Search Results

Search found 89612 results on 3585 pages for 'sof user'.

Page 2061/3585 | < Previous Page | 2057 2058 2059 2060 2061 2062 2063 2064 2065 2066 2067 2068 | Next Page >

Better Method of Opening TTY Permissions

- by VxJasonxV

At work, I have a few legacy servers that I log into as root, and then su down to a user. I continue to run into an issue where after doing so, I am unable to run screen as this user. I don't want to open screen as root, because then I have to consciously su down the user every new shell, and I often forget. The question is, is there an easier resolution to this than I'm currently aware of? My current solution is to find my terminal pts number, then set it chmod 666. I'm looking for something akin to X11's xhost ACL management, if such a thing exists for this situation.

Read the article
How do I use long names to refer to Group Managed Service Accounts (gMSA)?

- by Jason Stangroome

Commonly domain user accounts are used as service accounts. With domain user accounts, the username can easily be as long as 64 characters as long as the User Principal Name (UPN) is used to refer to the account, eg [email protected]. If you still use the legacy pre-Windows 2000 names (SAM) you have to truncate it to ~20 characters, eg mydomain\truncname. When using the New-ADServiceAccount PowerShell cmdlet to create a new Group Managed Service Account (gMSA) and a name longer than 15 characters is specified, an error is returned. To specify a longer name, the SAM name must be specified separately, eg: New-ADServiceAccount -Name longname -SamAccountName truncname ... To configure a service to run as the new gMSA, I can use the legacy username format mydomain\truncname$ but using usernames with a maximum of 15 characters in 2013 is a smell. How do I refer to a gMSA using the UPN-style format instead? I tried the longname$@domainfqdn approach but that didn't work. It also seems that the gMSA object in AD doesn't have a userPrincipalName attribute value specified.

Read the article
Can't connect using Jail SFTP account

- by Fazal

I've been following this tutorial "Limiting Access with SFTP Jails on Debian and Ubuntu" and whilst I've had no errors setting it up, I've had issues on Ubuntu 10.04LTS logging in as a user on a virtualhost. I've changed my SSH port to 22022, and enter all the credentials when attempting to login. I ran these commands to add a user to the virtualhost: # useradd -d /srv/www/[domain] [username] # passwd [username] # usermod -G filetransfer [username] # chown [username]:[username] /srv/www/[domain]/public_html I should add that this is the only time I've setup the user they have no other /home directories or such. The directory that does exist is at /srv/www/example.com/public_html When I try using a desktop package such as cyberduck to login to the site, I keep getting a "Login failed with this username or password". I am completely lost as what to do next... The reason why I'm trying this method is because I want my clients to use SFTP and not FTP to upload files to their websites. Any help or direction is appreciated.

Read the article
Usermin (Webmin)- Users can't login

- by Armadillo

I've installed Webmin in my server. The users of my Unix server must be able to change their passwords. So, for that, they use Usermin. But users just can't login in Usermin module. I get always this message: Login failed. Please try again. What is the reason for this behavior? How can I give access to Usermin to my users? I'm able to login as any user when viewing "Current Login Sessions" - "Switch to Usermin user:", with the Admin user.

Read the article
Can I optimize this mod_wsgi / apache file better?

- by tomwolber

Hi! I am new to Django/Python/ mod_wsgi, and I was wondering if I could optimize this file to reduce memory usage: ServerRoot "/home/<foo>/webapps/django_wsgi/apache2" LoadModule dir_module modules/mod_dir.so LoadModule env_module modules/mod_env.so LoadModule log_config_module modules/mod_log_config.so LoadModule mime_module modules/mod_mime.so LoadModule rewrite_module modules/mod_rewrite.so LoadModule setenvif_module modules/mod_setenvif.so LoadModule wsgi_module modules/mod_wsgi.so LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined CustomLog /home/<foo>/logs/user/access_django_wsgi.log combined ErrorLog /home/<foo>/logs/user/error_django_wsgi.log KeepAlive Off Listen 12345 MaxSpareThreads 3 MinSpareThreads 1 MaxClients 5 MaxRequestsPerChild 300 ServerLimit 4 HostnameLookups Off SetEnvIf X-Forwarded-SSL on HTTPS=1 ThreadsPerChild 5 WSGIDaemonProcess django_wsgi processes=5 python-path=/home/<foo>/webapps/django_wsgi:/home/<foo>/webapps/django_wsgi/lib/python2.6 threads=1 WSGIPythonPath /home/<foo>/webapps/django_wsgi:/home/<foo>/webapps/django_wsgi/lib/python2.6 WSGIScriptAlias /auctions /home/<foo>/webapps/django_wsgi/auctions.wsgi WSGIScriptAlias /achievers /home/<foo>/webapps/django_wsgi/achievers.wsgi

Read the article
runas without asking for a password

- by Gregory MOUSSAT

On a Windows server which is in a domain, I have a script I run from scheduled tasks. I want this script to be run under a mydomain\peter user account. It is simple to do it with scheduled tasks, if you know Peter's password. And once done, the script stops when Peter decides to (or has to) change his password. On Linux, a cron job can be run with whatever user account without having to know the corresponding password. And root can run anything on behalf on another user (with su and sudo). Any way to do this with Windows? My need is for a old Windows 2003 server, but I can manage to run it from another computer.

Read the article
Using mod_wsgi with mpm_itk: socket permission issue

- by djechelon

I'm using mod_itk as MPM for increased security in shared environment. I also have a Firefox Sync Server within one of the VHosts I host. That vhost is restricted to a certain user via AssignUserId user group. The problem is that the socket /var/run/wsgi...whatever.sock is chmodded srwx------ and owned by Apache's wwwrun. While I configured the vhost with WSGIProcessGroup sync WSGIDaemonProcess sync user=djechelon group=djechelon processes=1 threads=5 I still get the error that Apache wants to access a socket that is not accessible and because of this gets an error. Is it possible to configure mod_wsgi in order to create different sockets with different owners for different applications or to chmod its socket in a different way (less secure)? Currently, I'm running Firefox Sync as the only WSGI application. Moving it to a vhost that doesn't AssignUserId could solve this problem but will force me to change URL (and buy an additional SSL certificate), so I wouldn't consider this

Read the article
How can I setup my local Nginx server so I can edit the files?

- by Shane Grant

I have my local development machine running Arch Linux, Nginx, PHP-FPM and MySQL. In order for the websites I am working on to run the files need to be owned by the http user. The files are currently located in folders like this: /srv/http/site1/ /srv/http/site2/ When I use the following chown command on the http folder the sites work fine, but I cannot edit the files with my user: chown -R http.users /srv/http When I do this the sites do not work, but I can edit the files: chown -R shane.http /srv/http How can I make it so that my user can edit the files, and the web server can run them at the same time? Thank you

Read the article
centos: su silently fails

- by matteo

On a CentOS server where I'm logged via SSH as root, I do: su otherusername where 'otherusername' is the user name of another user, which exists. It does nothing. After that, I'm still root. whoami returns root, any file I create belongs to root, that is, su just doesn't su. However it does not give any error message. If I try to su with an invalid user name it does give an error message. What am I missing??

Read the article
Application upgrade triggered from web application on Ubuntu/Linux

- by Witek

On my ubuntu server I have an application MyApp which runs as a daemon with its own user myapp. Then I have a web application MyPortal which runs in apace httpd as user www-data. This application serves a web page with a Redeploy MyApp button. When clicking this button I want to start the script redeploymyapp. This script stops the MyApp deamon, upgrades the application and starts the daemon again. The problem is, that the redeploymyapp script needs to be executed by the user myapp, while MyPortal is running as www-data. What is te best way to solve this problem?

Read the article
Group policy preventing XenApp from creating start menu menus

- by JohnyV

I have a citrix Xenapp server that has some apps installed. The are placed in a folder and set to populate the start menu. The problem is when I log on with a user from a particular OU I am unable to get the start menu inserted from xenapp. It is quite a restrictive group policy but does anyone know the setting for preventing users from modifying the start menu. I have tried "Prevent changes to Taskbar and Start Menu Settings" but this didnt work. Any ideas would be great. I know it isnt permissions because I have another user that has the same permissions assigned to them, the only difference is that one user gets the restrictive group policy and the other doesnt. Thanks

Read the article
How to create basic load balancer?

- by Ilya Rusanen

guys. I'd like to deploy my app on two different servers, located in US and Germany. As I suppose, I need to set up some kind of load balancer, that would deternime from which country my user is, and resolve it to US/Germany server. The general aim is to provide user abitiliy to work with the closest server (CDN is not a solution, 'cause we dont share static content). Where should I place load balancer that would resolve user to USA/GER severs? In usa/germany? What shold it look like? A usual server with some specific app or what? Thank you.

Read the article
How to establish SIP connection, when SIP-proxy is required?

- by LA_

I have Asterisk/1.8.13.1 Asterisk GUI-version : SVN--r Yes, quite old one, but I can not update it since this is installed on my Synology NAS. NAS is connected to internet thru router Asus RT-N16. I should use the following data to connect to the server: Auth name – 7499952XXXX User name/User ID/Display Name – nickname Authorization user name - [email protected] Domain - sip.beeline.ru SIP proxy server - msk.sip.beeline.ru I've also found the following string: [email protected]:password:[email protected]@msk.sip.beeline.ru:5060/7499952XXXX I've tested the parameters on my PC thru X-Lite and it works well (so, assume there is no any problem with the router, no need to do anything with router's NAS settings). But since I am quite new to Asterisk, I can not understand where to input all these data. Asterisk GUI doesn't have fields for proxy: Can somebody please help me with step-by-step instruction? Thank you in advance!

Read the article
Monit wont start/stop any processes

- by Vaughan Magnusson

Hi, I've got monit running on a linux vserver, installed in a custom location /home/user/bin/monit as that is the only suitable location according to the webhost providers. When I installed monit I used ./configure --prefix=/home/user Monit itself runs, and sends me emails of it's activity, and the control file syntax is correct. However, monit cannot seem to start or stop anything - or even run the simplest of scripts. eg. Using 'monit stop all', I try to run the following stop command stop = "/bin/bash /home/user/simple_script.sh" Which fails (and says so in the log). I cant figure out why this is failing, can anyone help with this?

Read the article
What is the difference between /sbin/nologin and /bin/false?

- by Michael Hampton

I have often heard it recommended that a user account should be disabled by setting its shell to /bin/false. But, on my existing Linux systems, I see that a great number of existing accounts (all of them service accounts) have a shell of /sbin/nologin instead. I see from the man page that /sbin/nologin prints a message to the user saying the account is disabled, and then exits. Presumably /bin/false would not print anything. I also see that /sbin/nologin is listed in /etc/shells, while /bin/false is not. The man page says that FTP will disable access for users with a shell not listed in /etc/shells and implies that other programs may do the same. Does that mean that somebody could FTP in with an account that has /sbin/nologin as its shell? What is the difference here? Which one of these should I use to disable a user account, and in what circumstances? What other effects does a listing in /etc/shells have?

Read the article
ORA-01019 error only as an administrator

- by Mike

I'm having a strange problem. I've installed the Oracle 10g client on a terminal server running Windows Server 2008R2. When I try to connect to Oracle, using, say, Toad, I receive the error "ORA-01019 unable to allocate memory in the user side". But this only happens if I'm logged in as an administrator. If I connect as a normal user, I can connect without issue. Also -- if a normal user is connected, I can then connect without a problem as an administrator. Any thoughts?

Read the article
Nginx Restart Issues

- by heavymark

All of the sudden when restarting Nginx I get the following error: Restarting nginx: [alert]: could not open error log file: open() "/var/log/nginx/error.log" failed (13: Permission denied) 2011/02/16 17:20:58 [warn] 23925#0: the "user" directive makes sense only if the master process runs with super-user privileges, ignored in /etc/nginx/nginx.conf:1 the configuration file /etc/nginx/nginx.conf syntax is ok 2011/02/16 17:20:58 [emerg] 23925#0: open() "/var/run/nginx.pid" failed (13: Permission denied) configuration file /etc/nginx/nginx.conf test failed On the front end part of the site loads but some files such as the CSS in particular are not loading. They exist on the server but when loading the resources directly in Chrome they say "Oops this page can't be found." I set a special group and user to run my apache files using suexec for my domain files. I think the nginx are owned by root however which I'm assuming is the problem but which nginx file ownerships would I change?

Read the article
can't add sharepoint users from trusted domain

- by user22215

I have a very strange problem with our Sharepoint 2007 implementation. I went in today to grant access to a user and was greeted with "The user does not exist or is not unique." Let me start off by saying that this user is not on our domain we have a 2 way trust connecting to one of our subsidiaries. I can see the users in the people pick but can't add them into Sharepoint. This problem flared up after we had some trust issues last two days ago. So I must ask has anyone came across this error and if so what steps did you take to resolve it? This link further highlights my problem: http://social.technet.microsoft.com/forums/en-US/sharepointgeneral/thread/41265a91-191c-4952-9c8c-1e0129b9fd3a

Read the article
Temporary file storage - script for webserver

- by Chris

I'm looking for a script (preferably php) which I can use for to temporarily exchange files. I had such a script before (it was written in flash), but - damn - just can't find it anymore. Here the features I'm looking for: I have a logon, which allows me to create "upload spaces". for these "upload spaces" I define a time how long the space will be available for (until the files are deleted), and who can access it - in the means of typing in an email, and that user gets a link with the "online space", user ID and password. the other user then clicks on the link and uploads the file, and I get (preferably) an email should there be any file changes I get an email before the content gets deleted Now, 3 additional things: - it should be open- source - run on linux (preferably lamp) - no, I dont wanna use dropbox or similar :p Thanks in advance everybody, Cheers Chris

Read the article
CentOS Default ACLs on Existing File System Objects

- by macinjosh

Is there a way to have existing file system objects inherit newly set default ACL settings of their parent directories? The reason I need to do this is that I have an user who connect via SFTP to my server. They are able to change directories in their FTP client and see the root folder and the rest of the server. They don't have permissions to change or edit anything but their own user directory but I would like to prevent them from even view the contents of other directories. Is there a better way to do this than ACLs? If ACLs are the way to go I'm assuming a default ACL on the root directory would be the best way to do restrict access. I could then selectively give the user permission to view certain directories. The problem is default ACLs are only inherited by new file system objects and not existing ones.

Read the article
Hyper-V Server hvremote.wsf Script - ns lookup for DNS Verification test fails

- by Vazgen

I'm trying to connect my Hyper-V Server to a Windows 8 client for remote management. I have: Joined server to WORKGROUP Enabled Remote Management Set the server name Set a static IP Set the DNS servers to my ISPs DNS Servers (same as default DNS Servers on my Windows 8 remote management client) Set the correct time zone Created net user on server (net user /add admin password) Added user to special Administrators group on server (hvremote /add:admin) Granted anonymous dcom access on client using hvremote However, the "ns lookup for DNS verification" fails on both the client and server with the same error: Server: my.isps.server.name.net Address: 111.222.333.1 *** my.isps.server.name.net can't find 192.168.1.3: Non-existent domain Thanks for the help.

Read the article
Logging off does not kill process in Windows Server 2003

- by Suraj Chandran

I have a Windows Server 2003(Enterprise, SP2). My understanding was that any process created by a user will be terminated when the user loggs off the account. But its not happening. I login via Administrator account. Start a simple java process and logoff. But the process is not killed. Is there any configuration for this or something? I am mostly a software programmer and not much in to servers and so I am stuck. I found out that while logging off, 1) Win32 is supposed to send a CTRL_LOGOFF_EVENT to all processes started by that user. 2) JVM is supposed to handle this event and terminate the VM. But I can't understand why my java process is not killed when i logoff. Any idea!!!

Read the article
OpenSSH SFTP server with chroot() + File Permissions

- by HannesFostie

I am currently setting up an SFTP server but there is one detail I can't seem to figure out. When I add a user, I would like him to connect using his client and be able to write in his "root dir" right away. My Match case for the SFTP-users group currently has ChrootDirectory set as "/home/%u", and inside that directory I have to have a subdirectory owned by the user, while /home/%u itself is owned by root. Next to that, the "root dir" also has a couple files, .bashrc to name one. Is it possible to put these files somewhere else, remove them, or at least make them invisible to the user? Thanks EDIT: One more little thing I'd like to implement is for one account to have read (or rw, not sure yet) access to all other users' home directories. What is the easiest way to implement this?

Read the article
Setup secure shared hosting (Apache, PHP, MySQL)

- by Apaz

So I'm setting up a shared hosting with Apache, PHP, MySQL and the biggest question mark is how to do with PHP, since there is a million options out there how to configure it securely. The plan is: Chroot for MySQL (built in support for chroot) Chroot for Apache (mod_security) Each user executing their PHP-scripts as their own user (see below) Set open_basedir Disable all "evil" php-functions (allow_url_fopen, system, exec, and so on) Ive looked at suexec and suphp but they seems very slow; http://blog.stuartherbert.com/php/2007/12/18/using-suexec-to-secure-a-shared-server/ http://blog.stuartherbert.com/php/2008/01/18/using-suphp-to-secure-a-shared-server/ So I've looked some more and found some other solutions: apache2-mpm-itk + mod_php(?) mod_fcgid + php-fpm mod_fastcgi + php-fpm Ive tried a simple setup with mod_fastcgi + php-fpm and it seems to work, runs as correct user and so on, but the protection against directory traveling is still open_basedir(?) One solution for that could be to use php-fpm's chroot option, but that causes a lot of other issues like domain name resolver does not work sending mail does not work Tips?

Read the article
Exim redirect all unexisting accounts for local domains to a specific account

- by tntu

I want to route all incoming emails for local domains only to a single account if an account is not setup for that user. I would also like each email to be written in it's own file in user folder. I have a catchall user with /home/catchall/ path where I have a mail folder made for this but so far emails wither fail to deliver (thus my rule did not work) or they do deliver to /etc/mail/catchall file. I have been trying to put something together from the Exim configuration but so far nothing seem to work. http://exim.org/exim-html-current/doc/html/spec_html/ch20.html

Read the article

< Previous Page | 2057 2058 2059 2060 2061 2062 2063 2064 2065 2066 2067 2068 | Next Page >