On Thu, Jun 2, 2011 at 7:57 PM, Bob Hepple bhep...@promptu.com wrote:
Has anyone got Bastille-linux running on Centos-5.6?
Nope, but I have a hardening document that I wrote up for an earlier version
of Red Hat that might be applicable -- I incorporated the Bastille
recommendations into my
On Mon, May 30, 2011 at 5:08 PM, Dotan Cohen dotanco...@gmail.com wrote:
Can grep show the matching lines and the next N lines after a match?
I would ideally grep on [Tag h1] and have grep display the match and
the next 5 lines so that I see all the content of the h1 section.
Try
grep -A
On Tue, May 24, 2011 at 4:52 PM, Scott Robbins scot...@nyc.rr.com wrote:
I'm going to post a link to my own page on it---which has links to other
pages. Among other things, it goes through TLS.
http://home.roadrunner.com/~computertaijutsu/ldap.html
Scott,
I didn't read through the whole
On Mon, Dec 27, 2010 at 9:30 AM, S Mathias smathias1...@yahoo.com wrote:
Dec 27 14:11:46 a kernel: [ 6336.992320] O_D_LOG: IN= OUT=lo SRC=127.0.0.1
DST=127.0.0.1 LEN=60
TOS=0x00 PREC=0x00 TTL=64 ID=61533 DF PROTO=TCP SPT=37263 DPT=25 WINDOW=32792
RES=0x00 SYN URGP=0
but where or how could
On Thu, Nov 4, 2010 at 4:27 PM, Tim Dunphy bluethu...@gmail.com wrote:
I need to generate a subkey in gpg in order to sign my emails. I
already have a main key. how do I generate the subkey I need to
encrypt emails? I have already run gpg --gen-key
The nas host in question is a freenas which I believe is NFS 4. I can
/ will verify if someone would care to respond to this thread.
but when I go to do the same thing in the centos net install I get an
error stating simply: that directory cannot be mounted from the server.
Is the FreeNAS
On Mon, Aug 23, 2010 at 11:08 AM, Gabriel Tabares
gabriel.taba...@roboreus.com
One more thing, if this is the case, why does the nslookup respond
straight away? Is the destination server trying to somehow validate the
host where the connection came from?
It's entirely possible (and probable)
django.core.exceptions.ImproperlyConfigured: MySQLdb-1.2.1p2 or newer is
required; you have 1.2.1
To identify what package contains a specific file, you can use yum search.
For example:
yum search MySQLdb
returns
MySQL-python.x86_64 : An interface to MySQL
therefore MySQLdb can be updated
/etc/sysconfig/network-scripts/ifup-eth: BOOTPROTO=bootp
So, it's not PEERDNS, not DHCP, not NetworkManager. Why is dhclient-script
even being run?
BOOTPROTO=bootp is triggering it.
In /etc/sysconfig/network-scripts/ifup-eth:
if [ ${BOOTPROTO} = bootp -o ${BOOTPROTO} = dhcp ]; then
conversation. The question is: why are all of these remote servers
trying to make connections back to me on high-numbered ports? Should I
be allowing these connections somehow?
The remote server probably thinks that it's still supposed to be
making connections back to you -- a couple of the
On Thu, Oct 8, 2009 at 1:41 PM, Dave tdbtdb+cen...@gmail.com wrote:
My machine has a static IP, with dhcp and IPv6 disabled. Every time I
reboot, some process rewrites /etc/resolv.conf, including a comment
about dhcpclient. The only package I have installed that shows up in
rpm -qa|grep -i
You guessed right. But the question remains, what software is writing the
file?
/etc/init.d/network calls /etc/sysconfig/network-scripts/ifup which
calls /sbin/dhclient which calls /sbin/dhclient-script which
overwrites your resolv.conf with the info it gets from the DHCP server
on the
On Thu, Oct 8, 2009 at 5:39 PM, Dave tdbtdb+cen...@gmail.com wrote:
On Thu, Oct 8, 2009 at 11:27 AM, Meenoo Shivdasani mee...@gmail.com wrote:
/etc/init.d/network calls /etc/sysconfig/network-scripts/ifup which
calls /sbin/dhclient which calls /sbin/dhclient-script which
overwrites your
Then we can go to:
... avc: denied { write } for pid=5898 comm=LLAWP
path=/var/log/httpd/smagent.log dev=sda3 ino=whatever
scontext=root:system_r:httpd_t:s0 tcontext=root:object_r:httpd_log_t:s0
tclass=file
When selinux is configured for permissive mode, the action is
permitted, but
On Thu, Aug 13, 2009 at 7:59 AM, madunixmadu...@gmail.com wrote:
Can any one clarify this, is auto updating at all production servers
recommended or not?
need to know your opinion, how do you manage the update?
For a production server, I don't auto-update. There are too many
variables
In my current small-ish setting, I use Trac for tickets and documentation. I
keep most configuration files in a Subversion repository (an export of which
serves as the depot for cfengine) -- and Trac makes it easy to link between
wiki pages, tickets, and repository revisions.
I second the
I just set up a CentOS 5.2 system with bind9 (9.3.4-6.0.1.P1.el5) and
I'm running up against a problem that seems to be related to SELinux.
If I set named_disable_trans to 1, everything works as expected, but
if I leave it enabled the server will only give me data for the zones
for which it is
If it's SELinux related, have a look at /var/log/audit/audit.log, that
will tell you what is being blocked in SELinux. That would be a good
start. Let us know what you found there, then we might be able to help
you a little more.
That's a huge help -- didn't occur to me to look in
SELinux is preventing BIND to open port UDP/16660. Did you configure
BIND to use that specific non-standard port?
I installed the latest version of BIND which randomizes the source
port...do you think that's the problem? If so, how do I get SELinux
to accept it?
M
On 7/10/08, Meenoo Shivdasani [EMAIL PROTECTED] wrote:
SELinux is preventing BIND to open port UDP/16660. Did you configure
BIND to use that specific non-standard port?
I installed the latest version of BIND which randomizes the source
port...do you think that's the problem? If so, how
On 7/10/08, Filipe Brandenburger [EMAIL PROTECTED] wrote:
Did you update the selinux-policy package at the same time?
Well, I'm almost positive that is what you are missing.
Filipe,
You nailed it. That was what I was missing.
Many thanks,
M
___
[EMAIL PROTECTED]
SMTP error: 552 5.3.4 Message size exceeds fixed limit
Reporting-MTA: dns; borg2.lydgate.lan
I presume that this is a configurable limit, but I'm not sure where to look.
Since it says MTA I'm thinking that it's probably postfix. Can someone
please tell me what parameter
On Tue, Jun 24, 2008 at 3:44 PM, Johnny Hughes [EMAIL PROTECTED] wrote:
There is a BUG with nss_ldap:
https://bugzilla.redhat.com/show_bug.cgi?id=448014
We have this bug listed in our release notes:
There is a bug with nss_ldap and bash32 ... I created a new RPM for the
nss_ldap that is currently in our testing repo.
Johnny,
I was wondering if that RPM includes the security fixes detailed in
https://rhn.redhat.com/errata/RHSA-2008-0389.html
Thanks in advance,
M
24 matches
Mail list logo