Displaying 20 results from an estimated 10000 matches similar to: "bind chroot, bind mounts and selinux"
2015 Sep 10
0
bind chroot, bind mounts and selinux
I went through the chroot/selinux review when Centos6 came out. I went
with selinux and no chroot.
I don't have too much of an issue with systemd; I am learning it as I go.
I am putting up a Samba4 AD with Bind-DLZ backend. The Samba wiki
explicitly calls out no chroot and kind of explains why.
so I come out on the selinux side.
On 09/09/2015 09:09 PM, Tom Robinson wrote:
> Hi All,
2016 Jun 23
0
KVM HA
How about trying commercial RHEV?
Eero
22.6.2016 8.02 ap. "Tom Robinson" <tom.robinson at motec.com.au> kirjoitti:
> Hi,
>
> I have two KVM hosts (CentOS 7) and would like them to operate as High
> Availability servers,
> automatically migrating guests when one of the hosts goes down.
>
> My question is: Is this even possible? All the documentation for HA
2014 Apr 01
1
write barrier support in CentOS 6
Hi,
I've been looking for an answer to this question and can't find anything concrete that says full
support for write barriers has been backported to the stock kernel.
I've read that:
"There is incomplete write barrier support in kernel versions 2.6.32 and earlier (2.6.31 has some
support, while 2.6.33 works for all types of device target) - RHEL 6 uses 2.6.32."
Now, I
2017 Jun 29
1
samba-tool SIGSEGV
Hi,
Not sure if I should post in samba-technical or just samba list. Please advise.
Back in February I was trying to do a samba-tool classicupgrade but kept getting SIGSEGV:
https://lists.samba.org/archive/samba/2017-February/206409.html
I didn't progress much after that.
This week I've compiled samba-4.6.5 and installed that. Following the HOW-TO for classic upgrade
2015 Sep 23
1
amanda-client does not recognise 'dump'
CentOS Linux release 7.1.1503 (Core)
amanda-3.3.3-13.el7.x86_64
amanda-client-3.3.3-13.el7.x86_64
amanda-libs-3.3.3-13.el7.x86_64
dump-0.4-0.22.b44.el7.x86_64
Hi,
I have been using amanda backup for quite a long time now. I'm busy migrating some older hosts to
CentOS 7 but have found that the available amanda packages (see above) have not been compiled on a
host that has the 'dump'
2017 Feb 07
2
samba-tool domain classicupgrade smb_krb5_context_init_basic failed (Invalid argument)
Hi,
I'm having trouble with the classic upgrade. We have three samba servers:
Server1: CentOS 5/Samba 3.6 (with smbldap-tools)
Server2: CentOS 6/Samba Version 4.2.14-SerNet-RedHat-23.el6
Server3: CentOS 7/Samba Version 4.2.14-SerNet-RedHat-23.el7
Server 1: CentOS 5/Samba 3.6 (with smbldap-tools)
Serves our OpenLDAP backend for centralised authentication (LDAP replicated to two other servers
2016 Jun 22
8
KVM HA
Hi,
I have two KVM hosts (CentOS 7) and would like them to operate as High Availability servers,
automatically migrating guests when one of the hosts goes down.
My question is: Is this even possible? All the documentation for HA that I've found appears to not
do this. Am I missing something?
My configuration so fare includes:
* SAN Storage Volumes for raw device mappings for guest vms
2015 Apr 14
1
HBA enumeration and multipath configuration
# cat /etc/redhat-release
CentOS Linux release 7.1.1503 (Core)
# uname -r
3.10.0-123.20.1.el7.x86_64
Hi,
We use iSCSI over a 10G Ethernet Adapter and SRP over an Infiniband adapter to provide multipathing
to our storage:
# lspci | grep 10-Gigabit
81:00.0 Ethernet controller: Intel Corporation 82599ES 10-Gigabit SFI/SFP+ Network Connection (rev 01)
81:00.1 Ethernet controller: Intel Corporation
2016 Jan 21
1
CentOS 7 magically rebooted!
CentOS Linux release 7.2.1511 (Core)
Hi,
Last night our CentOS 7 server rebooted. Seemingly it's a very clean reboot. I can't find a shred of
evidence as to why it happened though.
Things I've checked:
* sa reports
* /var/log/{messages,secure,dmesg,cron}
* /var/log/audit/audit.log
* lastlog
The host is used for KVM virtualisation and connects via multipathing to our OmniOS SAN via
2017 Jul 10
2
domain member idmap wbinfo WBC_ERR_DOMAIN_NOT_FOUND
Hi,
I've done a classic upgrade to from samba 3.6.23 to samba 4.6.5 bringing across all the user
accounts. The samba 3.6.23 we set up with smbldap as an NT Domain with OpenLDAP. After a lot of
effort the classic upgrade worked well but now I'm a bit stuck with idmapping.
The new AD DC is running 4.6.5 on CentOS7 and I can connect using ADUC. I set up a separate AD DM on
a another CentOS7
2002 Sep 21
1
sftp chroot
Hi all:
I'm looking to chroot sftp; but not chroot ssh sessions. I came across
some info that said this is possible.
But after searching this list's archives and Google, I was rather confused
about the different patches for chrooting, and couldn't find anything that
appeared to only chroot sftp.
Is such a patch available? Can someone point me in the right direction?
Erik
1998 Jul 17
1
Re: Chrooting bind 8.1.2 under debian 2.0
> > The main problem seems to be with the way that debian starts bind
> > using
> > the script /etc/init.d/bind. I thought it would be really neat to
> > just
> > change the #!/bin/sh at the top of the script to something like :
> > #!/usr/sbin/chroot /chroot-dns/ /bin/sh
> > or
> > #!/usr/sbin/chroot /chroot-dns/
2002 May 17
3
OpenSSH 3.2.2 released : chroot
You must mean your most wanted feature. Mine is the integration of Simon's GSS patches.
Nico
--
> -----Original Message-----
> From: Jean-Michel POURE [mailto:jm.poure at freesurf.fr]
> Sent: Friday, May 17, 2002 7:35 AM
> To: Markus Friedl; openssh-unix-dev at mindrot.org
> Subject: OpenSSH 3.2.2 released : chroot
>
>
> Le Vendredi 17 Mai 2002 00:36, Markus
2009 Oct 22
1
chroot to dir per user?
Hi there,
let me just ask if you know some good way to set up user chrooting in such a
way, that each sftp user has its chroot directory entry somewhere (whatever
path) and gets chrooted there upon its login? Maybe such feature is planned?
Thanks...
K.
2013 Feb 15
2
bind-chroot rpm only builds chroot tree?
I just downloaded the bind-chroot rpm and looked into it with Archive
manager (so I am lazy), and no files, just the chroot tree. I am
assuming there is some script that Archive manager does not show, or I
am just missing it, because the ROOTDIR= did get added to
/etc/sysconfig/named (and the one in the bind rpm is without this line).
Just interesting that if you chroot, you are expected to
2005 Mar 05
2
dovecot-pgsql.conf can't find in chroot? (debian)
Plagued with an error I can't get past:
==> dovecot_info.log <==
dovecot: Mar 04 22:09:06 Info: Dovecot starting up
==> dovecot.log <==
dovecot-auth: Mar 04 22:09:07 Fatal: Can't open configuration file
/usr/local/etc/dovecot-pgsql.conf: No such file or directory
dovecot: Mar 04 22:09:07 Error: child 18211 (auth) returned error 89
dovecot: Mar 04 22:09:07 Error: Auth process
1998 Jul 14
2
Re: Chrooting bind 8.1.2 under debian 2.0
On Tue, 14 Jul 1998, cfb wrote:
> The main problem seems to be with the way that debian starts bind using
> the script /etc/init.d/bind. I thought it would be really neat to just
> change the #!/bin/sh at the top of the script to something like :
> #!/usr/sbin/chroot /chroot-dns/ /bin/sh
> or
> #!/usr/sbin/chroot /chroot-dns/ /chroot-dns/bin/sh
try changing
2007 Dec 17
2
problems with CentOS chroot
Hello,
I've got strange problem with centos (as well as rhel btw) chrooted
environment.
First of all I created simple directory with only the libs for 'bash'
and 'id' tools:
----
# chroot testcase/
bash-3.1# id
uid=0 gid=0 groups=0,1,2,3,4,6,10
----
Yes, I even do not have /etc/ directory inside testcase/ , but id shows
groups from the _host_ root account.
I tried to
2001 May 16
1
openssh and chroot
I am wondering what modifications to the chroot patch in the contrib
directory for openssh would be necessary for it to be accepted into the
standard release. Is anybody currently working on chroot for openssh? I
would be willing to work on improving and testing the patch if I knew it
would become a standard part of openssh. My main interest in a chrooted
openssh is to provide chrooted sftp so I
2017 Apr 13
2
bind vs. bind-chroot
On Thu, April 13, 2017 3:05 am, Nicolas Kovacs wrote:
> Le 13/04/2017 ? 04:27, Robert Moskowitz a ?crit :
>> But make sure to have SELinux enabled if you do not run it chrooted.
>>
>> I have mine running that way.
>
> I bluntly admit not using SELinux, because until now, I mainly used more
> bone-headed systems that didn't implement it. Maybe this is the right