Displaying 20 results from an estimated 7000 matches similar to: "selinux allow FTP"
2015 Mar 02
5
selinux allow FTP
On 3/2/2015 2:34 PM, John R Pierce wrote:
> step 1) delete FTPD, and use ssh/scp/rscp instead.
errr, I meant, sftp, not rscp
--
john r pierce 37N 122W
somewhere on the middle of the left coast
2015 Mar 02
4
selinux allow FTP
2015-03-03 0:43 GMT+02:00 Tim Dunphy <bluethundr at gmail.com>:
> >
> > errr, I meant, sftp, not rscp
>
>
> Heh.. yeah. But the client isn't gonna go for that. LOL. Any way to allow
> regular ol' FTP using SELinux? Or does that just defeat the purpose of
> having a secure SELlinux server entirely?
>
FTP is not safe as it does not encrypt username(s)
2015 Mar 02
0
selinux allow FTP
>
> errr, I meant, sftp, not rscp
Heh.. yeah. But the client isn't gonna go for that. LOL. Any way to allow
regular ol' FTP using SELinux? Or does that just defeat the purpose of
having a secure SELlinux server entirely?
Thanks
Tim
On Mon, Mar 2, 2015 at 5:35 PM, John R Pierce <pierce at hogranch.com> wrote:
> On 3/2/2015 2:34 PM, John R Pierce wrote:
>
>>
2015 Mar 03
2
selinux allow FTP
On Mon, Mar 2, 2015 at 4:43 PM, Tim Dunphy <bluethundr at gmail.com> wrote:
>>
>> errr, I meant, sftp, not rscp
>
>
> Heh.. yeah. But the client isn't gonna go for that. LOL. Any way to allow
> regular ol' FTP using SELinux? Or does that just defeat the purpose of
> having a secure SELlinux server entirely?
What is the context here? The big problem
2015 Mar 05
0
selinux allow FTP
Guys,
I hear all your arguments against using FTP. I completely get all that.
But I am making things a little bit safer by using virtual users that have
no access to the file system. The ftp user account has a shell of
/bin/false. And I was able to get proftpd working with SELinux
using setsebool -P ftp_home_dir on.
The client is recalcitrant to using any technology he doesn't know. I have
2015 Mar 03
0
selinux allow FTP
On Tue, Mar 3, 2015 at 2:33 PM, Les Mikesell <lesmikesell at gmail.com> wrote:
> On Mon, Mar 2, 2015 at 4:43 PM, Tim Dunphy <bluethundr at gmail.com> wrote:
> >>
> >> errr, I meant, sftp, not rscp
> >
> >
> > Heh.. yeah. But the client isn't gonna go for that. LOL. Any way to allow
> > regular ol' FTP using SELinux? Or does that
2015 Mar 30
5
mysql can't connect from localhost -strange behavior
Hey all,
I've been having some trouble creating a mysql user that can connect to
the database from localhost. It's always been a straight forward thing to
do in the past, so its time for a sanity check, if you guys don't mind.
Ok, so here's the actual command with actual simplified password that I'm
using. It's on localhost so I don't think it's a security threat
2015 Jan 22
2
SELinux permissions for apache
Hey Jeremy,
> Have you tried changing the folder where it's writing into with these
> lables? httpd_sys_content_rw_t or httpd_user_content_rw_t
Adding 'rw' to the command did the trick. I tried httpd_sys_content_rw_t and
that works fine! Thanks for the tip!
Tim
On Thu, Jan 22, 2015 at 1:19 PM, Jeremy Hoel <jthoel at gmail.com> wrote:
> Have you tried changing
2015 Feb 03
5
user nobody can't access file
Hey guys,
I need to give the 'nobody' user (which is what our apache runs as) no
password access to a file, via sudo. This is what I've tried:
nobody ALL=(ALL) NOPASSWD: /var/www/qa/launchpadnew/site/ftp_check.php
But if I become the nobody user and try to access the file, it tries to
prompt me for a password:
-bash-3.2$ php /var/www/qa/launchpadnew/site/ftp_check.php
[sudo]
2015 Oct 15
1
selinux commands fail on low memory box
>
> How about adding some swap into system?
Not a bad idea, Eero! That worked.
[root at ops3:~] #cat /proc/swaps
Filename Type Size Used
Priority
/swapfile file 1048572 712 -1
[root at ops3:~] #semodule -i newrelic.pp
[root at ops3:~] #
Thanks!
Tim
On Thu, Oct 15, 2015 at 12:19 AM, Eero Volotinen
2015 Feb 28
3
disk space trouble on ec2 instance
Hey all,
Ok, so I've been having some trouble for a while with an EC2 instance
running CentOS 5.11 with a disk volume reporting 100% usage. Root is on an
EBS volume.
So I've tried the whole 'du -sk | sort -nr | head -10' routine all around
this volume getting rid of files. At first I was getting rid of about 50MB
of files. Yet the volume remains at 100% capacity.
Thinking
2015 Mar 30
1
mysql can't connect from localhost -strange behavior
>
> mysql> FLUSH PRIVILEGES;
Yup! That was it. Thanks for the reminder! :)
Tim
On Mon, Mar 30, 2015 at 12:15 AM, Steven Tardy <sjt5atra at gmail.com> wrote:
>
> > mysql> grant all privileges on ftp.* to 'proftpd'@'localhost'
> identified by
> > 'testpattern';
> > Query OK, 0 rows affected (0.35 sec)
>
> mysql> FLUSH
2015 Jan 22
2
SELinux permissions for apache
>
> The easiest answer is to edit the Selinux config file. By default it is
> set to enforce, which really locks it down.
> cd /etc/selinux
> edit the config file and change SELUNIX=enforcing to SELUNIX=permissive
> Save the file and restart httpd, you should be fine..
Yeah dude, exactly. Except I actually do want to start using it. I've been
disabling SELINUX forever
2015 Mar 05
1
SELinux kills Cassandra based website
Hi Jeremy,
An easy way to start troubleshooting these is to look at the audit logs and
> see what SELInux is blocking. You have /McFrazier in the email.. if that's
> off the root tree than unless you've set permissions to allow httpd to look
> at tat folder, I bet that's one problem.
> if you run ls -Z you can see the labels that are present on those folders,
> that
2015 Jan 22
2
SELinux permissions for apache
Hey all,
I have a simple php app working that writes some info to a text file. The
app will only work correctly if SELinux is disabled. If it's enabled and
try to use the app, it fails. It seems that SELinux is denying the app
ability to write to the text file.
So I tried running the following command:
chcon -R -t httpd_sys_content_t /var/www
And tried veriying the command with the
2014 Oct 19
3
rsync question: building list taking forever
Guys,
I've setup an rsync between two directories that I've mounted locally on a
jump box. Long story short, the two directories are both NFS shares from
two different hosts. Our security dept won't allow us to SSH between the
two data centers, directly. But the jump host can contact both. So what
I've done is mount the NFS shares from one host in each data center on the
jump box
2015 Jun 17
2
selinux allow apache log access
>
> What turns up in myzabbix.te?
Same deal. :(
#semodule -i myzabbix.te
semodule: Failed on myzabbix.te!
sigh... but thanks any other clues?
On Wed, Jun 17, 2015 at 11:42 AM, Harold Toms <h.toms at qmul.ac.uk> wrote:
> On 17/06/15 16:29, Tim Dunphy wrote:
>
>> That's because there's already a zabbix module loaded (the message isn't
>>> very
2015 Mar 03
2
selinux allow FTP
On Mar 3, 2015, at 2:30 PM, Brian Mathis <brian.mathis+centos at betteradmin.com> wrote:
>
> people are bound by corporate restrictions
That seems like an awfully convenient rug to sweep problems under.
Can?t fix a security problem? Corporate restrictions!
Can?t require sensible security defaults restrictions by default? Corporate restrictions!
Can?t move off IE6? Corporate
2011 Dec 13
0
proftpd graphical clients not working
Hello list,
With my latest proftpd server graphical client error on list (ls) directory:
Error: Could not read from socket: ECONNRESET - Connection reset by peer
Error: Disconnected from server
Error: Failed to retrieve directory listing
So far I've tried both filezilla and cyberduck.
But command line ftp works completely:
[dunphy at BAM-025715-TD:~] #ftp jfweb
Connected to jfweb.
2015 Mar 02
0
selinux allow FTP
Also check this out: http://www.bitvise.com/ftp-bridge
--
Eero
2015-03-03 0:51 GMT+02:00 Eero Volotinen <eero.volotinen at iki.fi>:
>
>
> 2015-03-03 0:43 GMT+02:00 Tim Dunphy <bluethundr at gmail.com>:
>
>> >
>> > errr, I meant, sftp, not rscp
>>
>>
>> Heh.. yeah. But the client isn't gonna go for that. LOL. Any way to allow