similar to: Announce: Puppet 2.6.14 Available [security update]

Hi all, Full path: /usr/lib/ruby/site_ruby/1.8/puppet/provider/ssh_authorized_key/parsed.rb Two problems: 1) Even if filebucketing is disabled, this (still) tries to backup authorized_keys to /var/lib/puppet/clientbucket/[...]; no other modules are doing filebucketing when it''s disabled but they (correctly) do when it is enabled. 2) The filebucketing is (still) being done with euid set

Executive summary: /usr/bin/suidexec gives every user a root shell. Remove it. tlr ----- Forwarded message from Thomas Roessler <roessler@guug.de> ----- Date: Tue, 28 Apr 1998 15:21:17 +0200 From: Thomas Roessler <roessler@guug.de> Subject: suidmanager: SECURITY BREACH: /usr/bin/suidexec gives root access to every user on the system To: submit@bugs.debian.org Package: suidmanager

Wohoo, finaly i could help Rowland :-p ;-) I follow this as guidance: 1 server ( all in one ) use RID, easy to setup etc, but .. If you go to ... Or have plans to.. 2 servers ( DC + a member ) use backend RID if you dont need access with a windows account to a shared home folder. ( cifs or nfs ) you use a dedicated local "linuxAdmin" for maintanace. ( often the first created

This method can be used for plugins to get control after the server has forked and changed user but before it accepts a connection. This is very late and the only real use for this is for a plugin to create background threads for its own use. --- docs/nbdkit-filter.pod | 20 +++++++++++++++----- docs/nbdkit-plugin.pod | 27 ++++++++++++++++++++++++++- include/nbdkit-filter.h | 2 ++

Released December 26, 2013. 2.7.24 is a security release in the Puppet 2 series. Please note that this release is supported by the community; Puppet Labs is not responsible for maintaining the release. This release fixes: * CVE-2013-4969: Unsafe use of temp files in File type See http://puppetlabs.com/security/cve/cve-2013-4969 for details. Andrew Parker (1): 691fbbe (#23343) Use

This patch (to OpenSSH 3.0.2p1) adds support for using krb4, krb5 and other principal names in authorized_keys entries. It's a sort of replacement for .klogin and .k5login, but it's much more general than .k*login as it applies to any authentication mechanism where a name is associated with the ssh client and it supports name patterns and all the normal authorized_keys entry options

Hai,   now realmd sssd and autofs are all not my cookies.. but..   i see 2 things. 1) you missing the CIFS spn. here is shows how to make them and extract them. https://wiki.samba.org/index.php/Generating_Keytabs  https://wiki.samba.org/index.php/Keytab_Extraction      2) for the smblcient try :  smbclient //server.domain.dom/escaner -U user -W DOMAIN.DOM -R host -k -d 3 -m SMB2 ....added

Hello, Sorry for take so long to answer, but I was not able to do the tests because the computer is in use and out of my office. Finally I've progressed in this topic with realmd, sssd and autofs, but now I'm locked on mounting shares from my member server. I'm able to use autofs and smbclient to mount and connect to sysvol share on my DC server, but when I try to connect to my

http://bugzilla.mindrot.org/show_bug.cgi?id=78 Summary: Support use of named (krb4, krb5, gsi, x.509) keys in auth_keys entries Product: Portable OpenSSH Version: 3.0.2p1 Platform: All URL: http://marc.theaimsgroup.com/?l=openssh-unix- dev&m=101189381805982&w=2 OS/Version: All

http://bugzilla.mindrot.org/show_bug.cgi?id=170 Summary: Double free() and heap corruption when krb4 auth fails Product: Portable OpenSSH Version: 3.1p1 Platform: All OS/Version: All Status: NEW Severity: major Priority: P2 Component: sshd AssignedTo: openssh-unix-dev at mindrot.org

Provides automatic cleanup of ‘struct nbdkit_extents_map *’ on exit from a scope or function. --- server/internal.h | 2 ++ server/cleanup.c | 8 +++++++- server/Makefile.am | 3 ++- 3 files changed, 11 insertions(+), 2 deletions(-) diff --git a/server/internal.h b/server/internal.h index d0da213..825dd3e 100644 --- a/server/internal.h +++ b/server/internal.h @@ -139,6 +139,8 @@ extern void

Update to iproute2 is available. Most of the changes were to repair the things that broke with the introduction of the batch mode to the ip command. http://developer.osdl.org/dev/iproute2/download/iproute2-2.6.14-051107.tar.gz For info on CVS ans other info see: http://linux-net.osdl.org/index.php/Iproute2 Masahide NAKAMURA * Updating for 2.6.14 - Show UPD{SA,POLICY} message

Socket activation (aka systemd socket activation) is a simple protocol that lets you pass in an opened, listening socket to a server. Supporting socket activation allows you to use a modern superserver to serve infrequent NBD requests without needing nbdkit to be running the whole time. Although the protocol was invented by systemd, it has been implemented in a few other places, and the protocol

The CLEANUP_FREE macro and friends can be useful to filters and in-tree plugins; as such, move them to common/ so more than just the server/ code can take advantage of our compiler magic. Signed-off-by: Eric Blake <eblake@redhat.com> --- common/utils/cleanup.h | 48 ++++++++++++++++++++++++++++++ server/internal.h | 12 +------- {server =>

Is there a location for centos 4.2 that has a current kernel compiled and ready to just install for the 2.6.14.X kernel? I am wondering if a current kernel helps with my slowww compaq r4000 amd64 machine. Thanks, Jerry -------------- next part -------------- An HTML attachment was scrubbed... URL:

Please see below Jon Flechsenhaar Boeing WNW Team Network Services (714)-762-1231 202-E7 -----Original Message----- From: Flechsenhaar, Jon J Sent: Wednesday, September 27, 2006 9:35 AM To: lartc@mailman.ds9a.nl Subject: [LARTC] 2.6.14 - HTB/SFQ QoS broken? Jody: I don''t know if you answer basic HTB questions but I''l try anyway. I''m implementing AF and EF with a

hi, i have several small problems. Sometimes the complete Xen machine hangs and i have to reboot the whole server. I hope that these problems are kernel problems and i want to build a new kernel with 2.6.14 for Xen 2.0.7. Is that a problem? The system ist Debian Sarge. cu denny -- Sicherheit verständlich http://www.sides.de GnuPG Key

On 15/10/2019 13:56, ASW Global via samba wrote: > I've read the documentation that domain trusts should be fully supported with both Kerberos and NTLM authentication. I've created a new 2016 domain on a Windows box and created a Samba domain on a Linux box with a BIND9_DLZ backend. Both servers can resolve both DNS domains forwards and backwards and I am able to connect a Windows 10

As shown in the previous patch, plugins may choose to use stdin or stdout during .config. But from .get_ready onwards, well-written plugins shouldn't be needing any further use of stdin/out. We already swapped stdin/out to /dev/null while daemonizing, but did not do do during -f or --run, which leads to some surprising inconsistency when trying to debug a plugin that works in the foreground

Hi I would like to write my first application with Active Record: this is my database table: id PRIMAREY KEY auto_increment german_name varchar(50) english_name varchar(50) | wingspan this is my code: ======================= #!/usr/local/bin/ruby -w require ''rubygems'' require_gem ''activerecord'', ">= 1.10.1"