If /tmp and /dev/shm partitions are mounted with the noexec flag then this prevents someone from executing something in those partitions.
Example:
You will get permission denied
However if you execute that same script like this:
Then the script gets executed which makes the noexec flag useless.
If there any way to prevent this bug/vulnerability?
I can see my Suse 11 severs, ftp to it and sit up share folder but can't login as user from workstation as users. It IBM eServer 235 2X3.8Ghz Xeon, 6GB of memory with 6X73.6 Hard Drive got this message error; The following security events occurred since Thu Jan 20 19:29:40 2011:
type=APPARMOR_DENIED msg=audit(1295580702.142:653): operation="inode_permission" requested_mask="r::" denied_mask="r::" fsuid=0 name="/var/lib/samba/unexpected.tdb" pid=4873 parent=1 profile="/usr/sbin/nscd"
type=APPARMOR_DENIED msg=audit(1295580702.234:654): operation="inode_permission" requested_mask="r::" denied_mask="r::" fsuid=0 name="/var/lib/samba/unexpected.tdb" pid=4873 parent=1 profile="/usr/sbin/nscd"
Charles E. Hightower
Ht280@yahoo.com
charles@santech.net
Charles E. Hightower - LinkedIn
How do I remove the noexec from the tmp directory, temporarily?
View 3 Replies View RelatedWhenever I plug an external harddrive to a CentOS system,all partitions mounted will have noexec that makes my binaries or script files not executable.
Quote:
[root@centos52-64-dell ~]# mount
/dev/sda3 on / type ext3 (rw)
proc on /proc type proc (rw)
sysfs on /sys type sysfs (rw)
[code]....
I have to remount it using, e.g.,
mount -o remount,exec /dev/sdb1
But I am sick and tired of doing it everyday. What I can I do ?I don't want to use /etc/fstab to solve this problem becauseit will cause booting problem (curable though) when the hard drive is not around.
How to change the default noexec when an external hard drive is plug to CentOS through usb ?
View 4 Replies View RelatedI am implementing hard drive encryption. I wish to pass a key file to the crypttab from an NFS mounted location. But I could see that the disk encryption process starts very early during the booting process, before fstab is run. I could not find which script, in rc5.d, starts this service. And I am confused on how nfs mount are performed from fstab, as the network service starts at a very later stage than after fstab is called to mount the local partitions/disks. In my case, I have to wait until the nfs is mounted and then call the /dev/mapper mount (in fastab) to mount the encrypted partition.
View 2 Replies View RelatedHello everI'm really confused by the ways an encrypted partition get mounted.It just mounts the partition without asking for the passphrase used to create it. I can list the files in /mnt/sda2, create a new file test.txt, but have no access to the files written to the "real encrypted partition".Then I can see/change the content of the encrypted partition but without being able to see/change the file test.txt created previously with the normal mount command.
The reason I'm asking is that I'm having my custom Debian to automount every partition available on the system at boot time. Is there any way/command to tell if a particular partition is encrypted (by cryptsetup) or not? So that I can mount it the right way and not make the users confused (or even harm the encrypted data).
I just found that I could perform write operation using a normal user account to a file system I mounted with the commands as followed:
sudo mount -t ntfs /dev/sda1 /mnt/disk/
This is the corresponding entry in the output of "mount" command:
/dev/sda1 on /mnt/disk type fuseblk (rw,nosuid,nodev,allow_other,blksize=4096)
As far as I remember, when using a normal user account, I had to use "sudo" to perform any write operations (mkdir, rm, etc) to a device mounted using "sudo". But now it seems to be changed.
Do I remember wrong, or did Karmic have any updates change this setting? (I never manually changed user settings, except that I added a root user, but I never used it.)
OS: Karmic(up2dated)
Kernel: Linux stephen-laptop 2.6.31-17-generic #54-Ubuntu SMP Thu Dec 10 16:20:31 UTC 2009 i686 GNU/Linux
Is it possible to forbid a non-root to umount a partition that was mounted via fstab-entry?
View 2 Replies View RelatedI recently started having unusual directories appear on one of my mounted arrays. I did not create them (intentionally) and I have no clue what they are. They all have the this in the name of the folder "samba_symlink_dir_traversal.nasl-<10-digit number>" they all have the same time-stamp for the date modified column (see pic).
What are these folders? Why are they appearing? And how can I make it stop? It doesn't do this on my other mounted arrays and disks. I recently grew my two attached arrays, this started right after that, but only on one of them. Connection? Also, it may be relevant, the folders are different today in their modified date(reflecting today's date) and the numbers in the name of the folder are different too.
What does the mkdir -p flag do? i.e the '-p' part?
View 1 Replies View RelatedWhat does the -i flag mean in rm i my_file?
View 2 Replies View RelatedIn another forum (I each day visit a lot of them) a user was stating that you need to set a boot flag to make the root partition bootable, if you create partitions with GParted in order to install a Linux with GRUB2. Another was suggesting that, if you install Linux with GRUB2, the installer automatically sets a boot flag to the root partition to make it bootable (I don't remember the names). I neither believe the first nor the second thesis and I'm hoping that in this excellent forum some Gurus not only are saying I'm right but also give a comprehensive answer.
View 2 Replies View RelatedI just bought an Eee Box with Red Flag Linux Desktop 5.0NE. My intention was to use it as a backup server at home to backup files and photos, etc.
How to I get to a graphical user interface so I can start to know what I'm doing?
When I switch on the machine, it says:
Red Flag Desktop 5.0NE
Kernel 2.6.21.0-22 on an i686
localhost login:
From the man page for sudoers (RHEL5.4), I notice that the default value for stay_setuid flag is 'OFF'.
In RHEL4.8, th man pages don't specify the default value.
What is (maybe) the default value of 'stay_setuid' in RHEL4 ?
Is the command "ls -d" meant for only listing directories? Because i tried it and it ALWAYS display just a blue dot. If not what is the correct way to show only directories? I.e. MSDOS equivalent "dir /ad".
View 2 Replies View RelatedI recently install 64-bit OpenSuse 11.3, the first time I'd used Suse 64-bit - I have to say it has been all good so far, which is great. However, today I was experimenting with a tool that tests vulnerabilities which should be remedied if using an NX capable processor. I am running 2.6.34.7-0.5-desktop on an Intel Core i7. I downloaded a 64-bit compatible version of paxtest from :
[URL]
Running it I was surprised to see that the NX capabilities of the CPU do not appear to be honored. Here are my results:
PaXtest - Copyright(c) 2003,2004 by Peter Busser <peter@adamantix.org>
Released under the GNU Public Licence version 2 or later
Mode: blackhat
Linux callandor 2.6.34.7-0.5-desktop #1 SMP PREEMPT 2010-10-25 08:40:12 +0200 x86_64 x86_64 x86_64 GNU/Linux
Executable anonymous mapping : Killed
Executable bss : Killed
[code]....
From my understanding, NX was one of the big deals a few years back and was a main feature provided by the PAE kernel. I would have thought the default 64-bit kernel would have included NX support. I also thought per NX bit - Wikipedia, the free encyclopedia that NX support has been in the kernel since 2.6.8 I looked in config-2.6.34.7-0.5-desktop but did not see anything related to NX/XD config wise, other than DEBUG_NX_TEST What am I missing here? Shouln't this test fail in the Executable [bss, stack, etc.] tests on 64-bit with a NX capable processor?
yesterday ubuntu 10.04 hanged so i restarted it and i wasnt able to boot again all what i get is a blank screen with a blinking cursor... also windows7 dont boot (hangs during loading) after some googling i was able to boot only in linux by setting the noacpi flag during booting in grub but there was no internet connection (wired connection) i guess that noacpi is the reason ??
what i have tried :livecd: doesnt boot except with the noacpi flag and no internet connection reinstalling grub : doesnt solve the problem replace the power supply : nothing differ
I found that this tests if a give filename is a directory or not:
Code:
-d "$FILENAME"
But what test for not a directory? I tried
Code:
-D "$FILENAME"
But this doesnt work?
I have a created an ext3 partition and when i tried to set is hidden flag, there seems no effect. how to set the hidden flag of an ext3 partition?
View 1 Replies View RelatedI'm trying to create a shell script to take an argument and use it to name a terminal tab. So if the script's name is tabnm, tabnm "test" should rename the current tab "test"
This is my code:
#!/bin/sh
echo -ne "e]1;$1a"
but when i run it I get this output:
robin@icarus $ sh tabnm.sh test
-ne e]1;test
If I just run echo -ne "e]1;Testa" straight in the shell, the tab is renamed.
I'm trying a recursive search -- only PHP files -- and yet grep is searching SQL files too.
Code:
sneakyimp@Ubuntu-64bit:/var/www/site$ grep -irl --include='*.php' 'car_images' *
2011_02_11_dump.sql
car_images_pending.sql
client/search_results.php
[Code]....
I have an odd thing. And thats the following:
I entered: gcc raw.c -m32 -g -static -o raw
And I got:
I installed all bin32 libs I am on a x64 system.
I am using Rsync to backup files to a another machine, the users on my fileserver do not exist on the backup server so Rsync throws errors about the permissions. It copies the files fine but I want to get rid of the errors and have Rsync ignore the permissions when backing up.
/backup is a mounted ftp directory
Below is the current command and output:
Code:
root@Fileserver:~# rsync -av --delete /shared/fileshare/ /backup/backup
building file list ... done
created directory /backup/backup
./
manager/ .....
rsync: chown "/backup/backup/manager/.chironfs.txt.c6MbJ7" failed: Operation not permitted (1)
rsync: chown "/backup/backup/manager/.cronman.txt.hdBG4P" failed: Operation not permitted (1) .....
sent 211115 bytes received 274 bytes 7686.87 bytes/sec
total size is 210263 speedup is 0.99
rsync error: some files could not be transferred (code 23) at main.c(977) [sender=2.6.9]
For instance I have: openssh-4.3p2-36.el5_4.2
But I know that is 4.4.x. rpm -? openssh
I have reviewed the HowTo wiki on Setting up an SSL secured Webserver with CentOS [URL], and have successfully set up my server.
We are using the conditional <IfDefine SSL> tags around the <VirtualHost _default_:443> section. I wanted to do this because we are deploying a standard <VirtualHost> section that is appended to the httpd.conf file for several Apache versions on several OS's, and this makes maintenance much easier. Sometimes the server will be configured with SSL support, and sometimes not, depending on certain functions of our application that the end user will require and determine. Our application then determines which mode the server should be run in depending on these functions, what OS is being run, what version of Apache is being run, etc, and starts the httpd server in the appropriate mode. For CentOS 5 with Apache 2.2, if the application indicates SSL is required (and we expect the server to be configured appropriately), then we do the following:
/usr/sbin/apachectl -D SSL -k start
I would like to mount a disc that was previously used in the Intel Software Matrix RAID array (fake-raid). If I try to mount it I get:
mount: /dev/sdd1 already mounted or tempb busy
I think my dmraid is refusing to mount it beause of some RAID "flag". I would like to get rid of it, but unfortunately I cant do that on my system (theres no such RAID):
[root@ox mnt]# dmraid -r /dev/sdd
ERROR: isw: Could not find disk /dev/sdd in the metadata
no raid disks and with names: "/dev/sdd"
There are several posts recommending to uninstall dmraid completely from the system. Isnt there smarter solution in removing such a flag?
Little explanation: OEM HP pcs come with an HP_RECOVERY partition which contains an installer which will wipe the HD and install vista (shivvers) Now despite how much I looooove vista, I was wondering why the OS_TOOLS partition shows up in places and recovery doesn't... especially cause niether have a hidden flag...
(As a side note, what the hell does OS_TOOLS do? google yields no answers)
A week or two ago I installed Ubuntu Server 9.10 on a Intel DG945SEJT-based machine with two WD RE2-drives. I used unetbootin-windows-408.exe to to prepare a USB stick with the 32 bit version of the server version of Ubuntu. The installation went smooth without any problems.
Now when I'm trying to do the exact same thing to an almost identical server (larger HDD:s) I can't change the bootable flag to "on" on the physical raid partitions I create to host /.
I use the the following partition scheme: 10 GB /, 4 GB swap and the rest as /home. They're all on software-RAID1. Last time I did this (and many times before that) I was able to set the flag to "on".
When I press enter it just shows "updating filsystem.." etc. for some second but then nothing happens, the parameter is still on "off". This causes the whole installation to fail in the end due to an error when installing GRUB -> "can not install grub in /dev/sda "fatal error"".
My only conclusion is that the installer downloads some new files from the internet which causes this problem, as I said - nothing else is different except the harddrives (WD RE4-GP).
I want to append data to a file where immutable flag is set..So i have tried this command chattr +a file_name to append data..But i am unable to append the data..
View 7 Replies View Related