Okay, new problem with regard to netgroups, NIS, and Pam:
Given the following situation:
* I want to be able to have su work normally in the event of an NIS
disconnect, since I will likely need to su to fix said disconnect.
* The wheel group needs to stay local
* I want su to still use group
On Mon, 8 Sep 2008, Dan Nelson wrote:
In the last episode (Sep 08), Dan Mahoney, System Admin said:
I have the following rule set up in ipfw to limit the exposure of bad
php scripts and trojans that try to send mail directly.
allow tcp from any to any dst-port 25 uid root
deny log tcp from
Hey all,
I have the following rule set up in ipfw to limit the exposure of bad php
scripts and trojans that try to send mail directly.
allow tcp from any to any dst-port 25 uid root
deny log tcp from any to any dst-port 25 out
However, the log messages I get look like this:
Sep 8 13:21:11
On Fri, 12 Aug 2005, Luigi Rizzo wrote:
On Sat, Aug 13, 2005 at 12:49:56AM +0200, Jeremie Le Hen wrote:
Hi,
I am afraid the existing code cannot help you.
The packets you see are encapsulated in 802.1q aka VLAN frames,
and since ipfw2 does not try to decapsulate the packets, you
don't get to
Note: I posted this to questions@ earlier, but upon further investigation
of the issue, I realize that I basically need a "hack".
Warning, long.
My original question:
[begin]
I'm setting up a bridging firewall where the packets are passing through
on dot1q trunks. Figure sixty or so. Too
Hey all, I'm trying to create an inventory script for systems that will be
loaded via net-boot. I was wondering if there was any useful way to
obtain the serial number of devices like the hard drives, processor,
and/or motherboard. (as far as I can guess, those are the only things
likely to s
I have a lan of maybe 200 nodes where a BSD box is performing as the
core router (with cisco's doing line-connectivity). It is all switched,
with no VLAN in place.
Each machine (in general) has its own subnet. Most are /29's, some are as
large as a /25. Each subnet has a single gateway ip conf
Hey all...
I have a quick question that I've scoured the net for and really can't
find the answer to.
It goes like this:
When using a challenge/response based auth scheme, like s/key, opie, or a
cryptocard, one first gets the challenge, then enters the response as
their password. The issue wit
On Wed, 20 Jun 2001, Joe Clarke wrote:
Amazing! That did it nicely.
-Dan Mahoney
> I've heard that PAM in 3.x is mostly broken, but this is what I use for
> ProFTPd in 4.3-RELEASE, and it works fine:
>
> ftp authrequiredpam_unix.so try_first_pass
> ftp account requiredpam_
Hey, I am using proftpd 1.2.1, after a complete CVSup to 3.5-STABLE (this
is a production machine, going to 4 would cause way too many
headaches). Anyway, I get this classic error in my logs:
Jun 20 14:24:02 prime proftpd[36049]: no modules loaded for `ftp' service
Jun 20 14:24:02 prime proftpd[
10 matches
Mail list logo
