , do I have to go through the whole process every time I change the config ? Is there a way of changing the slapd config after its been built using the RHEL6 method ? below is the advice I've found on the net from http://www.linuxtopia.org/online_books/rhel6/rhel_6_migration_guide/rhel_6_migration_ch07s03.html This example assumes that the file to convert from the old slapd configuration is located at /etc/openldap/slapd.conf and the new directory for OpenLDAP configuration is located at /etc/openldap/slapd.d/. Remove the contents of the new /etc/openldap/slapd.d/ directory: rm -rf /etc/openldap/slapd.d/* Run slaptest to check the validity of the configuration file and specify the new configuration directory: slaptest -f /etc/openldap/slapd.conf -F /etc/openldap/slapd.d Configure permissions on the new directory: chown -R ldap:ldap /etc/openldap/slapd.d chmod -R 000 /etc/openldap/slapd.d chmod -R u+rwX /etc/openldap/slapd.d

    Read the article

  • Best and Proper Permissions Settings for Directory

    - by Dr. DOT
    I am interested in knowing the proper, yet security-conscious settings for a directory. Here's my scenario: I have a username for FTP access to my server called "user". For the purpose of the scenario, PHP runs as "nobody" on my server. I have a directory off the document root called "sample". The "sample" directory is chmod'd at 0755 (drwxr-xr-x) "Sample" is owned by "user" and the group is set to "user" The above is all very straight forward and standard. So I want to have a script be able to create (mkdir) and delete (rmdir) directories under "sample". Yet, I don't want to obviously overly expose my server by opening up the permissions (I could easily chmod sample to 0777 and make it world write-able). What is the best combination of permissions, owner settings and/or group settings to allow my script to create and delete directories under "sample" while retaining the ability for "user" to continue to FTP into the directory? Thanks.

    Read the article

  • Why does sharepoint claim not enougth disk space for backup when there is lots availalbe?

    - by Mr Shoubs
    I'm trying to run the following command: Backup-SPFarm -Directory E:\Backups -BackupMethod full -Verbose However it errors saying there isn't enough disk space... the backup will be about 1.8Gb in size, I have 27.52GB free, so why does it think I need 30Gb? VERBOSE: Leaving BeginProcessing Method of Backup-SPFarm. VERBOSE: Performing operation "Backup-SPFarm" on Target "SHAREPOINTSERV". Backup-SPFarm : There is not enough disk space. Free additional space on your h ard disk and then try again. Approximate amount of space needed: 30.12 GB. Amou nt of space free on disk: 27.52 GB. At E:\Backups\Script\BackupSharePointFarm.ps1:3 char:14 + Backup-SPFarm <<<< -Directory E:\Backups -BackupMethod full -Verbose + CategoryInfo : InvalidData: (Microsoft.Share...mdletBackupFarm: SPCmdletBackupFarm) [Backup-SPFarm], SPException + FullyQualifiedErrorId : Microsoft.SharePoint.PowerShell.SPCmdletBackupFa rm VERBOSE: Leaving ProcessRecord Method of Backup-SPFarm. VERBOSE: Leaving EndProcessing Method of Backup-SPFarm.

    Read the article

  • prevent sleep in scripts

    - by Mr Fooz
    Is there a way to prevent Windows from going into sleep mode while running a program on the command line or with cygwin? Ideally, I'm hoping for something that could be used like: nosleep myscript.sh Background Sometimes I start up long-running jobs like a manual backup or large file transfers and I've found that Windows often goes to sleep before these finish. I'd like to be able to start up the command and prevent sleep mode while the command is running, but have it automatically work again once the command has completed.

    Read the article

  • Browsing Pictures on a Mac

    - by Mr Woody
    Hi. After many years using linux, I decided to buy a mac. Now my main problem is: how do I synchronize pictures within my linux machines and the mac? I have been using digikam in linux, and I like it because I can just browse the pictures directly from my directories (and it is easy for me to keep directories synchronized within mac and linux). I have been testing iphoto and aperture, which are quite nice but if use them, my understanding is that I have to import all the pictures into these softwares, and this doesn't seem to be the ideal solution for me. I tried picasa, but I don't find it as good as iphoto and aperture. On the other hand it allows me to browse directories, without having two copies of the same pictures. I didn't try lightroom yet, would that be a good solution? I would appreciate any suggestion on this. Thanks!

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 11 12 13 14 15 16 17 18 19 20 21 22  | Next Page >