Hi,
I'm currently sinking my teeth into the fine "Definitive Guide to
CentOS". Right now I'm reading the chapter about Apache. One thing
puzzles me: no mention is made of web page permissions.
Let's say I'm using Apache's default configuration for setting up the
most simple no-frills web serve
On Mon, Sep 14, 2009 at 4:23 PM, William Warren
> Why do we want to know? Because of one person's disappearance the project
> nearly went boom. Because by your own admission(the devs) the funds were
> NOT going to further the project. If you can't get a thicker skin maybe you
> need a vacation.
On Tue, 2009-09-15 at 10:20 +0200, Niki Kovacs wrote:
> I remember having setup some web servers on Debian, and the tradition
> was that everything under /var/www/html (as in this example) was to be
> owned by user www-data and group www-data.
>
> What's the "tradition" with RHEL/CentOS?
apach
On Tue, Sep 15, 2009 at 4:20 AM, Niki Kovacs wrote:
> Hi,
> Q: what permissions should I define for these pages?
I'd say, the most restrictive permissions possible, that still allow
your web application to function. I'm a bit more security
conscious/paranoid than most though.
There are an array
Ralph Angenendt a écrit :
>
> apache:apache - at least that is the UID/GID the webserver runs under.
>
Thanks very much... and thumbs up to one of the authors. I really like
the book.
Niki
___
CentOS mailing list
CentOS@centos.org
http://lists.cento
Jim Perrin a écrit :
>
> 2. Are you hosting static content or dynamic pages?
Both and neither :o)
I'm a system administrator for a series of public libraries here, and
hosting several dynamic sites on a dedicated server (running CentOS).
I'm just in one of my documentation phases, where I hav
Hi,
I have an existing iptables as follows:-
# Firewall configuration written by system-config-securitylevel
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:RH-Firewall-1-INPUT - [0:0]
-A INPUT -j RH-Firewall-1-INPUT
CentOS List wrote:
> Hi,
>
> I have an existing iptables as follows:-
>
> # Firewall configuration written by system-config-securitylevel
> # Manual customization of this file is not recommended.
> *filter
> :INPUT ACCEPT [0:0]
> :FORWARD ACCEPT [0:0]
> :OUTPUT ACCEPT [0:0]
> :RH-Firewall-1-INPUT -
On Tue, 2009-09-15 at 13:27 +0200, Niki Kovacs wrote:
> Ralph Angenendt a écrit :
>
> >
> > apache:apache - at least that is the UID/GID the webserver runs under.
> >
> Thanks very much... and thumbs up to one of the authors. I really like
> the book.
That chapter was written by someone else
On Sep 14, 2009, at 10:25 PM, "McCulloch, Alan" > wrote:
hi All,
thanks for the responses.
After being dropped into the
# Filesystem repair
prompt,
( on account of “inode 27344909 has illegal blocks” )
following warm reboot (via “reboot”) after finding (SAN )
filesystem in read-only
Hi,
On Tue, Sep 15, 2009 at 07:43, CentOS List wrote:
> How do add a redirect port 26 to 25. I had googled the net and notice that
> the syntax is different
>
> iptables -A INPUT -p tcp --dport 26 -j ACCEPT
> iptables -A PREROUTING -t nat -p tcp --dport 26 -j REDIRECT --to-port 25
I suggest you
hi,
have installed centos 4.7
We have installed qmail + simscan + vpopmail + SpamAssassin + clanAV
and when we send a mail from a particular domain, the following error leaves us
simscan: no envelope information, deferred exit
and checking our log shows me the following
2009-09-14 18:18:06.
Hi,
On Tue, Sep 15, 2009 at 09:43, Luis campo wrote:
> We have installed qmail + simscan + vpopmail + SpamAssassin + clanAV
> and when we send a mail from a particular domain, the following error leaves
> us
>
> [...]
>
> I wonder if this problem can be for Centos 4.7 [...]
Hardly, since CentOS
Peter l Jakobi wrote:
> Hi,
>
> excluding the Frankengrade from CENTOS5.3 to upstream RHEL5.4, is
> there are procedure / repository access / nightly builds / ... to what
> will be CENTOS 5.4?
>
> URLs? Howtos? Discussion threads or notes?
>
> I checked help, wiki and forums and google, b
On Tue, Sep 15, 2009 at 6:39 AM, Ralph Angenendt
wrote:
>
> On Tue, 2009-09-15 at 10:20 +0200, Niki Kovacs wrote:
>> I remember having setup some web servers on Debian, and the tradition
>> was that everything under /var/www/html (as in this example) was to be
>> owned by user www-data and group w
Hi,
On Tue, Sep 15, 2009 at 06:39, Ralph Angenendt
wrote:
> On Tue, 2009-09-15 at 10:20 +0200, Niki Kovacs wrote:
>> I remember having setup some web servers on Debian, and the tradition
>> was that everything under /var/www/html (as in this example) was to be
>> owned by user www-data and group
Hi List,
We currently have a very irritating problem with Centos 5.3 x86_64
running on a Dell Poweredge SC1435. The problem is this: We are
experiencing frequent kernel panics while using glusterfs and Fuse.
Across the cluster of servers, we are experiencing roughly 1 panic every
1-2 days. T
On Tue, Sep 15, 2009 at 03:24:52PM +0100, Tom O'Connor wrote:
> If anyone has any ideas for further debugging, or other routes for
> support. I'm running out of ideas.
Enterprise Linux 5.4 with included official FUSE support seems like the next
place to look.
--
Matthew Miller mat.
Luis campo wrote:
> hi,
>
> have installed centos 4.7
>
> We have installed qmail + simscan + vpopmail + SpamAssassin + clanAV
> and when we send a mail from a particular domain, the following error leaves
> us
>
>
How about changing that combination of qmail + simscan to postfix +
clamav-mi
Matthew Miller wrote:
> On Tue, Sep 15, 2009 at 03:24:52PM +0100, Tom O'Connor wrote:
>
>> If anyone has any ideas for further debugging, or other routes for
>> support. I'm running out of ideas.
>>
>
> Enterprise Linux 5.4 with included official FUSE support seems like the next
> place
Tom O'Connor wrote:
> Matthew Miller wrote:
>
>> On Tue, Sep 15, 2009 at 03:24:52PM +0100, Tom O'Connor wrote:
>>
>>
>>> If anyone has any ideas for further debugging, or other routes for
>>> support. I'm running out of ideas.
>>>
>>>
>> Enterprise Linux 5.4 with included
Filipe Brandenburger wrote:
> On Tue, Sep 15, 2009 at 06:39, Ralph Angenendt
> wrote:
>> On Tue, 2009-09-15 at 10:20 +0200, Niki Kovacs wrote:
>>> I remember having setup some web servers on Debian, and the
>>> tradition was that everything under /var/www/html (as in this
>>> example) was to be o
On Tue, Sep 15, 2009 at 11:58 AM, Olaf Mueller wrote:
> Filipe Brandenburger wrote:
>> On Tue, Sep 15, 2009 at 06:39, Ralph Angenendt
>> wrote:
>>> On Tue, 2009-09-15 at 10:20 +0200, Niki Kovacs wrote:
I remember having setup some web servers on Debian, and the
tradition was that everyt
Olaf Mueller wrote:
> Filipe Brandenburger wrote:
>
>> On Tue, Sep 15, 2009 at 06:39, Ralph Angenendt
>> wrote:
>>> On Tue, 2009-09-15 at 10:20 +0200, Niki Kovacs wrote:
I remember having setup some web servers on Debian, and the
tradition was that everything under /var/www/html (as in
Les Mikesell wrote:
> Olaf Mueller wrote:
>> Filipe Brandenburger wrote:
>>
>>> On Tue, Sep 15, 2009 at 06:39, Ralph Angenendt
>>> wrote:
On Tue, 2009-09-15 at 10:20 +0200, Niki Kovacs wrote:
> I remember having setup some web servers on Debian, and the
> tradition was that everythi
Hi,
On Tue, Sep 15, 2009 at 11:58, Olaf Mueller wrote:
> Filipe Brandenburger wrote:
>
>> On Tue, Sep 15, 2009 at 06:39, Ralph Angenendt
>> wrote:
>>> apache:apache - at least that is the UID/GID the webserver runs
>>> under.
>>
>> That's wrong. If your files are owned by Apache, any user that
2009/9/15 Filipe Brandenburger :
> I suggest you use "iptables" commands to add and delete rules until
> you set the firewall the way you want, and when everything is ready
> use the "service iptables save" command, that will write a new
> /etc/sysconfig/iptables with the current rules you have.
T
Brian Mathis wrote:
> You are being disingenuous here by selectively editing out the
> relevant quoted text from the same message above, which I will add
> back in as a quote here:
Disingenuous? Seems to me that it is a question of truth for you.
Once again. 'apache:apache' is a risk, but it is n
Hi!
Some weeks ago the "Running Xen"-book was recommended to me on this
list. A nice book, but it gave me crazy idea: One of the
recommendations (which sounds very reasonable to me) was to have
instead of a single file that serves as a disk-image to have to
files: one of them (which is mounted to
On Tue, Sep 15, 2009 at 1:23 PM, Bernhard Gschaider <
bgschaid_li...@ice-sf.at> wrote:
>
> Hi!
>
> Some weeks ago the "Running Xen"-book was recommended to me on this
> list. A nice book, but it gave me crazy idea: One of the
> recommendations (which sounds very reasonable to me) was to have
> ins
Hi,
I am trying to secure my CentOS file systems by introducing
"nodev" to devies defined in /etc/fstab. I learned that "nodev" prevents users
from mounting unauthorized devices. However, I can still mount a cdrom to
/tmp/cdrom with the following defined in /etc/fstab. Am I missi
On Tue, Sep 15, 2009 at 03:53:52PM +0100, Tom O'Connor wrote:
> Possibly, but i'd rather try and fix the problem without saying "oh
> well, just upgrade to the latest release". It's quite a lot of effort
> to fully upgrade a whole bunch of servers, but upgrading individual
> packages would be f
My home network doesn't have any wireless access points (to slow) and
I was iSCSI booting my wkst for a while:) Now I need to setup a printer
so I was going to get an HP Photosmart C4580.
The HPLIP page shows no network support:( I _was_ going to use a USB
wireless nic I have and setup an ad-hoc t
Yungwei Chen wrote:
> Hi,
> I am trying to secure my CentOS file systems by introducing
> "nodev" to devies defined in /etc/fstab. I learned that
> "nodev" prevents users from mounting unauthorized devices.
> However, I can still mount a cdrom to /tmp/cdrom with the
> following defi
On Tue, 2009-09-15 at 15:21 -0400, Yungwei Chen wrote:
> Hi,
>
> I am trying to secure my CentOS file systems by
> introducing "nodev" to devies defined in /etc/fstab. I learned that
> "nodev" prevents users from mounting unauthorized devices. However, I
> can still mount a cdrom
Am 15.09.2009 um 21:50 schrieb Joseph L. Casale:
> My home network doesn't have any wireless access points (to slow) and
> I was iSCSI booting my wkst for a while:) Now I need to setup a
> printer
> so I was going to get an HP Photosmart C4580.
>
> The HPLIP page shows no network support:( I _w
>Does that actually work the way you intend it to?
>I have my doubts...
It should, others do it:)
>Buy a wireless AP and save a lot of trouble.
>
>Is your time worth nothing?
Depends who you ask:) At home, I'll do next to just about anything, heh...
__
For those who have wondered why NFS on EL5 is slower than on EL4 I
provide these links for your edification.
http://kbase.redhat.com/faq/docs/DOC-15355
http://bugzilla.redhat.com/show_bug.cgi?id=448130
Problem is kernel threads cannot create or assign an io context as
there is no api in the kern
Am 15.09.2009 um 23:05 schrieb Joseph L. Casale:
>> Does that actually work the way you intend it to?
>> I have my doubts...
>
> It should, others do it:)
Hm. So you can setup networking to an USB-stick without an OS?
I thought you needed to load the firmware onto the stick before it
does an
>Hm. So you can setup networking to an USB-stick without an OS?
>
>I thought you needed to load the firmware onto the stick before it
>does anything useful at all.
Apparently the HP's support this, at least some quick searches show people
with success. Of course I haven't tried it:)
__
Am 16.09.2009 um 00:09 schrieb Joseph L. Casale:
>> Hm. So you can setup networking to an USB-stick without an OS?
>>
>> I thought you needed to load the firmware onto the stick before it
>> does anything useful at all.
>
> Apparently the HP's support this, at least some quick searches show
> p
>If you succeed, you can add an article to the wiki ;-)
I am going to hit the Fedora list, get it working there and then work backwards.
If I do get it in CentOS, I will add the page.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mail
Joseph L. Casale wrote:
> My home network doesn't have any wireless access points (to slow) and
> I was iSCSI booting my wkst for a while:) Now I need to setup a printer
> so I was going to get an HP Photosmart C4580.
>
> The HPLIP page shows no network support:( I _was_ going to use a USB
> wirele
>get an ethernet printer, sheesh.
I actually wanted wireless because of the location I want to put it:)
>I have a Brother MFC7345N (Costco version of the 7340 with an ethernet
>interface) on my home LAN, is a B&W Laser, color scanner, copier, fax,
>both flatbed and sheet feed scanning/faxing/copy
On Tue, Sep 15, 2009, John R Pierce wrote:
>Joseph L. Casale wrote:
>> My home network doesn't have any wireless access points (to slow) and
>> I was iSCSI booting my wkst for a while:) Now I need to setup a printer
>> so I was going to get an HP Photosmart C4580.
>>
>> The HPLIP page shows no netw
This was introduced in 5.4 or 5.0 or somewhere between?
> For those who have wondered why NFS on EL5 is slower than on EL4 I
> provide these links for your edification.
>
> http://kbase.redhat.com/faq/docs/DOC-15355
--
Regards,
Eugene Vilensky
evilen...@gmail.com
__
On Tue, 15 Sep 2009 17:20:00 -0700
Bill Campbell wrote:
> One good thing about the HP splatjets is that they are designed so they
> don't clog after long periods of inactivity.
They may not clog, but they do dry out after a while. I have a HP fax machine
that uses a black inkjet cartridge and w
Frank Cox wrote:
> On Tue, 15 Sep 2009 17:20:00 -0700
> Bill Campbell wrote:
>
>
>> One good thing about the HP splatjets is that they are designed so they
>> don't clog after long periods of inactivity.
>>
>
> They may not clog, but they do dry out after a while. I have a HP fax machine
48 matches
Mail list logo
