Iptables to allow incoming FTP. HowTO: Linux Disable a User Account Command. How do I disable a user account under Linux operating systems?
How can I completely disable a user account Linux server? You need to use the usermod command to lock and disable user account. The -L option lock user's password by putting a ! In from of the the encrypted password. To disable user account set expire date to one or 1970-01-01. Syntax The syntax is: OpenPGP Public Key Server - Home. File EXchange service (F*EX) - Utilisation - Projets Pasteur. F*EX est un outil sous licence GPL développé par Ulli Horlacher ( Sa particularité est d'offrir une interface en ligne de commande (que nous abrégerons en CLI pour "Command Line Interface") en plus de l'interface web.
Cette CLI est directement utilisable à partir de central-genopole et central-bio ou bien de votre propre machine si votre système d'exploitation est supporté. Nous allons aborder l'utilisation de cet outil dans cette petite documentation dans le cadre de l'envoi d'un fichier à un destinataire extérieur. Voici les différentes étapes : la création d'un compte F*EX réception du mail de confirmation et activation du compte changement éventuel du "Auth-Id", sorte de mot de passe associé à votre compte configuration des commandes fex sur les machines central-* envoi du fichier : $ fexsend monfichier email_destinaire ! Les 3 premières étapes ne seront qu'à effectuer une seule fois. SELinux. This page explains how to correctly set SELinux contexts and booleans so that your web server (probably Apache) will be able to access them.
Alternatively, you can disable SELinux for httpd only, using any of the following commands, so that those issues are not a factor during development: setsebool -P httpd_disable_trans falsesemodule -r httpdsemanage permissive -a httpd_t You will need to determine which of these command lines is appropriate based on your system configuration. In all cases, you should run the command as the root user. To install MediaWiki on a system running SELinux the following additional steps must be performed: chcon -R -t httpd_user_content_t /path/to/mediawiki_install After building the PHP fileinfo extension: chcon -t httpd_sys_script_exec_t /usr/lib/php/modules/fileinfo.so Any additional files which will be exec()ed by apache must be httpd_user_script_exec_t (not including PHP files).
Upload Directories[edit | edit source] Uploading Images[edit | edit source] Can't write to a file. Alright.
So we want apache write access to config.php. Recover MySQL root Password. You can recover MySQL database server password with following five easy steps.
Step # 1: Stop the MySQL server process. Step # 2: Start the MySQL (mysqld) server/daemon process with the --skip-grant-tables option so that it will not prompt for password. Step # 3: Connect to mysql server as the root user. Step # 4: Setup new mysql root account password i.e. reset mysql password. Step # 5: Exit and restart the MySQL server. Here are commands you need to type for each step (login as the root user): Apache and SELinux. Security with Apache is an important topic, of which SELinux is a part. However, the frustration that results in trying to manage SELinux and how it relates to an Apache Web Server is huge. Most of the time, administrators bail and shut down SELinux because they do not have the time to correctly configure the system.
SELinux can be a key to good security for the Apache daemon. This tutorial with help you develop several skills that will provide some level of SELinux management for the Apache Web Server. View Processes protected by SELinuxYou may view processes which are restricted by SELinux with ps. Iptables. Iptables est une interface en ligne de commande permettant de configurer Netfilter.
En plus de Iptables, depuis la version 8.04, Ubuntu est installé avec la surcouche UFW qui permet de contrôler simplement Netfilter, UFW est toutefois moins complet que iptables. Cette documentation est une introduction à Iptables, elle est destinée à ceux qui souhaitent mettre en place un pare-feu et/ou un partage de connexion, sur une machine Linux, sans passer par une interface graphique.
Seule la table par défaut (Filter) d'Iptables est présentée ici et seules les chaînes utilisées par Filter (Input, Forward et Output) y sont exposées. Les lecteurs désirant approfondir leur recherche et aborder l'utilisation des autres tables (Nat, Mangle, Row et Security) ainsi que des chaînes non utilisables par Filter (Prerouting et Postrouting) se tourneront vers les nombreuses documentations disponibles sur l'Internet (voir notamment ici).
Nous allons configurer notre pare-feu de la manière suivante : #! 5.7. SELinux Contexts - Labeling Files. 5.7.
SELinux Contexts - Labeling Files On systems running SELinux, all processes and files are labeled with a label that contains security-relevant information. This information is called the SELinux context. For files, this is viewed using the ls -Z command: Skskeyserver / sks-keyserver. The following is an incomplete guide to compiling, setting up and using SKS.
Hopefully this is enough to get you started, in addition there is a wiki available, where in particular should help getting a working installation. There are a few prerequisites to building this code. You need: OCaml-3.11.0 or later. Get it from DB version 4.6.* or later. Releases of SKS are signed using the SKS Keyserver Signing Key available on public keyservers with the KeyID and has a fingerprint of Using GnuPG, verification can be accomplished by, first, retrieving the signing key using.
Iptables.