Red Hat :: ACV Denial After Update?
May 16, 2010
I ran an update of my centOS (5.2) machine today. After reboot, I tried an upload, but I got
Quote:
553 Could not create file On the server (where I upload to) I get an AVC denial.Short list of what I have here:
- Centos 5.2
- a pass & login for a user, chroot to his folder
- the group and owner are set to the user in the user's folder, there are write permissions
- symlink to a folder in the /var/www/html folder
- it worked before, I possibly lost a seLinux setting somewhere.
View 3 Replies
ADVERTISEMENT
Mar 12, 2010
I am using Nagios 3.2.4 tool with Nagios-Plugins-1.4.14 and on Red Hat Fedora Linux ver 10.1.The Apache version is 2.2.11. My security team has identified the following vulnerabilities with this version and they want me to find a fix.
1)Apache mod_proxy_ftp Module NULL Pointer Dereference Denial Of Service Vulnerability
2)Apache HTTP Server mod_proxy stream_reqbody_cl Function Denial of Service Vulnerability
3)Apache HTTP Server mod_deflate Remote Denial Of Service Vulnerability
4)Apache APR and APR-util Multiple Integer Overflow Vulnerabilities
View 6 Replies
View Related
Nov 12, 2010
I am posting a thread here for more help. I posted a thread about this problem [URL]..History: This was a clean install of 10.04.1-64b see attachments for lshw and lspci output. An updated bios was needed to be able to turn on the wireless chip, that was done following [URL].. see post #8 there is some issue, the manufacture removed the updated bios from the website.
If I was to guess it has something to do with driver rtl819xSE. I also noticed some 'static' at the lastmountpoints the usb drives. I think the problem here is that this would cause an idle drive never to park and sleep maybe shorted drive life, the logs would become over bloated with this spam, also eat up a battery on a laptop.
View 4 Replies
View Related
Apr 22, 2010
This is an excerpt from the Linux man page for mktemp command: "mktemp is provided to allow shell scripts to safely use temporary files. Traditionally, many shell scripts take the name of the program with the PID as a suffix and use that as a temporary filename. This kind of naming scheme is predictable and the race condition. It creates is easy for an attacker to win. A safer, though still inferior approach is to make a temporary directory using the same naming scheme. While this does allow one to guarantee that a temporary file will not be subverted, it still allows a simple denial of service attack. For these reasons it is suggested that mktemp be used instead."
- How can a denial-of-service attack be carried out if a directory name is known?
- Why is it important to use mktemp to generate a sufficiently random file/directory name for temporary files?
View 1 Replies
View Related
May 26, 2009
I installed Fedora to a desktop with a hardwire ethernet connection to my router. When I ran the live CD it connected fine. When I boot now I have no connection, and when I try to connect I get this "AVC Denial" message and some mumbojumbo about SELinux is preventing nm-dhcp-client to read libdbus-glib blah blah blah. The troubleshooter app is no help to me at all. This is extremely frustrating. A couple of weeks ago I did an install to this same computer and had no problem at all. The only difference is that this time I wiped all of my old distros from the HD, and made separate /, /var, /boot, /tmp, and /usr partitions (in addition to the old /home partition which I kept.) I don't know how that could be causing this problem, but it's the only thing different about this install. Should I just go back to putting everything but /home on one partition?
View 5 Replies
View Related
Feb 16, 2011
My Linux server which is running my company website have been hacked. Today I saw a number of clients (customers) with some fun characters entries on my database. Access denial on really clients.
View 2 Replies
View Related
May 11, 2010
I am trying to use CentOS 5.4 to set up a secure laptop, largely because of it's SELinux functionality. Unfortunately I couldn't get wireless to work properly using the default NetworkManager so I installed wicd. Initially it buggered up my whole installation but after relabelling files using SEL I can now use my system again. but.. I can't use it with SELinux enabled, as it denies the required accesses for wicd to work. I also get similar SELinux denials for wpa_supplicant. A couple of snippets from /var/log/audit/audit.log -
[Code]....
View 4 Replies
View Related
Jul 4, 2010
I am trying to update using Update Manager and I get this message: Failed to fetch "Failed to fetch [URL]..404 Not Found" My system is 64 days out of date now.
I have looked elsewhere for an answer and some others have had similar problems, but I have not found a reason for it happening, nor an answer. I wonder if anyone can help me please. I have been using Ubuntu for several months, can use the Terminal if I have the right commands to issue, but beyond that have limited knowledge of the system.
View 9 Replies
View Related
Sep 30, 2010
As the title says i updated my system which then needed a reboot. I also installed Mixxx djing software to try it out. So i thought id just restart the system. Usually when i boot into my desktop wireless automatically can connect to my router but not this time, wired only for now... i know theres tons of wireless issue threads but some more experienced users will be able to get straight to the point and run through some diagnostics with me.
View 1 Replies
View Related
Mar 14, 2011
having had problems with getting grub2 to work on dual HDD setup...despite the most excellent advice on the forum i took the plunge and installed 10.10 from update manager within 10.04..... bingo fixed grub and now have dual boot again. but the update manager and synaptic package don't work because of libedata-cal1.2-6 file that remains..following other advice on the forum Advice gratefully received, how can i force an unistall of this package
mark@studypc:~$ sudo apt-get -f remove
Reading package lists... Done
Building dependency tree
Reading state information... Done
[Code]...
View 9 Replies
View Related
Jun 8, 2011
Update Manager is inviting me to update from my Maverick Meerkat to Natty. Is this a good idea?
View 7 Replies
View Related
Jul 26, 2011
On two Centos5 servers, yum gives a segmentation fault error when trying 'yum update' or 'yum check-update' after running 'yum clean' :
[Code]....
The error is the same for the other computer except while attempting to update the rpmforge repository. Nothing has really changed on the servers in some time and 'yum update' worked fine on each yesterday and I have no idea why they would both suddenly fail!
View 3 Replies
View Related
Apr 19, 2009
I've install F10 to use it as server and router and found a strange problem on my XP machine which is behind the F10. I've tried to update my Lineage2 client from official server but the update crash, tried to open the web page it didn't open. Also tried to open microsoft web it didn't open. When i try to open the same pages on PC with F10 they open with no problem.
[Code]...
View 6 Replies
View Related
Apr 14, 2010
How can I make the security applet stop showing an update for firefox 3.5.9? I have a more recent version installed from mozilla repo: firefox 3.6. The mozilla repo already has a higher priority (95 instead of 99), so I don't know what to do.
View 5 Replies
View Related
Apr 27, 2011
I have a problem in updating opensuse 11.4, when I try to update the system the progress stops in the update window, and no updates appear
View 9 Replies
View Related
Sep 21, 2010
when I launch Yast2 - Online Update, I get an error during the repository refresh that it could refresh the repository.Since it's easier to copy-paste - here is the output from 'zypper ref' with the same error:
Code:
Retrieving repository 'Updates for openSUSE 11.3 11.3-1.82' metadata [|]
Failed to download ./repodata/cefcc9d56264aa169f70a53c560ffc39cb6af575-deltainfo.xml.gz
from http://download.opensuse.org/update/11.3/
A[code]...
View 8 Replies
View Related
Jan 14, 2010
I have logged in today and update manager reminds me of an update with linx-backports-module-2.6.31-14-generic. However my current kernel has been updated a while ago and is now 2.6.31-17. That obviously is more recent that that backport version. What should i do? By the way that update is from a PPA repository other that the default. I am wondering the update manager has no way to tell which kernel version i have at all? Should i actually go ahead with the installation?
View 1 Replies
View Related
May 2, 2010
I started the upgrade to 10.4 from 9.10 through the update manager. It started the update to 10.4. After downloading almost 95% of the update, it gave an error message of "could not download certain components. downloaded files will not be erased" and stopped the update. I restarted the PC, and started the update manager again. But now it does not show any option of update to 10.4. how do I continue or resume the update process? I just started using ubuntu about 15 days back. So, I am relatively new to this.
View 3 Replies
View Related
Nov 6, 2010
I just installed ubuntu 10.10, and im triying to update, when i uncheck the packages that i dont want and click on the "install updates" button in the update manager, the update manager check it again and download the packages that i dont want
View 1 Replies
View Related
Aug 21, 2010
I have Ubuntu Karmic 64-bit installed. Update manager tells me there are updates available, but when i try to install them, downloading the updates fail and throws this error:
Code:
Failed to fetch http://security.ubuntu.com/ubuntu/pool/main/e/eglibc/libc6-i386_2.10.1-0ubuntu16_amd64.deb
Consequently, a similar error occurs when I try installing Sun Java 6 Runtime.
Code:
Failed to fetch http://archive.ubuntu.com/ubuntu/pool/multiverse/s/sun-java6/sun-java6-jre_6-15-1_all.deb Connection failed [IP: 91.189.88.31 80]
Ubuntu Restricted Extras stalls when it's time to download the Java package I tried synaptic, update manager, aptitude, apt-get, and they all throw similar errors. Then I also tried connecting to different servers, to no avail. So to check if it's my connection to the net that has problems somehow, I tried downloading the file directly through my web browser, and it works. (But it's not recommended, and it won't let me!, install the updates manually, right?) I tried searching for the errors on the net and in the forums, and they're all somehow related to proxy servers. I then checked if I'm using some inappropriate proxy settings, and everywhere it's all set up to connect to the net directly, which is, well, my setup.
Take note though, that I am able to install other softwares normally, i.e, using synaptic, apt-get etc. The ones I tried include Pidgin and Mplayer. It's just these updates and Java:
Code:
jeanne@jeanne-desktop:~$ sudo sudo aptitude upgrade
W: The "upgrade" command is deprecated; use "safe-upgrade" instead.
Reading package lists... Done
[code].....
View 3 Replies
View Related
Jun 1, 2010
I am from India, and I tried to update my Ubuntu system today. Code: $sudo apt-get update The update failed because the connection to the India mirror timed out: Code: [URL] Could not connect to in.archive.ubuntu.com:80 (111.91.91.37). - connect (110: Connection timed out) I tried the update a few times, with the same result every time.
I had firestarter running at this time, and noticed that I would get new security events every time I tried an update. I checked the events list, and it turned out that the machine at the ip address 111.91.91.37 (the in.archive.ubuntu.com machine, to go by the above error message) had been trying to make connections to seemingly random ports on the machine every time I tried the update: see the attached screenshot. I then changed my repositories to the Main Server using Synaptic, and tried the update again (from the command-line). This time it worked without a hitch, and firestarter did not report any unwanted incoming connection. why is the India mirror trying to open connections that the Main server apparently does not need in order for me to do the update? Should I (we) be concerned?
View 3 Replies
View Related
Feb 11, 2011
I was running 10.04 LTS and had decided to stick to the LTS versions as I'm now running my machine as a server and don't want to be updating regularly.Every time I logged in via SSH I got a message telling me there where packages to update including a security update. So I did a search to find out how to perform an update on Ubuntu server from the command line.What I found was to do this:sudo apt-get updatesudo apt-get dist-upgradeAfter doing that I rebooted but now my machine gives me this message:
init: ureadahead-other main process (794) terminated with status 4Your disk drives are being checked for errors, this may take some timePress C to cancel all checks currently inprogressI'm not pressing C yet and leaving it alone to finish, but I noticed when the machine booted that one of the options for booting talked about Ubuntu 10.10, so I'm worried that I've updated from 10.04 LTS to 10.10 by accident?
View 8 Replies
View Related
Oct 1, 2009
For the past few days, the automatic GUI update has been crashing, complaining of a "Transaction error."
Here is the output that pops up in a separate window:
Code:
I tried the following:
Code:
And got the following (similar) output:
Code:
I very rarely use xfce and I don't quite know what exo is, but I'd like to fix this problem if it's not too involved.
View 3 Replies
View Related
Feb 26, 2010
Code:could not add package update for poppler-data-0.4.0-1.fc12(noarch)updates: poppler-data-0.4.0-1.fc12.noarch.
View 3 Replies
View Related
Mar 9, 2010
Is there a way to disable all popup notifications in openSUSE while still having it check for updates periodically. What I would like is for the notification icon to appear when an update is available but to not popup the notification message, or worse, show that dialog stating that some software sources were not available when I'm on the corporate network.
Also, is it possible to disable some updates like the recent KDE one? I right click it and there is an option to disable notification of an update but the menu item is disabled.
View 7 Replies
View Related
Mar 14, 2010
The last complete update failed on one package (Cups Common - 1.0 mb), each time I login the update is offered via update manager and each time it fails with this message:
W: Failed to fetch http://security.ubuntu.com/ubuntu/po...ntu3.6_all.deb
Connection failed [IP: 91.189.88.31 80]
can anyone shed light on this - (I'm running 9.04 Jaunty)
View 2 Replies
View Related
Apr 23, 2010
Libnss3-1d
xulrunner-1.9.1
xulrunner-1.9.1-gnome support
After click on install updates and entering password, a message says "Some of the packages could not be retrieved from the server(s). Do you want to continue, ignoring these packages? Yes/No.
If I answer No, this message appears:
W: Failed to fetch http://security.ubuntu.com/ubuntu/po....10.1_i386.deb
404 Not Found [IP: 91.189.88.31 80]
If Yes, it tries to download but immediately:
W: Failed to fetch http://security.ubuntu.com/ubuntu/po....10.1_i386.deb
404 Not Found [IP: 91.189.88.31 80]
It has always installed the updates with no problems, until these 3 updates remain in pending installation status.
View 4 Replies
View Related
Oct 1, 2010
I am using ubuntu 9.10.While running a partial update through System->adminstration->update-manager. I am facing error as 'Error Authenticating some packages". Please find the attached, screenshot of the error and sources.list file output.
View 1 Replies
View Related
Oct 26, 2010
I'm having trouble updating. Using the update manager fails and I see the message:dpkg: parse error, in file '/var/lib/dpkg/available' near line 23288 package libbonoboui2-common': 'Conflicts' field, reference to 'libbonobous2-0': version contains ' '
I've tried
sudo dpkg --configure -a
and
[code]....
View 1 Replies
View Related
Nov 15, 2010
i'm getting an error when i try to update the adobe-flash-plugin with update manager and package manager, the message says
W: Failed to fetch http://archive.canonical.com/pool/pa...rick1_i386.deb 403 Forbidden
why i am forbidded to update or have the same problem..
View 9 Replies
View Related
