similar to: Forbidden: can't access *.html files in /var/www/html

Hello, I was using CentOS 5.5 as a "playground" VM at my WinXP notebook and now I'm migrating to a new CentOS 5.6 install and everything has worked well - except samba. I have this very permissive config to export my ~/src dir: # cat /etc/samba/smb.conf [global] guest ok = yes guest account = afarber security = share hosts allow = 172.16.6. 127.0.0.1 [src]

Hello, I have a CentOS 5.5/64bit VM, where I only have sudo rights: afarber ALL=(ALL) NOPASSWD: ALL I'm trying to pass LD_LIBRARY_PATH through sudo to install DBD::Oracle ( https://rt.cpan.org/Ticket/Display.html?id=63678 ) and have tried using "sudo -E" and also changing these lines in the stock /etc/sudoers: Defaults !env_reset Defaults env_keep =

Hello, I have two identical CentOS 6.2 machines with stock Postfix package and unchanged config: # rpm -qa|grep post postfix-2.6.6-2.2.el6_1.x86_64 # postconf -n alias_database = hash:/etc/aliases alias_maps = hash:/etc/aliases command_directory = /usr/sbin config_directory = /etc/postfix daemon_directory = /usr/libexec/postfix data_directory = /var/lib/postfix debug_peer_level = 2

Hello, I hope my question is not off-topic here. On CentOS 7.2.1511 I have installed: haproxy-1.5.14-3.el7.x86_64 httpd-2.4.6-40.el7.centos.1.x86_64 The /etc/haproxy/haproxy.cfg binds HAProxy to ports 80 and 443 and accepts HTTPS to slova.de: defaults mode http option http-server-close option forwardfor except 127.0.0.0/8 option

I downloaded the RPMs from the Oracle web site (otn.oracle.com) and successfully installed them on my C5 box, but the sqlplus client software would not run properly. After a few iterations with sealert, I finally got a handle on what was happening. It turns out that most of the shared libraries Oracle installs need to have their SElinux file context modified to allow relocation. Here's

Hi, I've done the following: - Copy usr content with rsync to another partition: rsync -av --partial --progress /usr/ /mnt Then, unmounted, added to fstab a line for /usr, then deleted /usr/* (not the directory itself). But I've found that is bad labeled: ls -Z /usr unconfined_u:object_r:unlabeled_t:s0 bin unconfined_u:object_r:unlabeled_t:s0 local unconfined_u:object_r:unlabeled_t:s0

Hi, My both CentOS 5 servers have logging problems. Logs such as messages, boot.log, kernel, spooler, and tallylog in /var/log directory are all 0 size. The kernel is: Linux 2.6.18-92.1.22.el5 #1 SMP. Since the /var/log/messages contained no information it would be impossible to troubleshoot the problem. I am very sure both systems have not been hacked by others. Sincerely, Frank Ling

For a long period of time, my Apache root directory has been /home/httpd. For security reasons, this is not so good as SELinux has informed me. Now all of the files have been copied to /var/www/etc with owner and group "root". The privileges are 754 (rwxr-xr--), however apache does not have access to them. Should the owner be apache? Group? Todd -- Ariste Software Petaluma,

Hello, sorry, for 1 more question on CentOS 5 -> CentOS 6 migration. On my old CentOS 5.7 machine I have the following line: pref:3:respawn:/bin/su -c '/usr/local/pref/pref.pl >/tmp/pref-`date +%a`.txt 2>&1' afarber and this has served me well, I don't want to install anything else like daemontools etc. - to keep my web-server easily reinstallable (or movable to

Hello, pardon my chaotic question, but does anybody have an idea, why can't I suspend vim-enhanced-7.2.411-1.6.el6.x86_64 with a CTRL-Z, then execute few commands at my bash prompt and then get back to the vim session again with "fg"? It has stopped working at my CentOS 6.2 machine (I haven't noticed exactly when) but works fine with CentOS 5.x. I'm using PuTTY to login to

I'm looking to troubleshoot this error when I run "tail /etc/httpd/logs/error_log" [Tue Oct 09 07:22:59 2007] [error] [client 127.0.0.1] Directory index forbidden by rule: /var/www/html/ (I get this when I run Nagios' "./check_http -H 127.0.0.1".) All I did was install CentOS and then modify httpd.conf to include "ServerName 192.168.1.10:80" and also

Hello fellow CentOS-users, on the net there are lots of Spamassassin related HOWTOs - describing how to create a shell script for Postfix and how to install Spamassassin and start its spamd daemon - step by step. Additionally antivirus setups are described... But I have a strong feeling, that this is unneeded on CentOS 6 - because there are already preconfigured stock packages for postfix and

When does echo 0 > /selinux/inforce need to be used? I.e., where is selinux enforcing itself on the system to protect it? When I do yum install of some package, it seems to work (not being blocked). When would doing something not work because selinux is watching it (or whatever that process is doing)? Thanks, -wes

> what about importing the key beforehand > rpm --import keyfile That's what I do. But when I try to install a package from that (passenger) repository manually, yum wants my confirmation: # curl --fail -sSLo /etc/yum.repos.d/passenger.repo https://oss-binaries.phusionpassenger.com/yum/definitions/el-passenger.repo # grep gpgkey /etc/yum.repos.d/passenger.repo

Hi. I am stuck with this one and I do not know where and how to search for this problem nor do I know how to fix it. When I reboot one of our servers (CentOS 6.7, selinux target, yum fully updated) the http server loads fine (no erros) but when accessing one of the server's websites it displays "Forbidden", restarting the httpd server (command line) will give full access and all is

Just got burnt by this one this morning. If you are upgrading from 6.3 to 6.4 and you use shorewall, you will want to run restorecon -Rv /sbin before rebooting. Original solution from: > http://www.mail-archive.com/shorewall-users at lists.sourceforge.net/msg14885.html Cheers, kal -- Kahlil (Kal) Hodgson GPG: C9A02289 Head of Technology

we have CENTOS 5.2 on DELL server. we need allow a user can "su" to another user without password. for example: account user1 can "su - user2" without password. (user2 is NOT root) I know this is big security risk but .... Anyone know how to do it? Thanks.

On 02/03/2015 11:19 AM, Jay Leafey wrote: > The documentation says that you can just put "vnc" (or > "vncconnect={host}") in the kickstart file in the command section and > proceed from there. Here's a link to an article in Red Hat Magazine > that has a pretty good overview: > >> http://www.redhat.com/magazine/024oct06/features/kickstart/ > > As

Hi I read and used the article http://blog.wazollc.com/Lists/Posts/Post.aspx?ID=2 to authenticate my ad accounts when logging on to cent 5...however, once I edit the nsswitch.conf file, I can't even log on as root or any local users anymore. Kinit seems to initialize fine doing a kinit username at MYDOMAIN.COM , however doing a getent passwd adusername ....it just sits there in the shell and

Hi, I'm trying to setup a firewalled NFS server. I've configured my server (CentOS 5) using the following parameters /etc/sysconfig/nfs MOUNTD_NFS_V1="no" MOUNTD_NFS_V2="no" RQUOTAD_PORT=875 LOCKD_TCPPORT=32803 LOCKD_UDPPORT=32769 RPCNFSDCOUNT=64 MOUNTD_PORT=892 STATD_PORT=662 STATD_OUTGOING_PORT=2020 SECURE_NFS="yes" modprobe.conf: options lockd