similar to: LDAP create home directories

> > You may also need to restart sssd or nslcd, depending upon which one is > running the backed ldap connection service on the clients. Hmm.. I got a different result after restarting nclcd. Instead of logging me in and just complaining that it couldn't create the home directory, it still complains about not creating the home directory, but now it doesn't let me in: #ssh

> > Check /var/log/secure for why the directory is not able to be created. > Might be selinux, is that enabled? (sestatus) Good catch! It was indeed SELinux preventing the directory from being created. Disabling it allows that to happen. For instance I just created a new test user in LDAP: #ssh odunphy at ops2.example.com odunphy at ops2.example.com's password: Creating

Check /var/log/secure for why the directory is not able to be created. Might be selinux, is that enabled? (sestatus) On Dec 19, 2015 15:40, "Tim Dunphy" <bluethundr at gmail.com> wrote: > > > > You may also need to restart sssd or nslcd, depending upon which one is > > running the backed ldap connection service on the clients. > > > Hmm.. I got a

Hey guys, My NFS server has been working really well for a long time now. Both client and server run CentOS 7.2. However when I just had to remount one of my home directories on an NFS client, I'm now getting the error when I run mount -a mount.nfs: an incorrect mount option was specified This is the corresponding line I have in my fstab file on the client:

Hey all, I just unstalled MariaDB version 10 from the mariadb repositories under a CentOS 7 host. The install went fine! [root at nfsdb1 ~]# rpm -qa | grep -i mariadb MariaDB-common-10.0.19-1.el7.centos.x86_64 MariaDB-server-10.0.19-1.el7.centos.x86_64 MariaDB-client-10.0.19-1.el7.centos.x86_64 MariaDB-shared-10.0.19-1.el7.centos.x86_64 However, when I go to start up the service, I'm

Hey guys, I'm trying to disable ZTS in php, because an application we need (AppDynamics) is not compatible with it. So I tried compiling php with the following flags: php -i | grep configure Configure Command => './configure' '--with-apxs2=/opt/apache2/bin/apxs' '--with-zlib=/usr' '--prefix=/opt/php-5.6.8' '--with-libdir=lib64'

Hey all, I have a simple php app working that writes some info to a text file. The app will only work correctly if SELinux is disabled. If it's enabled and try to use the app, it fails. It seems that SELinux is denying the app ability to write to the text file. So I tried running the following command: chcon -R -t httpd_sys_content_t /var/www And tried veriying the command with the

> > The easiest answer is to edit the Selinux config file. By default it is > set to enforce, which really locks it down. > cd /etc/selinux > edit the config file and change SELUNIX=enforcing to SELUNIX=permissive > Save the file and restart httpd, you should be fine.. Yeah dude, exactly. Except I actually do want to start using it. I've been disabling SELINUX forever

Yeah Erro, ok you have a point. I'll do that. Thanks! On Fri, Oct 30, 2015 at 11:40 AM, Eero Volotinen <eero.volotinen at iki.fi> wrote: > This is really wrong way to do this. Install yum-utils and use > yumdownloader --source package-name to get rhel version of package. Then > modify spec file and recompile. > > Eero > Hey guys, > > I'm trying to disable

hey list! I am attempting to shore up some centos machines (ranging from centos 5 to centos 5.4) for pci compliance by changing the port that nlockdmgr listens on to function under a privileged port. So what I did was try to hardcode the port by editing /etc/sysconfig/nfs # TCP port rpc.lockd should listen on. LOCKD_TCPPORT=1011 # UDP port rpc.lockd should listen on. LOCKD_UDPPORT=1011 #

Hi Eric, Thanks for your reply. I do have nrpe running under xinetd on the host I'm trying to monitor. And running the nrpe checl locally: [root at ops:~] #/usr/local/nagios/libexec/check_nrpe -H localhost NRPE v2.15 [root at ops:~] #grep only_from /etc/xinetd.d/nrpe only_from = 127.0.0.1 216.120.248.126 And I do have port 5666 open on the security group for this host.

Hey Jeremy, > Have you tried changing the folder where it's writing into with these > lables? httpd_sys_content_rw_t or httpd_user_content_rw_t Adding 'rw' to the command did the trick. I tried httpd_sys_content_rw_t and that works fine! Thanks for the tip! Tim On Thu, Jan 22, 2015 at 1:19 PM, Jeremy Hoel <jthoel at gmail.com> wrote: > Have you tried changing

Hey guys, I'm trying to echo my password into some commands inside of a bash script. But I think I'm going about it incorrectly. Here's the top part of my script: #!/bin/bash pub="~/.ssh/id_rsa.pub" dps_pass="my_pass" ssh="/usr/bin/ssh" scp="/usr/bin/scp" for i in 10.10.10.2{5,6} do echo "xfring key up" echo $dps_pass | $scp $PUB

Hi NRPE: Error receiving data from daemon Seems as this is not a SSL Problem. Do you have a nagios user account? Cat /etc/passwd Am 01.05.2015 18:45 schrieb "Tim Dunphy" <bluethundr at gmail.com>: > > > > Oh my mistake. I mean nrpe without parameters. It should say something > > about SSL/TLS aktiv or so. > > You could test nrpe without SSL. Use nrpe -n -

You may also need to restart sssd or nslcd, depending upon which one is running the backed ldap connection service on the clients. On Dec 19, 2015 14:25, "Tim Dunphy" <bluethundr at gmail.com> wrote: > Hey guys, > > I've setup an LDAP server on our network. I'm using OpenLDAP. > > It was really easy to use the authconfig-tui to generate the nsswitch.conf

Hey all, I have 3 web servers hosted at Digital Ocean that all have the same amount of memory at 512MB. They're all running CentOS 7. They are low powered apache servers and don't really need more than that. All they're doing is serving the web, no database on those hosts at all. On the first two hosts I seem to have no trouble running SELinux related commands. It's only on

> This is strange... > Do you have SSL aktive on both systems? Run nrpr localy without parameters > (this should return some nrpe stats) and check ldd for libssl. I don't seem to have that command. [root at monitor1:~] #find / -name "*nrpr" 2> /dev/null [root at monitor1:~] # And that's on either system. And if I do an ldd on both, this is what I can tell:

Oh my mistake. I mean nrpe without parameters. It should say something about SSL/TLS aktiv or so. You could test nrpe without SSL. Use nrpe -n - H host Am 01.05.2015 13:18 schrieb "Eero Volotinen" <eero.volotinen at iki.fi>: > well. how about trying default setting and running nrped without xinetd. > > -- > Eero > > 2015-05-01 14:14 GMT+03:00 Tim Dunphy

On Mar 3, 2015, at 2:30 PM, Brian Mathis <brian.mathis+centos at betteradmin.com> wrote: > > people are bound by corporate restrictions That seems like an awfully convenient rug to sweep problems under. Can?t fix a security problem? Corporate restrictions! Can?t require sensible security defaults restrictions by default? Corporate restrictions! Can?t move off IE6? Corporate

Hey all, There's a website I help run that uses the Cassandra DB as its database. I notice that if I run the web server in SELinux permissive mode, the site works fine. But if I put it into enforcing mode, the site goes down with this error: Warning: require_once(/McFrazier/PhpBinaryCql/CqlClient.php): failed to open stream: Permission denied in