Displaying 20 results from an estimated 4000 matches similar to: "Chroot issue with username to uid"
2011 Sep 30
1
Apache security , Was: Running Apache sites as separate users
On Thu, Sep 29, 2011 at 9:35 PM, Lucian <lucian at lastdot.org> wrote:
> On Fri, Sep 30, 2011 at 2:22 AM, Trey Dockendorf <treydock at gmail.com>
> wrote:
> > I had a recent request to improve security on my web servers by having
> each
> > website use a different user to run the hosting service. So
> > example1.comhas it's own Apache instance running
2011 Jul 25
3
Sudo #includedir function ignored CentOS 6
I am unable to get the #includedir function to work with sudo. This works
just fine on all my CentOS 5.6 servers, but on 6 it is being ignored. I
have this line in the file /etc/sudoers.d/zabbix-puppet
zabbix ALL=NOPASSWD: /var/lib/zabbix/bin/start_puppet
However sudo still requires a password. If I put that same line into
/etc/sudoers file , there is no password prompt. At the end of my
2011 Sep 30
4
Running Apache sites as separate users
I had a recent request to improve security on my web servers by having each
website use a different user to run the hosting service. So
example1.comhas it's own Apache instance running as apache1 and then
example2.com has its own instance of Apache as apache2. Is this even
possible or realistic? I understand the idea of how that would be secure,
much like creating a virtual machine to
2011 Jul 15
3
CentOS 6 and KVM woes
I have decided to migrate my latest KVM server to CentOS 6.0 and am
beginning to get a little frustrated with some issues that worked perfectly
in 5.6.
Right now I've given up on getting virbr0 and NAT to work, but now I need
networking bridging to work, but nothing seems to fix the issue. I have not
had much experience with troubleshooting KVM so could really use some
pointers on resolving
2003 May 14
2
new feature chroot environment patch
Hi,
I have written code which enables chroot environments for users.
A new sshd onfiguration item ChrootUsers containts a list of users which
has chroot environment.So if the user is not in the list it get's his
normal environment.
For users that are in the chrootusers list there homedir becomes / .
Can you please apply this patch?
With kind regards,
Jeroen Nijhof
-------------- next
2011 Aug 30
0
Fwd: Re: New with Libvirt and having problems.
On 8/29/2011 10:29 PM, Trey Dockendorf wrote:
> Have you looked into using virt-manager? When I started using KVM I
> found that new VM provisioning was much simpler with that interface.
Alas, Virtmanager doesn't seem to be a supported program under Gentoo -
the distribution I use. If its X-based, it wouldn't work anyhow - I'm
strictly a command line shop.
>
> Once
2004 May 05
1
Dovecot chrooting
hello all i am new to dovecot and i have a small problem. I use qmail as a pop3 server and dovecot as imap. my rc script is as follows:
-----snip-----
#!/bin/sh
exec env - PATH="/var/qmail/bin:$PATH" \
qmail-start '|preline procmail' splogger qmai
-----end-----
thus i deliver mails through procmail so all mails are located to /var/spool/mail.
The problem exists when i tested
2002 Jun 28
0
Chroot v3.4p1
Greetings!
I am working on a patch that will support a "ChrootUsers" option in the
v3.4p1 config file.
I am wondering if there are already plans to support a chroot option on
the go?
Regards,
_________________________________________
Open Text Corporation - HMS Division.
John Furman
Network Security Officer
jfurman at opentext.com
www.opentext.com/hms
Voc: 519.888.7111 x2361
Fax:
2011 Oct 15
2
SELinux triggered during Libvirt snapshots
I recently began getting periodic emails from SEalert that SELinux is
preventing /usr/libexec/qemu-kvm "getattr" access from the directory I store
all my virtual machines for KVM.
All VMs are stored under /vmstore , which is it's own mount point, and
every file and folder under /vmstore currently has the correct context that
was set by doing the following:
semanage fcontext -a -t
2011 Aug 09
4
Using Samba to share Apache web root, securely
I'm setting up a shared web server running Apache. Each web root will
belong to a department, which has a corresponding Active Directory group to
give access. So far I've got samba working and such, but am having some
trouble wrapping my head around the necessary permissions to make all this
work, especially securely. So far I've found that both the POSIX and the
ACL permissions
2011 Oct 24
2
Unable to acquire lock
Hello,
I am trying to execute virsh commands on a host but it is giving errors
due to failure in acquiring lock.
root at kvm01:~# virsh suspend blindone
error: Failed to suspend domain blindone
error: Timed out during operation: cannot acquire state change lock
Any suggestions how can we figure out possible reasons.
--
Jatin
-------------- next part --------------
An HTML attachment was
2002 Jul 04
4
Chroot patch (v3.4p1)
The following is a patch I've been working on to support a "ChrootUser"
option in the sshd_config file.
I was looking for a way to offer sftp access and at the same time restict
interactive shell access. This patch is a necessary first step (IMO).
It applies clean with 'patch -l'.
Also attached is a shell script that helps to build a chrooted home dir on
a RedHat 7.2
2011 Jul 13
2
CentOS 6 DVD install "Unable to read group information from repositories"
Tried my first CentOS 6 install on a system currently running 5.6. My
attempt was not an upgrade, but a full re-format. I have verified the
checksums of the ISO and did the pre-install disk verify and everything
checked out. However after the screen for setting up the bootloader I get
the following error
"Unable to read group information from repositories. This is a problem with
the
2011 Oct 19
1
Failed dependencies for libxslt-ruby on CentOS 6
I'm trying to install a gem named Fabulator on CentOS 6 CR x86_64. It's
failing on libxslt-ruby. This is the error I get when trying the gem
manually...
------------------------------
# gem install libxslt-ruby --no-rdoc --no-ri
Building native extensions. This could take a while...
ERROR: Error installing libxslt-ruby:
ERROR: Failed to build gem native extension.
2012 Aug 02
2
Excluding RAW disk from snapshot
I have an oVirt engine node that currently runs the system on a qcow2
based virtual disk, and an NFS export volume on RAW. I'd like to take
a snapshot before a somewhat risky upgrade of oVirt and can't with the
raw image attached.
Looking at the documentation for the snapshot XML, I created this XML
file for the snapshot
<domainsnapshot>
<name>20120802</name>
2011 Sep 14
2
Libvirt daemon usage question
I could use some help with clarification on the use of the libvirtd daemon
with regards to managing remote KVM instances. Right now I have a CentOS 6
KVM server (libvirt-0.8.1), but would like to use some management
applications that require higher version (0.8.8). First, is it possible to
run the libvirtd daemon from within a VM, or does it require active kvm
kernel module? Secondly, could a
2011 Jul 10
1
Upgrade from CentOS 5.x to 6.0
Great news about CentOS 6.0 being available, and I figured I'd ask the most
obvious question, what can I expect when upgrading from CentOS 5.6 to 6.0?
I have not had to go from one major version of CentOS to another so this is
new territory for me. Is the processes just like an install except there's
an "Upgrade" option? Does an upgrade do a "yum update" of
2011 Oct 12
1
XML file format for snapshot-create
I've created a very basic snapshot XML file, to allow for a description of
the snapshot. However when running the virsh command, it doesn't like the
formatting.
# virsh snapshot-create proxy_0 /vmstore/proxy_0/proxy_0_ss.xml
error: XML description for failed to parse snapshot xml document is not well
formed or invalid
This are the XML file contents...
# cat proxy_0_ss.xml
2011 Sep 14
1
Submitting patches from upstream fixes/bugs
What is the preferred method for submitting patches from upstream projects ?
I have two patches for libvirt-0.8.1.el6_0.6. One adds ESX 4.1 support to
things like virt-v2v (
http://www.redhat.com/archives/libvir-list/2010-July/msg00480.html) and the
second fixes the broken "virsh snapshot-create" (
https://bugzilla.redhat.com/show_bug.cgi?id=727709). All I did really was
get them to
2012 Jul 20
2
Lookup another node's hiera data - fqdn hierarchy
I''ve begun using Hiera in combination with Foreman, primarily storing data
that is best left in Array/Hash form. I''d like to be able to have a
module, in this case BackupPC, query all the Hiera data for each node where
the backup directories/databases are stored. Then use all that information
on the BackupPC server to generate proper configuration files for each