Displaying 20 results from an estimated 8000 matches similar to: "Another Fedora decision"
2015 Feb 03
3
Another Fedora decision
I think it well to recall that the change which instigated this
tempest was not to the network operations of a RHEL based system but
to the 'INSTALLER' process, Anaconda. Now, I might be off base on
this but really, ask yourself: Who exactly uses an installer program?
And what is the threat model being addressed by requiring that the
installer set a suitably strong password for root?
2016 Jan 25
0
Just need to vent
On Sun, January 24, 2016 11:45, Peter Duffy wrote:
>
> Trouble is that when you go from 6 to 7, you also have the delights of
> systemd and grub 2 to contend with.
> . . .
> Similarly with others who have commented, I simply cannot
> understand why the maintainers of crucial components in
> linux have this thing about making vast changes which impact
> (usually adversely)
2020 May 09
1
rsync replication acl error
I am trying to replicate a samba-4.3 DC [192.168.8.65] to a newly joined
samba-4.10 DC. I am using rsync as described in the samba wiki, excepting that
I am using a remote shell (ssh) with the root user and password-less logins.
When I run the command below from the 4.10 DC I get acl errors as shown below.
rsync -XAavz --delete-after --rsh='ssh' [192.168.8.65]:/var/db/samba4/sysvol
2015 Feb 04
5
Another Fedora decision
On Tue, February 3, 2015 14:01, Valeri Galtsev wrote:
>
> On Tue, February 3, 2015 12:39 pm, Les Mikesell wrote:
>> On Tue, Feb 3, 2015 at 12:24 PM, Valeri Galtsev
>> <galtsev at kicp.uchicago.edu> wrote:
>>>
>>> Sounds so I almost have to feel shame for securing my boxes no
>>> matter what job vendor did ;-)
>>
>> Yes, computers and
2015 Feb 03
0
Another Fedora decision
On Mon, February 2, 2015 21:34, PatrickD Garvey wrote:
> OK, folks. You're doing a great job of describing the current milieu
> with a rough description of some best practices.
>
> Now how about some specific sources you personally used to learn your
> craft that we can use likewise?
>
> PatrickD
>
>
Go to http://www.ccc.de/en/. Visit and view some of the videos of
2015 Feb 11
1
Another Fedora decision
On Tue, February 10, 2015 18:28, Always Learning wrote:
>
> 3. The Russian's web site is that of a devote cyclist. Most of the
> films on his web site are of cycling or about cycling. Most of the
> oldish PDF files are about Linux and in Russian. I do not consider
> his site presents a malicious danger to me.
Most phishing sites do not resemble anything like what one might
2015 Feb 05
0
Another Fedora decision
On Wed, February 4, 2015 17:16, Lamar Owen wrote:.
>
> Now, I have seen this happen, on a system in the wild, where the very
> first thing the attacker did was grab a copy of /etc/shadow, even with
> an interactive reverse shell and root access being had. So even when
> you recover your system from the compromise you have the risk of all
> those passwords being known, and
2015 Jan 31
4
Another Fedora decision
On Sat, January 31, 2015 05:14, Johnny Hughes wrote:
> On 01/30/2015 06:09 PM, Scott Robbins wrote:
>> On Fri, Jan 30, 2015 at 11:27:55PM +0000, Marko Vojinovic wrote:
>>> On Fri, 30 Jan 2015 14:15:05 -0800
>>> Akemi Yagi <amyagi at gmail.com> wrote:
>>>> On Fri, Jan 30, 2015 at 2:04 PM, Scott Robbins
>>>> <scottro at nyc.rr.com>
2008 May 22
1
Re: Need help with rsync. [solved]
In-Reply-To: <f4e013870805211022r36194b29gb74ca4421dc2ee77 at mail.gmail.com>
On: Wed, 21 May 2008 10:22:19 -0700, MHR <mhullrich at gmail.com>
wrote:
>> On Wed, May 21, 2008 at 8:37 AM, James B. Byrne <byrnejb at harte-lyne.ca>
>> wrote:
>>
>> This indeed turned out to be an SELinux policy problem which I have since
>> resolved.
>
> Whoa,
2015 Feb 05
3
Another Fedora decision
On Wed, February 4, 2015 16:55, Warren Young wrote:
>> On Feb 4, 2015, at 12:16 PM, Lamar Owen <lowen at pari.edu> wrote:
>>
>> Again, the real bruteforce danger is when your /etc/shadow is
>> exfiltrated by a security vulnerability
>
> Unless you have misconfigured your system, anyone who can copy
> /etc/shadow already has root privileges. They do not need
2014 Oct 14
1
[OT]] CentOS 7 docs, tutorials, etc...
I apologize in advance for the subject and length of this reply. I debated
just letting things pass without comment. But, security has many levels. And
the first level is recognition of the threat.
Whether we recognize it or not. Whether we agree of disagree with the politics
that lie beneath this situation or not; Whether we consider this a
non-technical issue or not; By virtue of our
2020 Jul 03
0
samab-4.10 nsupdate
I changed the entries in smb4.conf (smb.conf) to this:
[global]
. . .
dns update command = /usr/local/sbin/samba_dnsupdate
nsupdate command = /usr/local/bin/samba-nsupdate -d -g
And this is what results when I run: samba_dnsupdate --verbose -d8 --all-names
. . .
update(nsupdate): SRV
_ldap._tcp.Default-First-Site-Name._sites.ForestDnsZones.brockley.harte-lyne.ca
2014 Nov 13
0
Not To James B. Byrne
On Wed, November 12, 2014 15:50, g wrote:
>
>
> On 11/12/2014 10:13 AM, Les Mikesell wrote:
>
>>
>> Well, no. Per the headers:
>>
>> Authentication-Results: mx.google.com; spf=neutral (google.com:
>> centos-bounces at centos.org does not designate permitted sender hosts)
>> smtp.mail=centos-bounces at centos.org; dkim=neutral (body hash did not
2020 Jun 25
0
samba-4.10.15 - Unable to demote secodary DC
I am testing DC administration using samba-4.10.15 on FreeBSD-12.1p6 and have
run across this:
[root at smb4-2 ~ (master)]# samba-tool domain join BROCKLEY.HARTE-LYNE.CA DC
-U"BROCKLEY\administrator"
INFO 2020-06-25 14:26:10,692 pid:47306
/usr/local/lib/python3.7/site-packages/samba/join.py #104: Finding a writeable
DC for domain 'BROCKLEY.HARTE-LYNE.CA'
INFO 2020-06-25
2020 Jul 02
0
samab-4.10 nsupdate
This is all the diagnostic information I can think of at the moment:
[root at smb4-1 ~ (master)]# klist
Credentials cache: FILE:/tmp/krb5cc_0
Principal: administrator at BROCKLEY.HARTE-LYNE.CA
Issued Expires Principal
Jul 2 10:35:11 2020 Jul 2 20:35:11 2020
krbtgt/BROCKLEY.HARTE-LYNE.CA at BROCKLEY.HARTE-LYNE.CA
[root at smb4-1 ~ (master)]# grep nsup
2012 Jan 04
3
server host keys for kvm clones
Respecting cloning vm guests, I see in /etc/ssh the
following:
ssh_host_dsa_key
ssh_host_dsa_key.pub
ssh_host_key
ssh_host_key.pub
ssh_host_rsa_key
ssh_host_rsa_key.pub
Is there a simple script somewhere to regenerate all the
server host keys for the new guest after cloning?
--
*** E-Mail is NOT a SECURE channel ***
James B. Byrne mailto:ByrneJB at
2012 Jan 04
3
server host keys for kvm clones
Respecting cloning vm guests, I see in /etc/ssh the
following:
ssh_host_dsa_key
ssh_host_dsa_key.pub
ssh_host_key
ssh_host_key.pub
ssh_host_rsa_key
ssh_host_rsa_key.pub
Is there a simple script somewhere to regenerate all the
server host keys for the new guest after cloning?
--
*** E-Mail is NOT a SECURE channel ***
James B. Byrne mailto:ByrneJB at
2020 Jun 30
0
samab-4.10 nsupdate
> Could be because you added the wrong line to your smb4.conf (why does
> freebsd call it smb4.conf ?),
Why does freebsd put these things in /usr/local/etc/? Some questions have
answers that are not worth the effort to know.
> try:
> nsupdate command = /usr/local/sbin/nsupdate -g
I did catch that error earlier. But it makes no difference. samba_dnsupdate
does not give any
2020 Jul 02
1
samab-4.10 nsupdate
Thank you for your patience.
On Tue, June 30, 2020 16:48, Rowland penny wrote:
>
> From 'man smb.conf':
>
> nsupdate command (G)
>
> This option sets the path to the nsupdate command which is used for
> GSS-TSIG dynamic DNS updates.
>
> Default: nsupdate command = /usr/bin/nsupdate -g
>
> dns update command (G)
>
> This
2005 May 09
0
DNS configuration problem
I have introduced some error in my dns resolution and I would like
some help fixing it as I cannot seem to detect what I have done
wrong. Briefly the setup is this:
name servers:
DNS01 - 216.185.71.33
DNS02 - 209.47.176.33
DNS03 - 216.185.71.34
DNS04 - 209.47.176.34 - offline
DNS01 is a master
DNS02-04 are slaves of 216.185.71.33
All are listed as authoritative for the zone test.com
The