Search Results

Search found 12645 results on 506 pages for 'group policy'.

Page 236/506 | < Previous Page | 232 233 234 235 236 237 238 239 240 241 242 243  | Next Page >

• iptables to allow 80 and 443 on chillispot running ddwrt

  - by user76682

  I am having problems setting this up. this is what I am trying to do. I have Chillispot (hotpsot) running on dd-wrt. Everything is setup, but the client wants only 80 and 443 to go through through the hotspot. I found this tutorial for dd-wrt but that doesnt seem to work. http://www.dd-wrt.com/wiki/index.php/Iptables#Allow_HTTP_traffic_only_to_specific_domain.28s.29 Initially I tried to place the options at the top but didnt work. then i flushed the iptables and set only these three. I can see the pkts number grow but for some reason I can browse. root@DD-WRT:~# iptables -nvL FORWARD Chain FORWARD (policy ACCEPT 3105 packets, 2442K bytes) pkts bytes target prot opt in out source destination 1629 230K ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 21,80,443 2346 2792K ACCEPT 0 -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 328 46420 DROP 0 -- * * 0.0.0.0/0 0.0.0.0/0 Heres some info from the router, chillispot is the tun0 interface. root@DD-WRT:~# iptables -vnL FORWARD --line-numbers Chain FORWARD (policy DROP 0 packets, 0 bytes) num pkts bytes target prot opt in out source destination 1 0 0 ACCEPT 47 -- * vlan1 192.168.8.0/24 0.0.0.0/0 2 0 0 ACCEPT tcp -- * vlan1 192.168.8.0/24 0.0.0.0/0 tcp dpt:1723 3 32 1851 ACCEPT 0 -- tun0 * 0.0.0.0/0 0.0.0.0/0 state NEW 4 0 0 ACCEPT 0 -- br0 br0 0.0.0.0/0 0.0.0.0/0 5 48 2408 TCPMSS tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x06/0x02 TCPMSS clamp to PMTU 6 756 452K lan2wan 0 -- * * 0.0.0.0/0 0.0.0.0/0 7 756 452K ACCEPT 0 -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 8 0 0 TRIGGER 0 -- vlan1 br0 0.0.0.0/0 0.0.0.0/0 TRIGGER type:in match:0 relate:0 9 0 0 trigger_out 0 -- br0 * 0.0.0.0/0 0.0.0.0/0 10 0 0 ACCEPT 0 -- br0 * 0.0.0.0/0 0.0.0.0/0 state NEW 11 0 0 DROP 0 -- * * 0.0.0.0/0 0.0.0.0/0 12 0 0 DROP 0 -- br0 * 0.0.0.0/0 0.0.0.0/0 13 0 0 DROP 0 -- * br0 0.0.0.0/0 0.0.0.0/0 The interfaces: root@DD-WRT:~# ifconfig -a br0 Link encap:Ethernet HWaddr 00:12:17:CF:80:5F inet addr:192.168.8.1 Bcast:192.168.8.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:2371 errors:0 dropped:0 overruns:0 frame:0 TX packets:1862 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:259721 (253.6 KiB) TX bytes:254862 (248.8 KiB) br0:0 Link encap:Ethernet HWaddr 00:12:17:CF:80:5F inet addr:169.254.255.1 Bcast:169.254.255.255 Mask:255.255.0.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 eth0 Link encap:Ethernet HWaddr 00:12:17:CF:80:5F UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:5050 errors:0 dropped:0 overruns:0 frame:0 TX packets:2508 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:1066410 (1.0 MiB) TX bytes:376001 (367.1 KiB) Interrupt:5 eth1 Link encap:Ethernet HWaddr 00:12:17:CF:80:61 UP BROADCAST RUNNING ALLMULTI MULTICAST MTU:1500 Metric:1 RX packets:729 errors:0 dropped:0 overruns:0 frame:114693 TX packets:697 errors:2 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:107869 (105.3 KiB) TX bytes:473134 (462.0 KiB) Interrupt:4 Base address:0x1000 etherip0 Link encap:Ethernet HWaddr 1E:13:B7:09:CC:8C BROADCAST MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:0 (0.0 B) TX bytes:0 (0.0 B) lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 UP LOOPBACK RUNNING MULTICAST MTU:16436 Metric:1 RX packets:18 errors:0 dropped:0 overruns:0 frame:0 TX packets:18 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:1210 (1.1 KiB) TX bytes:1210 (1.1 KiB) teql0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 NOARP MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:100 RX bytes:0 (0.0 B) TX bytes:0 (0.0 B) tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 inet addr:192.168.182.1 P-t-P:192.168.182.1 Mask:255.255.255.0 UP POINTOPOINT RUNNING MTU:1500 Metric:1 RX packets:662 errors:0 dropped:0 overruns:0 frame:0 TX packets:587 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:10 RX bytes:92167 (90.0 KiB) TX bytes:427657 (417.6 KiB) vlan0 Link encap:Ethernet HWaddr 00:12:17:CF:80:5F UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:2371 errors:0 dropped:0 overruns:0 frame:0 TX packets:1864 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:269558 (263.2 KiB) TX bytes:262680 (256.5 KiB) vlan1 Link encap:Ethernet HWaddr 00:12:17:CF:80:60 inet addr:10.3.2.47 Bcast:10.255.255.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:2675 errors:0 dropped:0 overruns:0 frame:0 TX packets:645 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:705429 (688.8 KiB) TX bytes:102197 (99.8 KiB) The routing table: root@DD-WRT:~# netstat -nr Kernel IP routing table Destination Gateway Genmask Flags MSS Window irtt Iface 192.168.182.0 0.0.0.0 255.255.255.0 U 0 0 0 tun0 10.3.2.0 0.0.0.0 255.255.255.0 U 0 0 0 vlan1 192.168.8.0 0.0.0.0 255.255.255.0 U 0 0 0 br0 169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 br0 127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo 0.0.0.0 10.3.2.1 0.0.0.0 UG 0 0 0 vlan1 Highly appreciate your help. TIA, Arun

  Read the article

• How can I get a scheduled task to run for a user regardless of which computer the user is logged onto?

  - by Ernst

  I've got a scheduled task that needs to run for a user at a specific time. However, the user sometimes logs onto one machine, the next day onto another, then next week onto yet another. At some pint during the day, the user might have to log onto another machine. How do I get the scheduled task to run regardless of which computer the user is using? I could of course create the task on all computers, but that seems a bit overkill. Running a script on log on (or a group policy) to create the task doesn't seem a good method either. Any ideas? Basically I want the scheduled task to be defined on the user instead of on the computer. If in the end I need to choose between the two options above, which is best?

  Read the article

• Can't connect to samba

  - by Rick

  Windows 7, connecting to Samba shares I have a follow up question from the link above. I am running Samba 3.0.23d on FreeBSD is release 7.1 I changed the policies as described above but still cannot connect to the samba server with the windows 7 or a server 2008. I feel it is a problem with recognizing the new machines on the network. the windows machines can see the samba server, but cannot connect to it or view any of the files. After changing the security policies the samba server asked for network id and password but would not allow the machine to connect, said they were unknown username or bad password. Here is my current config file. there is no sign of encryption anywhere, should I just add the line? not sure what that would do elsewhere. Workgroup = WWOFFSET server string = WWO File Server (%v) security = server username map = /usr/local/etc/smb.users hosts allow = 10. 127. # If you want to automatically load your printer list rather # than setting them up individually then you'll need this ; load printers = yes # you may wish to override the location of the printcap file ; printcap name = /etc/printcap # on SystemV system setting printcap name to lpstat should allow # you to automatically obtain a printer list from the SystemV spool # system ; printcap name = lpstat # It should not be necessary to specify the print system type unless # it is non-standard. Currently supported print systems include: # bsd, cups, sysv, plp, lprng, aix, hpux, qnx ; printing = cups # Uncomment this if you want a guest account, you must add this to /etc/passwd # otherwise the user "nobody" is used ; guest account = pcguest # this tells Samba to use a separate log file for each machine # that connects log file = /var/log/samba/log.%m # Put a capping on the size of the log files (in Kb). max log size = 50 # Use password server option only with security = server # The argument list may include: # password server = My_PDC_Name [My_BDC_Name] [My_Next_BDC_Name] # or to auto-locate the domain controller/s # password server = * ; password server = <NT-Server-Name> password server = SERVER0 # Use the realm option only with security = ads # Specifies the Active Directory realm the host is part of ; realm = MY_REALM # Backend to store user information in. New installations should # use either tdbsam or ldapsam. smbpasswd is available for backwards # compatibility. tdbsam requires no further configuration. ; passdb backend = tdbsam ; passdb backend = smbpasswd # Using the following line enables you to customise your configuration # on a per machine basis. The %m gets replaced with the netbios name # of the machine that is connecting. # Note: Consider carefully the location in the configuration file of # this line. The included file is read at that point. ; include = /usr/local/etc/smb.conf.%m # Most people will find that this option gives better performance. # See the chapter 'Samba performance issues' in the Samba HOWTO Collection # and the manual pages for details. # You may want to add the following on a Linux system: # SO_RCVBUF=8192 SO_SNDBUF=8192 socket options = TCP_NODELAY # Configure Samba to use multiple interfaces # If you have multiple network interfaces then you must list them # here. See the man page for details. ; interfaces = 192.168.12.2/24 192.168.13.2/24 # Browser Control Options: # set local master to no if you don't want Samba to become a master # browser on your network. Otherwise the normal election rules apply ; local master = no # OS Level determines the precedence of this server in master browser # elections. The default value should be reasonable ; os level = 33 # Domain Master specifies Samba to be the Domain Master Browser. This # allows Samba to collate browse lists between subnets. Don't use this # if you already have a Windows NT domain controller doing this job ; domain master = yes # Preferred Master causes Samba to force a local browser election on startup # and gives it a slightly higher chance of winning the election ; preferred master = yes # Enable this if you want Samba to be a domain logon server for # Windows95 workstations. ; domain logons = yes # if you enable domain logons then you may want a per-machine or # per user logon script # run a specific logon batch file per workstation (machine) ; logon script = %m.bat # run a specific logon batch file per username ; logon script = %U.bat # Where to store roving profiles (only for Win95 and WinNT) # %L substitutes for this servers netbios name, %U is username # You must uncomment the [Profiles] share below ; logon path = \\%L\Profiles\%U # Windows Internet Name Serving Support Section: # WINS Support - Tells the NMBD component of Samba to enable it's WINS Server ; wins support = yes # WINS Server - Tells the NMBD components of Samba to be a WINS Client # Note: Samba can be either a WINS Server, or a WINS Client, but NOT both ; wins server = w.x.y.z # WINS Proxy - Tells Samba to answer name resolution queries on # behalf of a non WINS capable client, for this to work there must be # at least one WINS Server on the network. The default is NO. ; wins proxy = yes # DNS Proxy - tells Samba whether or not to try to resolve NetBIOS names # via DNS nslookups. The default is NO. dns proxy = no # charset settings ; display charset = ASCII ; unix charset = ASCII ; dos charset = ASCII # These scripts are used on a domain controller or stand-alone # machine to add or delete corresponding unix accounts ; add user script = /usr/sbin/useradd %u ; add group script = /usr/sbin/groupadd %g ; add machine script = /usr/sbin/adduser -n -g machines -c Machine -d /dev/null -s /bin/false %u ; delete user script = /usr/sbin/userdel %u ; delete user from group script = /usr/sbin/deluser %u %g ; delete group script = /usr/sbin/groupdel %g unix extensions = no

  Read the article

• Need help setting up subversion

  - by mousey

  Hi, We are a small company working on a source of a big company. We are actually setting up Subversion with Apache server to work on their code. We need to setup a secure environment so that others outside my group should not have access. I heard there are lot of authentication techniques that can be set up with apache server. Can some one help what are the most secure techniques that come up with apache server and are good with subversion.

  Read the article

• OSX Server permissions weirdness...

  - by kylex

  I have a work network running off an OSX server. I've set the permissions so that any user in our group can access a certain folder. It's become apparent though, that whenever a user accesses a folder, that the folder becomes locked for all other users afterwords, and I have to reset the permissions again. No clue why this is happening. Any suggestions?

  Read the article

• UAC-account-users can't see their mounted network-drives

  - by Daniel

  I wrote a few login batches in the Group Policy Management which mount specified devices to specified usergroups. The batches work as they should as long UAC is disabled. My problem is that the UAC-account-users can't see their mounted network-drives because the login scripts run in elevated context. I tried to fix the problem with PsExec (-l) so that the network-folders are mapped with limited user rigths. But it seems that this won't work. (PsExec is already installed on all computers so it can work local.) Has anyone an idea how to fix that problem? I spended a long time in trying to fix the problem but I did not find any solutions about THIS problem.

  Read the article

• USB hard drive doesn't graceful power off after eject on Windows 7

  - by Sim

  I have a couple of Seagate FreeAgent Go external USB hard drives and would like them to gracefully power off after ejecting in Windows 7. With Windows XP a few seconds after they are ejected they gracefully power off. When ejecting them on Windows 7 they just stay on and have to be physically disconnected before they lose power. I have checked the hard drive removal policy and it is set to quick removal. I have also looked in the Seagate forums but I couldn't find any info on this so I thought I'd ask the SuperUser community on any ideas why the difference and how to get the same behaviour in Windows 7 as in XP? Update: I am finding that this also happens with USB thumb drives as well. My current theory is that there were changes to the driver model with Vista/Win 7 that haven't been reflected in the device drivers yet. So things that worked under XP don't under Win7 as the drivers haven't been updated for the new model. Does that sound right?

  Read the article

• windows server 2012 remote desktop - Send messages between standard users

  - by Scott Kramer

  Does anyone know the policy, or registry change, etc. for allowing messages (on the same server) between standard users... an elevated cmd prompt or task manager works of course... but need it to work on standard accounts. H:\>msg scott hi Error sending message to session RDP-Tcp#0 : Error 5 Error [5]:Access is denied. (This is windows server 2012) Also I recall setting something on server 2008 r2, but just can't remember what it was, so it can be done-- Thanks!

  Read the article

• Nt4.0 Printer Driver not compatible with Vista?

  - by PhillC

  I've got a Brother Fax-8360P printer that has a standard printer port so it can be connected to my WindowsXP machine. I've found some drivers on the net that work and it is a pretty decent laser printer. However, when I try and connect up to it from my Vista machine over the network, it tells me that "The printer driver is not compatible with a policy enabled on your computer that blocks NT4.0 drivers". Main question - is it possible to alter this so that my Vista machine will allow me to print via the network. Secondary question - does anyone know of any generic driver that will work instead?

  Read the article

• Run a script prior to start of SQL instance via Windows clusters

  - by Shahryar G. Hashemi

  Hi, We have a Windows 2008 cluster with several SQL 2008 instance. We would like to run a script that modifies 4 registry keys prior to the startup of SQL. I do not know if there is a way to have a script run through Windows 2008 clustering that does that. I have a VBS script to do it and tried to add a Generic Script to an existing cluster group, but it failed saying it could not be registered. Any ideas?

  Read the article

• Linux Mint Wireless doesn't connect [migrated]

  - by guisantogui

  I'm having a great problem, I've installed Linux mint debian edition (LMDE), and following this tutorial http://community.linuxmint.com/tutorial/view/161 I did installed the network driver. The available connections appears to me, but when i try to connect to my connection at first time, I got this message: "(4) Did not receive a reply. Possible causes include: the remote application did not send a reply, the message bus security policy blocked the reply, the reply timeout expired, or the network connection was broken." And the following tries, I got this another message: "(32) Insufficient privileges." I'm accepting ideas. Thanks.

  Read the article

• Separate mail section for POP mail account in Evolution

  - by Phuong Nguyen

  In Evolution, if I use IMAP as the incoming protocol for the mail account, then this account will have a separated section. However, if I use POP as the incoming protocol, then this account is merged into On this Computer group. I want POP account to have a separated section. How would I do that?

  Read the article

• window services works after local account used before this account

  - by Gauls

  Hi All of a sudden my window services app after installation does not start(Some services stop automatically if they have no work to do) uses custom user, if i change the logon setting to use local system account and click start works fine, then when i go back and change to use this account (local user- custom user under user group) and then click start it works fine, why didn't work in the first place???????????? Thanks

  Read the article

• Cannot format SD memory card

  - by cool

  Hello everyone I have a SD memory card which is of local manufacturer it allows to read & copy from it but not write as it is now write-protected so i want to format that card but could not. To format this card I have tried 1) DD command 2) mkfs -f vfat command 3) creating registry entry under storage device policy in window with write value 0 4) disk part command in window to clear attributes in which it show all attributes are clear ie no write protection 5) I format card in windows through control panel - administrative tools- computer management - disk management, then it show as formatted but when I tried to create new partition it give CYCLIC REDUNDANCY CHECK error 6) I downloaded a format utility from transcend site and formatted first it shows write protected again doing format it formats and tells to remove and reinsert after reinsertion it shows the previous data as it is

  Read the article

• SSH closing by itself - root works fine

  - by Antti

  I'm trying to connect to a server but if i use any other user than root the connection closes itself after a successful login: XXXXXXX:~ user$ ssh -v [email protected] OpenSSH_5.2p1, OpenSSL 0.9.8l 5 Nov 2009 debug1: Reading configuration data /etc/ssh_config debug1: Connecting to XXXXXXX.XXXXXX.XXX [xxx.xxx.xxx.xxx] port 22. debug1: Connection established. debug1: identity file /Users/user/.ssh/identity type -1 debug1: identity file /Users/user/.ssh/id_rsa type -1 debug1: identity file /Users/user/.ssh/id_dsa type 2 debug1: Remote protocol version 2.0, remote software version OpenSSH_4.3 debug1: match: OpenSSH_4.3 pat OpenSSH_4* debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_5.2 debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: server->client aes128-ctr hmac-md5 none debug1: kex: client->server aes128-ctr hmac-md5 none debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP debug1: SSH2_MSG_KEX_DH_GEX_INIT sent debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY debug1: Host 'XXXXXXX.XXXXXX.XXX' is known and matches the RSA host key. debug1: Found key in /Users/user/.ssh/known_hosts:12 debug1: ssh_rsa_verify: signature correct debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug1: SSH2_MSG_NEWKEYS received debug1: SSH2_MSG_SERVICE_REQUEST sent debug1: SSH2_MSG_SERVICE_ACCEPT received debug1: Authentications that can continue: publickey,gssapi-with-mic,password debug1: Next authentication method: publickey debug1: Offering public key: /Users/user/.ssh/woo_openssh debug1: Authentications that can continue: publickey,gssapi-with-mic,password debug1: Offering public key: /Users/user/.ssh/sidlee.dsa debug1: Authentications that can continue: publickey,gssapi-with-mic,password debug1: Trying private key: /Users/user/.ssh/identity debug1: Trying private key: /Users/user/.ssh/id_rsa debug1: Offering public key: /Users/user/.ssh/id_dsa debug1: Authentications that can continue: publickey,gssapi-with-mic,password debug1: Next authentication method: password [email protected]'s password: debug1: Authentication succeeded (password). debug1: channel 0: new [client-session] debug1: Entering interactive session. Last login: Mon Mar 29 01:41:51 2010 from 193.67.179.2 debug1: client_input_channel_req: channel 0 rtype exit-status reply 0 debug1: channel 0: free: client-session, nchannels 1 Connection to XXXXXXX.XXXXXX.XXX closed. Transferred: sent 2976, received 2136 bytes, in 0.5 seconds Bytes per second: sent 5892.2, received 4229.1 debug1: Exit status 1 If i log in as root the exact same way it works as expected. I've added the users i want to log in with to a group (sshusers) and added that group to /etc/sshd_config: AllowGroups sshusers I'm not sure what to try next as i don't get a clear error anywhere. I would like to enable specific accounts to log in so that i can disable root. This is a GridServer/Media Temple (CentOS).

  Read the article

• Is there a registry key change that will by-pass the Windows Domain Join Welcome page?

  - by user1256194

  I'm scripting some Windows Server 2008 R2 builds using Power Shell. Some software needs to be installed after the server has joined the domain. Since I want to automate everything, I'm looking to by-pass the domain controllers Welcome page using a registry hack script. I work for a large company and the Active Directory people are unwilling to change group policy. I figure if it's a registry key I can script the change, install the software, replace the key and reboot as the final step. Is there a registry key change that will by-pass the Domain Join Welcome page?

  Read the article

• Why won't these permissions do what I wish?

  - by Chris B.

  I am trying to make my folder owned by "apache" and then chmod that folder so that only the owner and group can access it. I am trying to do this to keep visitors from executing user-uploaded files directly. Here are the commands I am using: chown -R apache uploads chmod -R 770 uploads Source: http://www.mysql-apache-php.com/fileupload-security.htm Instead it seems that although it is keeping visitors from seeing the files, it is not allowing apache to serve them. Do you have any ideas?

  Read the article

• Grant Sharepoint Access to all employees

  - by Satish

  What's the easiest way to grant access to all the employees of our company to sharepoint portal. There are some general sites which all employees have read access. So Do I have to create an AD group for all employees and add to the site or is there some better way to manage this?

  Read the article

• Editing sectionGroup in web.config using appcmd

  - by GrZeCh

  Hello, is this possible to modify website web.config sectionGroup using appcmd? I want to be able to remove and add whole system.web.extensions sectiong group and the same with system.codedom. Thanks

  Read the article

• SELinux "allow httpd_t httpd_sys_content_t:dir write;"

  - by alexus

  I'm getting following message in my /var/log/audit/audit.log: type=AVC msg=audit(1402615093.053:68): avc: denied { write } for pid=799 comm="httpd" name="php" dev="xvda1" ino=8667365 scontext=system_u:system_r:httpd_t:s0 tcontext=unconfined_u:object_r:httpd_sys_content_t:s0 tclass=dir type=SYSCALL msg=audit(1402615093.053:68): arch=c000003e syscall=2 success=no exit=-13 a0=7f7a5ca697a8 a1=241 a2=1b6 a3=1 items=0 ppid=662 pid=799 auid=4294967295 uid=48 gid=48 euid=48 suid=48 fsuid=48 egid=48 sgid=48 fsgid=48 tty=(none) ses=4294967295 comm="httpd" exe="/usr/sbin/httpd" subj=system_u:system_r:httpd_t:s0 key=(null) pipe audit2allow outputs: #============= httpd_t ============== #!!!! This avc can be allowed using the boolean 'httpd_unified' allow httpd_t httpd_sys_content_t:dir write; How do I apply allow httpd_t httpd_sys_content_t:dir write; to my current SELinux policy?

  Read the article

• How do I find all files and directories writable by a specific user?

  - by Pistos

  Under Linux, how can I find all the files and directories that are writable (or, actually, not writable) by a particular user? Edit: To clarify, I meant under a particular subdir, not systemwide. And yes, that means all the permutations and combinations of user, group and world writability that would allow that user to write. I know what the question entails semantically, I was hoping for a one- or few-liner to execute to get a list of these files.

  Read the article

• IKE Phase 1 Aggressive Mode exchange does not complete

  - by Isaac Sutherland

  I've configured a 3G IP Gateway of mine to connect using IKE Phase 1 Aggressive Mode with PSK to my openswan installation running on Ubuntu server 12.04. I've configured openswan as follows: /etc/ipsec.conf: version 2.0 config setup nat_traversal=yes virtual_private=%v4:10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/12 oe=off protostack=netkey conn net-to-net authby=secret left=192.168.0.11 [email protected] leftsubnet=10.1.0.0/16 leftsourceip=10.1.0.1 right=%any [email protected] rightsubnet=192.168.127.0/24 rightsourceip=192.168.127.254 aggrmode=yes ike=aes128-md5;modp1536 auto=add /etc/ipsec.secrets: @left.paxcoda.com @right.paxcoda.com: PSK "testpassword" Note that both left and right are NAT'd, with dynamic public IP's. My left ISP gives my router a public IP, but my right ISP gives me a shared dynamic public IP and dynamic private IP. I have dynamic dns for the public ip on the left side. Here is what I see when I sniff the ISAKMP protocol: 21:17:31.228715 IP (tos 0x0, ttl 235, id 43639, offset 0, flags [none], proto UDP (17), length 437) 74.198.87.93.49604 > 192.168.0.11.isakmp: [udp sum ok] isakmp 1.0 msgid 00000000 cookie da31a7896e2a1958->0000000000000000: phase 1 I agg: (sa: doi=ipsec situation=identity (p: #1 protoid=isakmp transform=1 (t: #1 id=ike (type=enc value=aes)(type=keylen value=0080)(type=hash value=md5)(type=auth value=preshared)(type=group desc value=modp1536)(type=lifetype value=sec)(type=lifeduration len=4 value=00015180)))) (ke: key len=192) (nonce: n len=16 data=(da31a7896e2a19582b33...0000001462b01880674b3739630ca7558cec8a89)) (id: idtype=FQDN protoid=0 port=0 len=17 right.paxcoda.com) (vid: len=16) (vid: len=16) (vid: len=16) (vid: len=16) 21:17:31.236720 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto UDP (17), length 456) 192.168.0.11.isakmp > 74.198.87.93.49604: [bad udp cksum 0x649c -> 0xcd2f!] isakmp 1.0 msgid 00000000 cookie da31a7896e2a1958->5b9776d4ea8b61b7: phase 1 R agg: (sa: doi=ipsec situation=identity (p: #1 protoid=isakmp transform=1 (t: #1 id=ike (type=enc value=aes)(type=keylen value=0080)(type=hash value=md5)(type=auth value=preshared)(type=group desc value=modp1536)(type=lifetype value=sec)(type=lifeduration len=4 value=00015180)))) (ke: key len=192) (nonce: n len=16 data=(32ccefcb793afb368975...000000144a131c81070358455c5728f20e95452f)) (id: idtype=FQDN protoid=0 port=0 len=16 left.paxcoda.com) (hash: len=16) (vid: len=16) (pay20) (pay20) (vid: len=16) However, my 3G Gateway (on the right) doesn't respond, and I don't know why. I think left's response is indeed getting through to my gateway, because in another question, I was trying to set up a similar scenario with Main Mode IKE, and in that case it looks as though at least one of the three 2-way main mode exchanges succeeded. What other explanation for the failure is there? (The 3G Gateway I'm using on the right is a Moxa G3150, by the way.)

  Read the article

• "TCP Sweep" - What is it? How am I causing it?

  - by Stephen Melrose

  Hi there, I've just had an email from my hosting company telling me I'm in violation of their Acceptable Use Policy. They forwarded me an email from another company complaining about something to do with a "TCP sweep of port 22". They included a snippet from their logs, 20:29:43 <MY_SERVER_IP> 0.0.0.0 [TCP-SWEEP] (total=325,dp=22,min=212.1.191.0,max=212.1.191.255,Mar21-20:26:34,Mar21-20:26:34) (USI-amsxaid01) Now, my server knowledge is limited at best, and I've absolutely no idea what this is or what could be causing it. Any help would be greatly appreciated! Thank you

  Read the article

• Remote Desktop session on Windows Server 2003

  - by Dels

  I have some problem when I use Remote Desktop, here some description. I set some application to autorun each time Administrator (console) was login on W2K3 SP2 server I use Remote Desktop from XP SP3, using the same login as Administrator It creates a new session with the same username and the application starts autorun which make duplicity in application I just hoping i can enforce the Remote Desktop client to connect into only one session (console session), toying with Group Policy setting, successfully enforce the one session, but whenever i close remote desktop (disconnect) the console got disconnected too (which I didn't want it to behave like that). I also try some setting to limit connection, still it doesn't behave as I want it too. Simple i just want to use 1 session, but each time we close remote desktop the session still alive, much like when we use VNC solution (RealVNC, UltraVNC, TinyVNC etc.) Any solution(s)?

  Read the article

• Windows Server 2008 (sp2) stops responding on network share requests from Windows Vista and 7 client

  - by Peter LaComb Jr.

  I have two Windows Server 2008 SP2 machines (TFS and TFSBUILD). Periodically, the TFSBUILD server shares (\TFSBUILD\ShareName or \TFSBUILD\C$) become unresponsive to requests from Windows Vista (Server 2008) and Windows 7 client requests. Windows XP machines are still able to connect. No events in the server log indicate any problem. A simple restart corrects the issue temporarily, but it always returns. No, it is not this http://support.microsoft.com/kb/976266 (we aren't using that software). All anti-virus software has been disabled, firewall is disabled by policy. No other network activity is affected. Any help would be greatly appreciated.

  Read the article

< Previous Page | 232 233 234 235 236 237 238 239 240 241 242 243  | Next Page >