I just installed Firestarter on Ubuntu 9.10 64 bit. When I go to the "Policy" tab I cannot add a new rule. The buttons on the tool bar are grayed out. Same with the Policy menu items.
Never mind. I just found that by clicking in the empty area below "Allow connections from host" the + button becomes enabled.
I installed firestarter and then at a later date uninstalled/purged it, both actions via synaptic. I have a very verbose boot, I like to see what's going on, and noticed after the uninstall/purge that I was getting an error zooming up the screen containing firestarter in it. After many restarts I found that a file was left in /etc/network/if-up.d/50firestarter and this file was simply a script trying to restart firestarter. At this point I've commented out the calling line and followed the commented line with exit 0. This removes the error but there's still a link calling the file so, is this a bug or am I missing something? It appears the uninstall/purge wasn't entirely complete.
View 1 Replies View RelatedSo I have the burned ubuntu CD, and I'm attempting to install it on a system that has one HDD with XP/Vista on it, and another that is completely formatted and unpartitioned. However, when I boot to the ubuntu CD, I can use the menus from the bottom, and select the language when initially prompted, but I can't select any of the menu options except for boot from first hard drive.
View 1 Replies View RelatedI have in /etc/selinux/config:
Code:
SELINUX=enforcing
SELINUXTYPE=mls
Do I have MLS enabled? I can't use Selinux commands. I thought MLS is sort of package to Selinux. I fallowed this:
Code:
[code].....
I'm using Debian Squeeze.
When I invoke apt-cache policy , for example , apt-cache policy zlib1g.
I get the output like:
Code:
And below the line "Version table:" , there is installed package version. I assume 1:1.2.3.4.dfsg-3 is version("epoch"+"upstream version"+"debian revision"), but what does the next "0" means?
I'm having trouble to configure my debian (2.6.26-2-686) with some routing tuning. In fact, I have a VPN provider. I want my Squid Proxy use this VPN provider and I have to use policy routing because my ISP forbid IP spoofing.
View 2 Replies View RelatedI am trying to prepare my PowerEdge 2950 before CentOS 5.3 installation(web server). I have hardware RAID 1/10 so I will have 2 virtual disks(VD).
First VDRAID 1) - 2 physical disks
Second VDRAID 10) - 4 physical disks
What should be write policy for the VD(RAID 1) and for the VD(RAID 10)? I would have "/var" and maybe "/tmp" on RAID 10.
It took me a while to get VNC going. It was easier with FC8-10. Once I got finished and was actually able to log in and see my remote desktop I tried to add some software... virtualbox.When I double click on the RPM I get popup that states."The action could not be completed. Failed to install file. You do not have the necessary privileges to perform this action" When I close that dialogue another one pops up that states" "The action could not be completed." When I click on more details the dialogue states. "Policykit authorization failure" How can I make this work?
View 1 Replies View RelatedFC12 with recent updates The bugzilla I reported is fixed in selinux 3.6.32-66 and I have 3.6.32-56. I refreshed the repositories and looked for 66 and it is not listed. Question - how often does the policy changes get posted to the repositories ? And are the repositories the normal place to get the latest and greatest ?
View 2 Replies View RelatedI need to change SELinux policy to permissive and then back to enforced for an installation. I understand that I should be able to do that through the SELinux Administration window accessed through System -> Administration ->SELinux Management. But I do not have any real sysadmin tools available in my Fedora 15 Gnome Gui interface. Am I missing something, or should I use some sort of similar command line tool to do this?
View 2 Replies View RelatedI try to configure account lock out after 5 failed connections attempt with help of PAM. I add the following string to /etc/pam.d/login:account required pam_tally.so per_user deny=5 ulock_time=180 no_magic_root reset.Unfortunatly this solution doesn`t work. Can you give me advice how to set 5 connection attempt, block user and unlock account after 180 seconds?
View 2 Replies View RelatedI need to implement a company-wide policy on "adobe flash player settings".Each individual can visitmanager07.html and change their settings, but that's far from ideal.I suspect I could get somewhere by locking down permissions on temp directories, but I wonder if there is a more elegant way?
View 1 Replies View Related"I get message ubuntu System policy prevents shutting down" when i try to turn off ubuntu ( i get similar message when i try to restart too )
Am the only user I have installed hsqldb-server ( and mb he has something to do with it )
I have a requirement of mounting an external usb with NTFS filesystem and allowing restricting its access only to the console user(even restricting access to a single group is fine). I am able to mount the usb by using the attached fdi policy. However, I want the access to be restricted to a single user or a group. Is there anything that I'm missing here. I did search on the internet, but couldn't find anything in this regard
View 1 Replies View RelatedIs it possible to only view certain chains and more specifically certain chain policies with options when doing:
iptables -L
I would like for example view FORWARD ACCEPT rules instead of waiting for all of the drop rules to load when viewing a firewalled iptables.
I have a requirement of mounting an external usb with NTFS filesystem and allowing restricting its access only to the console user(even restricting access to a single group is fine). I am able to mount the usb by using the fdi policy below. However, I want the access to be restricted to a single user or a group. Is there anything that I'm missing here. I did search on the internet, but couldn't find anything in this regard.
View 1 Replies View RelatedWhen I try to install my propriety graphics driver. I don't know what it means. Here are the steps I took and what resulted:
killerzen@Decode666:~$ cd ~/Desktop
killerzen@Decode666:~/Desktop$ chmod +x ati-driver-installer-9.2-x86.x86_64.run
killerzen@Decode666:~/Desktop$ ./ati-driver-installer-9.2-x86.x86_64.run
Created directory fglrx-install.pHiKQh
Verifying archive integrity... All good.
Uncompressing ATI Proprietary Linux Driver-8.582
ATI Technologies Linux Driver Installer/Packager
Error: ./default_policy.sh does not support version
default:v2:i686:lib::none:2.6.32-22-generic; make sure that the version is being
correctly set by --iscurrentdistro
Removing temporary directory: fglrx-install.pHiKQh
Today i was going through some of security guides written on linux .Under shadow file security following points were mentioned.1)The encrypted password stored under /etc/shadow file should have more than 14-25 characters.2)Usernames in shadow file must satisfy to all the same rules as usernames in /etc/passwd.3)password for application Username should display * if username is not locked.4)If a user is locked it should be displayed as ! as the first character in second field of shadow file.
Confusion for point 1 and 2:Now i m confused as why the encrypted password should be more than 14-25 characters.Also what rules to satisfy How to check it?Confusion for point 3 and 4:There are lot of users with * as second field i guess they are not locked but according to 4th point there are lot of users with ! as first characters.How would i check whether they are actually locked or not.I m posting the output of /etc/shadow and /etc/passwd files for the account.
I have just installed tripwire. I have created a baseline db using the default policy file. Then I checked the output of the db to see what I did not have on my filesystem that db was searching for (according to the default policy when tripwire was installed), I then changed my default clear text policy file accordingly and used twadmin to generate a new tw.pol file.
Next I come grinding to a halt after this (assuming the next thing is to update the policy in tripwire right? )
Code:
My organisation is running squirrelmail on a redhat server. When users are created , at that time the admin sets a password. Thereafter the user can login to his account using the password. But he can't change it as is the case with gmail or yahoo mail. Also the password for any account is known to the admin in addition to the user himself - a weak security arrangement !So what I wish to do is provide a way for users to change his password anytime he wants and also during the first login - as is normally done in banking sites, etc
View 14 Replies View RelatedFor some reason when I try to boot Ubuntu up I get the following error messages:udevd[470]: NAME="%k" is superfluous and breaks kernel supplied names, please remove it from /etc/udev/rules.d/48-ldusb.rules:2One or more of the mounts listed in /etc/fstab cannot yet be mountedAfter the second error message, it says, "Stopping Firestarter..." and it stops there. :
View 9 Replies View RelatedI just wanted to ask about official opinion or policy concerning newer versions of KDE. Is 4.6 still so buggy or unstable to be included in experimental? What steps are going to be made concerning KDE and what when? I don't like GNOME, KDE 3.5 is out of the game now in 6.0 and KDE 4.4 is IMHO all but mature and finished. So I am not sure what to do now, Kubuntu is buggy and don't like it but they have 4.6...
View 2 Replies View RelatedWhen I reboot my computer, my iptables sets itself to a policy of dropping everything, adds a bunch of rules, and a bunch of extra chains, to the effect that (due to everything being set to drop) I can't do anything. I know how to fix this from the terminal to the extent of just clearing most of it and changing the policies back. However, what I don't know is how to make it stay that way. I have a file with the iptables rules I want, so every time I start up I just run iptables-restore, but I don't want to have to do this every time, particularly since others use this computer who do not have admin privileges.
I've tried changing /etc/network/interfaces with the added code pre-up iptables-restore < (etc) But that never does anything, or if it does it just makes stuff work even less. I've tried changing init.d before based on similar info elsewhere, still no luck. I don't know how to get it to stick, and I don't know why it is defaulting to the rules it is, other than that I used a firewall app a while ago and afterwards this was the result, for which I uninstalled that app after no success using it to reverse the damage.
I have recently upgraded my OS from Lenny to Squeeze.The new setup boots, but sent a "Warning" message during the upgrade - which said:The reference to "/dev/hdb" (the Hard Disk that has my Linux OSs) in "/etc/lilo.conf" is deprecated.The full text of my entry currently reads:boot=/dev/hdb.So what should the entry read to conform with the new Debian policy?
View 11 Replies View RelatedI am using pam module to set password policy in my SuSE linux machine. This is my /etc/pam.d/common-password file:
Now if root user tries to change the password of a normal user, giving the same password, it is throwing an error saying "Password has been already used. Choose another".
Example:
> passwd user1
> password1 (set successfully)
> passwd user1
> password1 (Password has been already used. Choose another)
This should not happen with the root user.
I have tripwire 2.4.1.2 running on one of our servers on a daily basis, and I was curious to know if it is good practice to periodically update the policy file. The reason for my asking that is while the daily reports that I get indicate there have been changes to files on a daily basis, there are also files that have not been modified for over a month. My thinking is an update of the policy file will establish an updated baseline, and those files that have not been changed for so long will not be reported on until they get changed again.
View 1 Replies View RelatedI wrote a policy form my firewall with fwbuilder it compiles fine, but when i use the installer ti gives me this:
Quote:
scp: /etc/fw/tmp/: Is a directory
SSH session terminated, exit status: 1
I set-up fwadmin to manage the account and set up the password, I just can't install it.
After a lot of struggling and tricks, I installed After Effects 7.0. But when it starts up it repeatedly states: "Unknown Anti-Alias Policy" and will not allow me to actually use the program. I can't find anyone else with that error, and it seems very few can actually get AE7.0 installed.
View 4 Replies View RelatedI am working on a large program in C to run on Puppy Linux. I have multiple pthreads running. I want to be able to set the pthread SCHED_POLICY and priority in my program but I want a user to be able to run the program without root privilege.
Using a sticky bit and root ownership gives the user too much power because they will be able to write and compile their own scripts. Is there a way to use 'sudo' when I set the thread parameters from my program or something like this?
Running Fedora 10 and 11. Using Firestarter firewall.Does anyone know where Firestarter gets the Events which it displays?I do not find anything in /etc/firestarter/.I suspect Firestarter looks in a log file which Fedora keeps somewhere.
View 2 Replies View Related