Displaying 20 results from an estimated 600 matches similar to: "Allow access to a share for only one machine account"
2014 Jul 07
1
virsh: cannot start domain with channel device,
Here is what I got.
root ubuntu:/home/john# virsh start ubuntu2
error: Failed to start domain ubuntu2
error: internal error Process exited while reading console log output: char device redirected to /dev/pts/1
bind(unix:/var/lib/libvirt/qemu/ubuntu2.libguestfs): Permission denied
chardev: opening backend "socket" failed: Permission denied
root ubuntu:/home/john# ll
2015 Dec 04
3
Running sshd with Privilege Seperation drops connection on password change
Hi folks,
I came across this issue on both stock CentOS(v6.4) and Ubuntu(14.04 LTS) and was wondering if any of you have seen it.
As far as I can tell this seems like a day-1 bug to me.
PROBLEM:
If I expire a linux user's password (passwd -e <user>) and then log in via ssh, it will prompt you for a password change.
On changing the password successfully, sshd will drop the connection
2015 Dec 16
2
Running sshd with Privilege Seperation drops connection on password change
Hi Darren/Damien,
Sorry for responding so late. Still hope we can get this sorted out.
Yes I am indeed using PAM for ssh authentication and disabling priv seperation is a no-go for us since it opens up a security loophole.
From what I can see in ptree and auth logs, when the child passwd process returns with SIGCHLD, the parent sshd process terminates.
Sshd logs are as follows as requested at
2019 Jan 28
2
Troubleshooting help?
I probably should have lead with this, but I did not create or deploy this particular setup, I was charged with keeping it going after the main person left. I have zero experience with Samba or Centrify, or I should say *had* no experience until this.
So, I frankly have very little idea of what most of these options are for or why they're set the way they are. I can certainly edit per your
2019 Jan 28
4
Troubleshooting help?
Thank you Rowland! I guess that's part of my confusion, I'm not sure how to best debug where Centrify ends and Samba begins. But if these log.smbd errors indicate Centrify vice Samba, I'm good with that. My global smb.conf is (didn't bother with the commented out stuff):
[global]
security = ADS
realm = <our domain name>
workgroup = <our workgroup name>
netbios name =
2017 Dec 06
1
SAMBA VFS module for GlusterFS crashes
Dear Anoop,
thank you very much for your detailed explanation.
> I think you are hitting a bug[1] from vfs module for GlusterFS inside Samba during a realpath()
> call.
>
> This regression got in when glfs_realpath() was modified in GlusterFS[2] to correctly handle memory
> allocation and corresponding freeing of string arguments. And this particular change is present from
>
2011 Mar 18
5
Replace NIS by Active Directory
Hi,
I'm looking a wiki or share experience for replace NIS authentication by
an existing Active directory Server (W2003). The problem is on the
management of id and gid.
How to move 1000 actual NIS users to AD ?
How to keep the same id and gid for this 1000 users ?
What's happen with nfs linux server and acess with gid and/id ?
Use the same user/password for linux and Windows clients
2016 Oct 06
2
Can't Route LAN Traffic Behind Tinc Network
Thanks again Keith. I disabled UFW and flushed iptables completely, but same result. Pings from the external node are reaching the internal node on the tinc0 interface but nothing happens after that. Now that I'm thinking of it, I did some masquerading in order to get OpenVPN to work on another box, I wonder if that would be applicable here?
Very Respectfully,
Kismet Agbasi
2016 Oct 06
2
Can't Route LAN Traffic Behind Tinc Network
Thanks Keith. Here's the output:
root at ubuntu2:~# iptables -vnL FORWARD
Chain FORWARD (policy ACCEPT 745 packets, 47680 bytes)
pkts bytes target prot opt in out source destination
6299 416K ufw-before-logging-forward all -- * * 0.0.0.0/0 0.0.0.0/0
6299 416K ufw-before-forward all -- * * 0.0.0.0/0
2015 Aug 19
2
Samba 4 DC - no AES kerberos tickets - only arcfour
Hi Trever,
things improved after resetting user/machine passwords, however only the session key is using aes256 now, the ticket itself is still arcfour:
root at ubuntu1:~# kinit user09999
user09999 at S4DOM.TEST's Password:
root at ubuntu1:~# klist -v
Credentials cache: FILE:/tmp/krb5cc_0
Principal: user09999 at S4DOM.TEST
Cache version: 4
Server: krbtgt/S4DOM.TEST at
2019 Jan 25
2
Troubleshooting help?
I'm terribly sorry if this isn't the proper place/method by which to get help with troubleshooting Samba errors/issues, but it's the best one I could find. I have an instance of Samba 4.8.3 running on a Centos 7.6 VM server (kernel 3.10.0-957.1.3), along with Centrify 5.5.2-578, that will allow folks to map a shared drive from their Windows 10 machines generally fine, but quite
2007 Feb 22
5
what''s wrong?
# iptables -t mangle -A POSTROUTING -m mark --mark ! 0 -j ACCEPT
iptables v1.3.3: Bad MARK value `!''
I''m puzzled, what''s wrong with this syntax?
kernel is 2.6.15.7-ubuntu1
Thanks
Francesco
2011 Jun 13
15
puppet clients
I''ve gone over the documentation several times now and I can''t figure out how to ''apply'' a manifest to a client.
The client does have a signed certificate but the only thing in the /etc/puppet folder on the client is an ssl directory.
I have a manifest that works fine on the puppet ''master''
I have added the client into
2007 Sep 17
3
[Bug 1364] New: default for ChallengeResponseAuthentication doesn' t match sshd_config
http://bugzilla.mindrot.org/show_bug.cgi?id=1364
Summary: default for ChallengeResponseAuthentication doesn't
match sshd_config
Product: Portable OpenSSH
Version: 4.7p1
Platform: Other
OS/Version: Other
Status: NEW
Severity: normal
Priority: P2
Component: sshd
AssignedTo:
2012 Apr 23
1
Disable AD checking per share in smb.conf [sec=unclassified]
Hi,
Is it possible to have non-authenticating shares on an server with security=ADS ?
I have a RHEL server, with Centrify Express, and joined to a domain, but I would
like to have a samba share that doesn't request a username/password for machines
not on the domain.
When I have a plain windows XP machine (not on the domain) attempt to connect, I
get asked for a username/password.
Is
2012 Nov 13
1
mdX and mismatch_cnt when building an array
CentOS 6.3, x86_64.
I have noticed when building a new software RAID-6 array on CentOS 6.3
that the mismatch_cnt grows monotonically while the array is building:
# cat /proc/mdstat
Personalities : [raid6] [raid5] [raid4]
md11 : active raid6 sdg[5] sdf[4] sde[3] sdd[2] sdc[1] sdb[0]
3904890880 blocks super 1.2 level 6, 512k chunk, algorithm 2 [6/6] [UUUUUU]
2016 Oct 06
2
Can't Route LAN Traffic Behind Tinc Network
Keith,
Thanks for the reply and the pointers.
> Did you remember to activate kernel ip forwarding?
> i.e. echo 1 > /proc/sys/net/ipv4/ip_forward ?
I actually forgot to do this, but I have enabled it now in /etc/systctl.conf and can confirm now after a reboot that it's enabled. Unfortunately, still can't ping the node on the LAN.
> and when I saw that I was about to cancel
2018 Jan 14
2
Best way to generate Unix UIDs and GIDs?
Hi,
For a new samba domain, I need to create users and groups with Unix UIDs
and GIDs.
In the future, it is possible that there will be a trust with other
domains, so I need to take care that there won't be any UID/GID
conflict. Also, I assume that in the future Samba will be able to
restore deleted objects, so I need to avoid conflicts with those objects
as well.
This makes me think that a
2018 Sep 21
2
Heterogeneous mix OS smb share home redirection
I have been reading every article I can find to determine how to share home
directory redirection across multiple OS workstations.
The end result I am looking for is to store user home directory on a member
server and allow (in my case) Windows and Linux (Ubuntu in my case)
workstations to access their home directory in a single sign (to any OS)
situation. (On Ubuntu, leaning toward using winbind
2013 Oct 01
1
Gluster on ZFS: cannot open empty files
Hi everyone,
I've got glusterfs-server/glusterfs-client
version 3.4.0final-ubuntu1~precise1 (from the semiosis PPA) running on
Ubuntu 13.04. I'm trying to share ZFS (ZFS on Linux 0.6.2-1~precise from
the zfs-stable PPA) using GlusterFS. When creating the ZFS filesystem and
the Gluster volume, I accepted all the defaults and then:
- I enabled deduplication for the ZFS filesystem (zfs set