subject:"Re\: \[qmailadmin\] qmailadmin\/apache how\-to \?\?\?"

Re: [qmailadmin] qmailadmin/apache how-to ???

2008-05-05 Thread John Simpson


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On 2008-05-04, at 0638, Maurizio Rottin wrote:

2008/5/3 D. Hilbig [EMAIL PROTECTED]:


Since it is a public webserver and SELinux is an additional layer of
security I would prefer not to disable it.  I guess it might be  
time to
learn more about SELinux.  I was hoping that someone has already  
written a

document on what needs to be changed.  Oh well...


qmail and qmailadmin are security-bug free, then selinux is a weak  
enhancement.


you forgot the word IF at the beginning of that sentence.

qmail itself has a history of over ten years with no verified security  
holes, and only two possible holes reported which are caused by 32/64- 
bit discrepancies. while that is a very strong track record, and while  
i do feel that qmail itself is the most secure MTA on the planet, i  
don't consider it guaranteed free of security holes, any more than i  
would any other program.




anyway you can meanwhile leave selinux activated but in targeted way
(not enforced),so that selinux will report any problem encountered but
won't stop the execution. This is a good way for debugging it and
create new rules; i've never found a written policy for
qmailadmin...(and be sure restorecond is onchkconfig --list | grep
restorecond)


excellent advice... this keeps SELinux from interfering with the  
proper operation of the server, while giving you feedback about what  
which specific rules need to be written for your system.


doing a google search for selinux howto will give you a long list of  
web pages which will teach you how SELinux works. the guys on the  
fedora team really know this stuff cold, because they've been writing  
the tools for fedora 8 and fedora 9 to allow people to manage  
policies. the first pages i would read would be the ones they've  
written.



- 
| John M. Simpson  --  KG4ZOW  --  Programmer At Large |
| http://www.jms1.net/ [EMAIL PROTECTED] |
- 
|   Hope for America  --  http://www.ronpaul2008.com/  |
- 





-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.7 (Darwin)

iD8DBQFIH1FyEB9RczMG/PsRAqzxAKDbhSWyFg0MrLr4x33XO1xWA1kZ/QCeKY2C
fJGsRgb8GUnrB5cmIdIhKbQ=
=0w4V
-END PGP SIGNATURE-

!DSPAM:481f5182120501977914725!

Re: [qmailadmin] qmailadmin/apache how-to ???

2008-05-03 Thread Maurizio Rottin

there two way to make it work!
one is configure selinux with new rules, the other one is disable selinux.
to disable selinux do
#setenforce 0
then edit /etc/selinux.conf??? don't remember where the file is..and
chenge in disable so that in the next reboot selinux won't come up
again.

2008/5/3 D. Hilbig [EMAIL PROTECTED]:

  Yes.  I get the login screen, but cannot login.

  Here are the error messages:

  May  2 23:25:57 server setroubleshoot:
  SELinux is preventing the /var/www/cgi-bin/qmailadmin from using potentially
  mislabeled files cdb (var_t).
  For complete SELinux messages. run sealert -l
  1ec6bf27-c839-4063-a36f-bc80e2872bc2

  May  2 23:25:57 server setroubleshoot:
  SELinux is preventing the /var/www/cgi-bin/qmailadmin from using potentially
  mislabeled files (etc).
  For complete SELinux messages. run sealert -l
  9a4c375d-6ec9-4cce-82a4-50b21f1c8b58




  -Original Message-
  From: ed [mailto:[EMAIL PROTECTED]
  Sent: Thursday, May 01, 2008 1:35 PM
  To: qmailadmin@inter7.com
  Subject: Re: [qmailadmin] qmailadmin/apache how-to ???


 On Wed, 30 Apr 2008 15:14:41 -0700
  D. Hilbig [EMAIL PROTECTED] wrote:

   Where can I find a good how-to for configuring qmailadmin under
   apache?  I'd like a document that provides some technical insights
   with respect to the apache configuration including any security
   concerns.  I'm also wondering about an possible issues with SELinux
   in targeted mode.  I'm using CentOS v5.1 with apache v2.2.3.  Any
   help is appreciated.
  
  
  
  


 Do you have a problem with the configuration at the moment?

  --
  The 14.4 dialup to the PS2 is losing cohesion because of a trailing
  space in /etc/passwd. The Sys Admin is ordering a pizza.
  :: http://www.s5h.net/ :: http://www.s5h.net/gpg.html


  





-- 
mr

!DSPAM:481c5777120508044218332!

RE: [qmailadmin] qmailadmin/apache how-to ???

2008-05-03 Thread D. Hilbig


Since it is a public webserver and SELinux is an additional layer of
security I would prefer not to disable it.  I guess it might be time to
learn more about SELinux.  I was hoping that someone has already written a
document on what needs to be changed.  Oh well...

 

-Original Message-
From: Maurizio Rottin [mailto:[EMAIL PROTECTED] 
Sent: Saturday, May 03, 2008 5:16 AM
To: qmailadmin@inter7.com
Subject: Re: [qmailadmin] qmailadmin/apache how-to ???

there two way to make it work!
one is configure selinux with new rules, the other one is disable selinux.
to disable selinux do
#setenforce 0
then edit /etc/selinux.conf??? don't remember where the file is..and
chenge in disable so that in the next reboot selinux won't come up
again.

2008/5/3 D. Hilbig [EMAIL PROTECTED]:

  Yes.  I get the login screen, but cannot login.

  Here are the error messages:

  May  2 23:25:57 server setroubleshoot:
  SELinux is preventing the /var/www/cgi-bin/qmailadmin from using
potentially
  mislabeled files cdb (var_t).
  For complete SELinux messages. run sealert -l
  1ec6bf27-c839-4063-a36f-bc80e2872bc2

  May  2 23:25:57 server setroubleshoot:
  SELinux is preventing the /var/www/cgi-bin/qmailadmin from using
potentially
  mislabeled files (etc).
  For complete SELinux messages. run sealert -l
  9a4c375d-6ec9-4cce-82a4-50b21f1c8b58




  -Original Message-
  From: ed [mailto:[EMAIL PROTECTED]
  Sent: Thursday, May 01, 2008 1:35 PM
  To: qmailadmin@inter7.com
  Subject: Re: [qmailadmin] qmailadmin/apache how-to ???


 On Wed, 30 Apr 2008 15:14:41 -0700
  D. Hilbig [EMAIL PROTECTED] wrote:

   Where can I find a good how-to for configuring qmailadmin under
   apache?  I'd like a document that provides some technical insights
   with respect to the apache configuration including any security
   concerns.  I'm also wondering about an possible issues with SELinux
   in targeted mode.  I'm using CentOS v5.1 with apache v2.2.3.  Any
   help is appreciated.
  
  
  
  


 Do you have a problem with the configuration at the moment?

  --
  The 14.4 dialup to the PS2 is losing cohesion because of a trailing
  space in /etc/passwd. The Sys Admin is ordering a pizza.
  :: http://www.s5h.net/ :: http://www.s5h.net/gpg.html


  





-- 
mr




!DSPAM:481cc0ec120503459687583!

Re: [qmailadmin] qmailadmin/apache how-to ???

2008-05-03 Thread Tren Blackburn

Wouldn't a requisite of using selinux be to learn how it works first instead of 
blindly following a how-to so when it breaks you're able to function to fix it? 
I've been using qmailadmin since about 1998 and have never had an issue with it 
security-wise.

Just my $0.02CAD :)

- Original Message -
From: D. Hilbig [EMAIL PROTECTED]
To: qmailadmin@inter7.com qmailadmin@inter7.com
Sent: Sat May 03 12:45:41 2008
Subject: RE: [qmailadmin] qmailadmin/apache how-to ???

Since it is a public webserver and SELinux is an additional layer of
security I would prefer not to disable it.  I guess it might be time to
learn more about SELinux.  I was hoping that someone has already written a
document on what needs to be changed.  Oh well...

-Original Message-
From: Maurizio Rottin [mailto:[EMAIL PROTECTED] 
Sent: Saturday, May 03, 2008 5:16 AM
To: qmailadmin@inter7.com
Subject: Re: [qmailadmin] qmailadmin/apache how-to ???

there two way to make it work!
one is configure selinux with new rules, the other one is disable selinux.
to disable selinux do
#setenforce 0
then edit /etc/selinux.conf??? don't remember where the file is..and
chenge in disable so that in the next reboot selinux won't come up
again.

2008/5/3 D. Hilbig [EMAIL PROTECTED]:

  Yes.  I get the login screen, but cannot login.

  Here are the error messages:

  May  2 23:25:57 server setroubleshoot:
  SELinux is preventing the /var/www/cgi-bin/qmailadmin from using
potentially
  mislabeled files cdb (var_t).
  For complete SELinux messages. run sealert -l
  1ec6bf27-c839-4063-a36f-bc80e2872bc2

  May  2 23:25:57 server setroubleshoot:
  SELinux is preventing the /var/www/cgi-bin/qmailadmin from using
potentially
  mislabeled files (etc).
  For complete SELinux messages. run sealert -l
  9a4c375d-6ec9-4cce-82a4-50b21f1c8b58

  -Original Message-
  From: ed [mailto:[EMAIL PROTECTED]
  Sent: Thursday, May 01, 2008 1:35 PM
  To: qmailadmin@inter7.com
  Subject: Re: [qmailadmin] qmailadmin/apache how-to ???

 On Wed, 30 Apr 2008 15:14:41 -0700
  D. Hilbig [EMAIL PROTECTED] wrote:

   Where can I find a good how-to for configuring qmailadmin under
   apache?  I'd like a document that provides some technical insights
   with respect to the apache configuration including any security
   concerns.  I'm also wondering about an possible issues with SELinux
   in targeted mode.  I'm using CentOS v5.1 with apache v2.2.3.  Any
   help is appreciated.

 Do you have a problem with the configuration at the moment?

  --
  The 14.4 dialup to the PS2 is losing cohesion because of a trailing
  space in /etc/passwd. The Sys Admin is ordering a pizza.
  :: http://www.s5h.net/ :: http://www.s5h.net/gpg.html

-- 
mr

!DSPAM:481cc1bc120508759915645!

Re: [qmailadmin] qmailadmin/apache how-to ???

2008-05-02 Thread Maurizio Rottin

try this
cd /pathtoqmailamin
tar zxvf qmailadmin-1.2.9.tar.gz
cd qmailadmin-1.2.9
./configure --enable-cgibindir=/var/www/cgi-bin
--enable-htmldir=/var/www/html [--disable-ezmlm-mysql depends on how
you compiled vpopmail]
make  make install-strip
cd /var/www/html
echo 'html'  qmailadmin.html
echo 'script language=JavaScript'  qmailadmin.html
echo 
setTimeout('location.href=\/cgi-bin/qmailadmin\',0); 
qmailadmin.html
echo '/script'  qmailadmin.html
echo 'head'  qmailadmin.html
echo 'titleMail Admin'  qmailadmin.html
echo '/title'  qmailadmin.html
echo '/head'  qmailadmin.html
echo 'body bgcolor=white'  qmailadmin.html
echo '/body'  qmailadmin.html
echo '/html'  qmailadmin.html
cd /etc/httpd/conf/
echo   httpd.conf
echo VirtualHost YOURIPOR*:80  httpd.conf
echo 'DocumentRoot /var/www/html'  httpd.conf
echo 'ScriptAlias /cgi-bin/ /var/www/cgi-bin/'  httpd.conf
echo 'ServerName YOURSERVERNAME'  httpd.conf
echo 'DirectoryIndex qmailadmin.html'  httpd.conf
echo 'ErrorLog /var/log/httpd/qmailadmin_error.log'  httpd.conf
echo 'CustomLog /var/log/httpd/qmailadmin_access.log combined'  httpd.conf
echo '/VirtualHost'  httpd.conf
echo   httpd.conf




2008/5/1 D. Hilbig [EMAIL PROTECTED]:
 Where can I find a good how-to for configuring qmailadmin under apache?  I'd
  like a document that provides some technical insights with respect to the
  apache configuration including any security concerns.  I'm also wondering
  about an possible issues with SELinux in targeted mode.  I'm using CentOS
  v5.1 with apache v2.2.3.  Any help is appreciated.


  





-- 
mr

!DSPAM:481ad6a2120501128411945!

RE: [qmailadmin] qmailadmin/apache how-to ???

2008-05-02 Thread D. Hilbig


Yes.  I get the login screen, but cannot login.

Here are the error messages:

May  2 23:25:57 server setroubleshoot:
SELinux is preventing the /var/www/cgi-bin/qmailadmin from using potentially
mislabeled files cdb (var_t).
For complete SELinux messages. run sealert -l
1ec6bf27-c839-4063-a36f-bc80e2872bc2

May  2 23:25:57 server setroubleshoot:
SELinux is preventing the /var/www/cgi-bin/qmailadmin from using potentially
mislabeled files (etc).
For complete SELinux messages. run sealert -l
9a4c375d-6ec9-4cce-82a4-50b21f1c8b58



-Original Message-
From: ed [mailto:[EMAIL PROTECTED] 
Sent: Thursday, May 01, 2008 1:35 PM
To: qmailadmin@inter7.com
Subject: Re: [qmailadmin] qmailadmin/apache how-to ???

On Wed, 30 Apr 2008 15:14:41 -0700
D. Hilbig [EMAIL PROTECTED] wrote:

 Where can I find a good how-to for configuring qmailadmin under
 apache?  I'd like a document that provides some technical insights
 with respect to the apache configuration including any security
 concerns.  I'm also wondering about an possible issues with SELinux
 in targeted mode.  I'm using CentOS v5.1 with apache v2.2.3.  Any
 help is appreciated.
 
 
 
 

Do you have a problem with the configuration at the moment?

-- 
The 14.4 dialup to the PS2 is losing cohesion because of a trailing
space in /etc/passwd. The Sys Admin is ordering a pizza.
:: http://www.s5h.net/ :: http://www.s5h.net/gpg.html


!DSPAM:481ba749120502055149098!

Re: [qmailadmin] qmailadmin/apache how-to ???

2008-05-02 Thread Tren Blackburn

Selinux doesn't like setuid and setgid programs as I recall. I unfortunately 
don't know how to work around that, but I think this has been discussed in the 
past. Have you searched the mailing list archives?

HTH,

Tren

- Original Message -
From: D. Hilbig [EMAIL PROTECTED]
To: qmailadmin@inter7.com qmailadmin@inter7.com
Sent: Fri May 02 16:44:04 2008
Subject: RE: [qmailadmin] qmailadmin/apache how-to ???


Yes.  I get the login screen, but cannot login.

Here are the error messages:

May  2 23:25:57 server setroubleshoot:
SELinux is preventing the /var/www/cgi-bin/qmailadmin from using potentially
mislabeled files cdb (var_t).
For complete SELinux messages. run sealert -l
1ec6bf27-c839-4063-a36f-bc80e2872bc2

May  2 23:25:57 server setroubleshoot:
SELinux is preventing the /var/www/cgi-bin/qmailadmin from using potentially
mislabeled files (etc).
For complete SELinux messages. run sealert -l
9a4c375d-6ec9-4cce-82a4-50b21f1c8b58



-Original Message-
From: ed [mailto:[EMAIL PROTECTED] 
Sent: Thursday, May 01, 2008 1:35 PM
To: qmailadmin@inter7.com
Subject: Re: [qmailadmin] qmailadmin/apache how-to ???

On Wed, 30 Apr 2008 15:14:41 -0700
D. Hilbig [EMAIL PROTECTED] wrote:

 Where can I find a good how-to for configuring qmailadmin under
 apache?  I'd like a document that provides some technical insights
 with respect to the apache configuration including any security
 concerns.  I'm also wondering about an possible issues with SELinux
 in targeted mode.  I'm using CentOS v5.1 with apache v2.2.3.  Any
 help is appreciated.
 
 
 
 

Do you have a problem with the configuration at the moment?

-- 
The 14.4 dialup to the PS2 is losing cohesion because of a trailing
space in /etc/passwd. The Sys Admin is ordering a pizza.
:: http://www.s5h.net/ :: http://www.s5h.net/gpg.html





!DSPAM:481ba9a0120509728869052!

Re: [qmailadmin] qmailadmin/apache how-to ???

2008-05-01 Thread ed

On Wed, 30 Apr 2008 15:14:41 -0700
D. Hilbig [EMAIL PROTECTED] wrote:

 Where can I find a good how-to for configuring qmailadmin under
 apache?  I'd like a document that provides some technical insights
 with respect to the apache configuration including any security
 concerns.  I'm also wondering about an possible issues with SELinux
 in targeted mode.  I'm using CentOS v5.1 with apache v2.2.3.  Any
 help is appreciated.
 
 
 !DSPAM:4818ef53120506044111576!
 

Do you have a problem with the configuration at the moment?

-- 
The 14.4 dialup to the PS2 is losing cohesion because of a trailing
space in /etc/passwd. The Sys Admin is ordering a pizza.
:: http://www.s5h.net/ :: http://www.s5h.net/gpg.html


signature.asc
Description: PGP signature
!DSPAM:481a297a120501057511886!

RE: [qmailadmin] qmailadmin/apache how-to ???

2008-05-01 Thread Jeremy Kenney

Qmailrocks.org

-Original Message-
From: ed [mailto:[EMAIL PROTECTED] 
Sent: Thursday, May 01, 2008 4:35 PM
To: qmailadmin@inter7.com
Subject: Re: [qmailadmin] qmailadmin/apache how-to ???

On Wed, 30 Apr 2008 15:14:41 -0700
D. Hilbig [EMAIL PROTECTED] wrote:

 Where can I find a good how-to for configuring qmailadmin under 
 apache?  I'd like a document that provides some technical insights 
 with respect to the apache configuration including any security 
 concerns.  I'm also wondering about an possible issues with SELinux in 
 targeted mode.  I'm using CentOS v5.1 with apache v2.2.3.  Any help is 
 appreciated.

Do you have a problem with the configuration at the moment?

--
The 14.4 dialup to the PS2 is losing cohesion because of a trailing space in
/etc/passwd. The Sys Admin is ordering a pizza.
:: http://www.s5h.net/ :: http://www.s5h.net/gpg.html

!DSPAM:481a2f3a120502686319533!

Re: [qmailadmin] qmailadmin/apache how-to ???

2008-05-01 Thread Maurizio Rottin

2008/5/1 Jeremy Kenney [EMAIL PROTECTED]:
 Qmailrocks.org


qmailrocks is outdated!
go to toaster instead!


-- 
mr

!DSPAM:481a36d2120501477918748!

Re: [qmailadmin] qmailadmin/apache how-to ???

2008-05-01 Thread ed

On Thu, 1 May 2008 23:32:00 +0200
Maurizio Rottin [EMAIL PROTECTED] wrote:

 2008/5/1 Jeremy Kenney [EMAIL PROTECTED]:
  Qmailrocks.org
 
 
 qmailrocks is outdated!
 go to toaster instead!
 
 
 -- 
 mr
 
 !DSPAM:481a36d2120501477918748!
 

Heh,

Agreed, how did you jump straight on the qmailrocks.org thing though?

-- 
The 28.8 frame relay to south lata is dropping packets because of a
memory leak in the lyris server. The Rebel Alliance is looking for
someone to blame. :: http://www.s5h.net/ :: http://www.s5h.net/gpg.html


signature.asc
Description: PGP signature
!DSPAM:481a4a80120502282762728!

Re: [qmailadmin] qmailadmin/apache how-to ???

2008-04-26 Thread Tren Blackburn

http://shupp.org/toaster

Regards,

Tren

- Original Message -
From: D. Hilbig [EMAIL PROTECTED]
To: qmailadmin@inter7.com qmailadmin@inter7.com
Sent: Sat Apr 26 13:48:58 2008
Subject: [qmailadmin] qmailadmin/apache how-to ???

Where can I find a good how-to for configuring qmailadmin under apache?  I'm
using CentOS v5.1 with apache v2.2.3.  Any help is appreciated.

!DSPAM:4813987b120501666388027!

Re: [qmailadmin] qmailadmin/apache how-to ???

Re: [qmailadmin] qmailadmin/apache how-to ???

RE: [qmailadmin] qmailadmin/apache how-to ???

Re: [qmailadmin] qmailadmin/apache how-to ???

Re: [qmailadmin] qmailadmin/apache how-to ???

RE: [qmailadmin] qmailadmin/apache how-to ???

Re: [qmailadmin] qmailadmin/apache how-to ???

Re: [qmailadmin] qmailadmin/apache how-to ???

RE: [qmailadmin] qmailadmin/apache how-to ???

Re: [qmailadmin] qmailadmin/apache how-to ???

Re: [qmailadmin] qmailadmin/apache how-to ???

Re: [qmailadmin] qmailadmin/apache how-to ???

12 matches

Site Navigation

Mail list logo

Footer information