search for: privilg

...it doesn't exist. I put > > ssl_key = </etc/ssl/private/de-korte.org.key > > in a separate configuration file and it failed in a similar fashion, > just with another filename. I think the idea was that the file with the ssl_key line was only root-readable. That way, non-privilged users will fail to include the file. Is that what you tried? Jeff. -- I think there is a world market for maybe five computers. - Thomas Watson, chairman of IBM, 1943.

...ou can use dehydrated in signing mode. --signcsr (-s) path/to/csr.pem Sign a given CSR, output CRT on stdout (advanced usage) In this way, you can reuse private key, as well as making it more secure by removing a privileged operations (private key acces) allowing dehydrated to be run as a non-privilged/separate user. Joseph Tam <jtam.home at gmail.com>

Hi All, I am not very familiar with xen details. Now I am thinking of building two privilged domain(domain 0 not driver domain) at boot time. The other question is that wether it is possible to create another domain 0 by domain-builder running in domain0? Does it make sense when domain 0 is shut down unexpectedly another domain 0 can run at once. Maybe it is absurd. I am looking forwa...

...gt; mode. > > --signcsr (-s) path/to/csr.pem Sign a given CSR, output CRT on stdout (advanced usage) > > In this way, you can reuse private key, as well as making it more > secure by removing a privileged operations (private key acces) allowing > dehydrated to be run as a non-privilged/separate user. You might want to check out this blog: http://www.internetsociety.org/deploy360/blog/2016/03/lets-encrypt-certificates-for-mail-servers-and-dane-part-2-of-2/ <http://www.internetsociety.org/deploy360/blog/2016/03/lets-encrypt-certificates-for-mail-servers-and-dane-part-2-of-2/...

On 13. Aug 2020, at 11.29, Timo Sirainen <timo at sirainen.com> wrote: > > On 13. Aug 2020, at 11.00, Arjen de Korte <build+dovecot at de-korte.org> wrote: >> >> I allow users to run 'doveadm' for mailbox maintenance (to expunge mail for instance). Since the upgrade to 2.3.11.3, this no longer works and results in the following error message: >>

(networking-discuss Bcc''ed) Good morning, The Crossbow team would like to invite you to participate in the project''s third and last phase of code review. The third phase of the review starts today, and will last for two weeks. It covers the following parts of the code: VLANs Link Aggregations Xen mac_datapath_setup All drivers

Hi All, I am writing a backup program for my computer. brief outline is as follows. Running ubuntu 10.04 2 main partitions, / and /home, both ext3. 1 external usb hdd, ext3, mounted to /backups/main. once every couple of days, rsync backs up, using following command, everything worth backing up in / and /home partitions to a folder /backups/main/Full. command: "rsync -vrhRupElog

I''d like to see if we can use DTrace to as the kernel implementation of the BSD systrace security policy system (http://www.systrace.org). I don''t really want to port systrace to Solaris because I think with DTrace we already have all the necessary in kernel hooks to do this. With systrace you express things like: "httpd can bind to port 80 but not any other port, it