Ubuntu :: Puppet Configuration Of Security Services
Jun 30, 2011
I'm trying to avoid having to migrate my machine to Fedora: it's either learn to clone some existing Puppet manifests from Fedora to Ubuntu, or move back to Fedora. I'm running into several problems, including parsing errors for rules that work for Fedora and fail for Ubuntu, presumably because the version of libaugeas-ruby is older for Ubuntu (0.3.0) than Fedora (0.4.0). For Ubuntu, these rules fail with "Could not evaluate: Could not retrieve information from source(s)". Another one is a failure of augeas to use the 'ins' command to insert a rule into krb5.conf. I can't think of any good reason for these other than the older versions of the libraries render Puppet unable to parse properly.
At any rate, I was wondering whether anyone has had experience and success controlling security services in Ubuntu (Natty), such as krb5, pam, screensaver locking, etc. I should be able to hack my way through these, but I keep hitting walls like the evaluation error above.
View 9 Replies
ADVERTISEMENT
Feb 15, 2010
I have installed a puppet server and its client on Centos.Puppet server and its client is running fine and its update whatever changes made on Puppet server is updatedon its client but i am unable to execute script (Bash shell)on the client through Puppet server. So please advice a suitable class or parameter for Puppet server so that it could execute on its client
View 3 Replies
View Related
Jan 28, 2010
I have been trying to get my Samba 3.x NAS to connect to my Windows XP laptop. I can see the server though I cannot open it and see the shares. I have run various tests on the network and Samba (ping, smbclient) though still cannot find why I can't connect.
I can access the NAS via webmin, so I am thinking I need the security or the services settings on the XP machine. Is there a list somewhere of the Windows XP services and security settings required to share files?
View 4 Replies
View Related
Feb 8, 2016
I have a few computers running linux and windows and I like to be able to telnet and to ftp but these services are not active I look into system settings but I can not find anything on were to start them.I already try using ssh but it just hangs and nothing happened also I tried to use the graphical app for ftp but same result host not reachable.
View 10 Replies
View Related
Jan 31, 2010
I'm running debian unstable and since there was the switch to dependency based boot I can no longer control my boot services.I used to suppress the services that I use rarely during boot with: sudo update-rc.d -f myservice remove This arranged the links in /etc/rc?.d and everything worked.
Now this command only says: update-rc.d: using dependency based boot sequencing.This seems to work until I upgrade the service to a new version and it is enabled again.Do you have any idea of how to disable boot services permanently with the new system?
View 4 Replies
View Related
Dec 25, 2010
I'm trying to control access to different services on an Debian server using /etc/group. So that a user I create for FTP usage doesn't fill up my server with IMAP folders or samba garbage.
Services like proftpd have:
AllowGroup ftpgroup
sshd have
AllowGroups sshgroup
And samba have
valid users = @smbgroup
But I can't find the correct option in Dovecot (/etc/dovecot/dovecot.conf) Do anyone have the magic option or a workaround thats doesn't envolve maintaining seperate user databases and password?
View 1 Replies
View Related
Nov 6, 2010
I was wondering if there is any way in Linux in general and Fedora 13 in particular to configure system so that any service that needs access to internet will have to ask for password/permission to do so. So that I can
View 3 Replies
View Related
Jan 24, 2011
I'm looking for a script that can look for illegal scripts/services that are being run on OpenVZ VPS from the host node. Things like IRC, EggDrop, Brute Force scripts and such.
View 7 Replies
View Related
Jul 22, 2015
Have been working most of the day on this usb full install (Jesiie xfce) trying to make it leaner/faster and trying to get rid of minor annoyances like "watchdog: watchdog0 is not shutting down" (couldn't btw), finally managed to disable "You have mail" by commenting out "session optional pam_ mail.so standard" in /etc/pam.d/login. Every little change registers in terms of seconds of boot time saved and how the system responds because, well, i'm booting from a usb 2 drive.Followed some suggestions from "Reduce Debian", removed cups-common, some foreign language locales and man pages. what i can safely do with systemctl.
View 14 Replies
View Related
May 26, 2010
Debian 2.6.32 Squeeze + GnomeI try to start System | Administration | Services and I get an error:The configuration could not be loadedAn unknown error occurredI turned on a whole bunch of different services and suddenly now I can't get back in to switch any of these on or off. I'm assuming there is some manual way of switching these off again, I just don't know where to do this.
View 3 Replies
View Related
Jul 26, 2011
is there a Debian way possibility to start services depending on the choice made on the (grub) boot prompt? As an example:
Workstation - starts all and everything but no hostap nor xend (run this at home)
Workstation traveller - starts like Worksation except networking (run this in the pub
Xen host - run this preparing some training courses
Xen host HOSTAP - run this having the training course with a WiFi net for the class
I came from Gentoo recently and there is such a possibility. It is relatively simple to put a kernel option which the kernel does not recognize at the boot prompt. Such not recognized options will be sent through to init (and thus to the SysV init scripts) by the kernel and I could script this. What I am looking for is a the "official" way on Debian to do such things.
View 2 Replies
View Related
May 29, 2010
I have Apache Server working online under Fedora Core 6. But before I installed and configured everything, I've been testing in Fedora 12. The problem surges here, when I start the httpd service, every supuse 404 action on a web browser, takes me to localhost. I mean, if I enter google.com, no error, just goes to localhost, http://asdasd, no error, gives back localhost. I used to ignore the problem 'cause I thought it was a problem on my apache, but when I installed the Server on the Fedora Core 6 machine, I found that I have the same problem there. Of course, it only occurs when I am browsing through the same machine that has httpd started. Does anyone know how to change that??
View 6 Replies
View Related
May 26, 2011
I'd like to run a Tor relay, but am trying to understand the security implications. For some time I've run my torrent client in a VirtualBox virtual machine, which is run as a very non-prived user, bridges directly to The Internets, and writes to one directory on the host. My belief is this is about as secure as it can be, but am open to suggestion.If I run a relay in the VM it wouldn't be associated with my use of Tor as a client, which is fine since there is no technical need for them to be connected and it's desirable for security.I read that chroot jails can be broken, particularly when run as root, so I don't really trust that. Also studied a vserver, but it must share the network setup which doesn't strike me as isolated enough.
View 14 Replies
View Related
Oct 4, 2015
I'm trying to lower consumption of my server/HTPC. After wakeup from pm-suspend server/HTPC is ready to use in 1 or 2 seconds .For example if I suspend it while watching movie in KODI, after resume movie starts playing instantly. But some services (SSH and SAMBA) are not running. I thought it was network problem so I change configuration to static (not DHCP). SAMBA and SSH starts like 15 seconds after wakeup.
View 0 Replies
View Related
Jul 23, 2010
I'm having problems with hackers from across the globe trying to get into our servers. Why? i have no clue. nothing of value in my servers worth getting.
Right now my service only does business with USA. So I'm trying to find a way to block all Non USA traffic. I called my hosting provider and they are unable to help. Said it was up to me to do this.
Well I've already taken care of the TCP Wrappers. by spawning a small C program i made that uses MaxMind's GeoIP system. to automatically deny access. Now i need to do something about all the other network connections that come in to services that do not use the TCP wrappers.
So i was wondering if IPTABLES have a way to spawn a sub proccess like TCP wrappers or if there was any other firewall software out there for linux that would let me achieve my goal.
View 10 Replies
View Related
Nov 4, 2015
I got this message when I tried to get in WifiSettings.
"The system network services are not compatible with this version"
What should I do?
View 1 Replies
View Related
Jan 16, 2010
I want to simplify some of my rules, so I want to create rules for certain services like xmpp, web, etc. since some of them use multiple ports, and I toggle them on/off a lot. Can I simply put the jump to rule clauses in the Input chain, and once the sub chains run, does it return to the input chain after the jump to rule clause? I want to do this so I don't have a ton of rules in the input chain. I think that if I simply make a list of all the rules to jump to in the input chain, it will work itself through all of them until it finds a matching filter in one of them correct?
View 9 Replies
View Related
Aug 22, 2009
How can I verify the following service configuration files/setup are ok with?(in RedHat)
httpd
sendmail
ldap
DHCP
DNS
SQUID
For example, I can use "testparm" to verify the my samba configuration . I want a similar kind of testing option for the above mentioned options.
View 5 Replies
View Related
Jul 23, 2010
I'm using debian 5 x64 with xfce.Is there a way to configure (start/stop/restart) services (especially Apache2, mySQL and PHP) using a graphical or cli tool? I tried to use sysv-rc, sysv-rc-conf, rcconf and rc-conf in the terminal but Bash didn't find them (Although Synaptic show that sysv-rc is installed).
View 9 Replies
View Related
Dec 7, 2010
So I want to get mount/umount option under right click services menu. I went to Dolphin -> Settings -> Configure Dolphin -> Services -> Download New Services and from there I installed KDE CDEmu Emulator and MountISO. But neither of them is showing up in actual context menu. Neither in Dolphin -> Settings -> Configure Dolphin -> Services for that matter. I tried to install them as normal user and as a root. I went to have a peak in /usr/share/kde4/services/ServiceMenus/ but they aren't there as well... It's just me or lots of things seems to be not quite working in 11.3?
View 9 Replies
View Related
Jul 7, 2010
I'm trying to setup puppet to install and configure apache on several servers. Having found: [URL] I thought I was onto something. However I'm a little lost, does anyone know of or can anyone write a small howto on how to get this module working on certain nodes. My current state is puppet is running and connected to the puppetmaster. I can do simple things but the apache install have lost me a little.
View 1 Replies
View Related
Nov 23, 2010
I'm trying to setup puppet to install and configure apache on several servers. Having found:
[URL]
I thought I was onto something. However I'm a little lost, does anyone know of or can anyone write a small howto on how to get this module working on certain nodes.My current state is puppet is running and connected to the puppetmaster. I can do simple things but the apache install have lost me a little.
View 4 Replies
View Related
Jul 17, 2009
Have folks tried Puppet before for system administration? Puppet is system administration Automated [URL]Following article mentions that;
[Code]....
View 3 Replies
View Related
Jun 27, 2011
I was able to start puppet server using.
Code:
service puppetmaster start
but since i upgrade the puppet i m not able to start it.
Code:
# puppet --version
2.7.1
# service puppetmaster start
puppetmaster: unrecognized service
[Code]....
View 3 Replies
View Related
Sep 13, 2010
How can Vsftpd services & Xinetd.d services can be differentiated?
View 5 Replies
View Related
Feb 6, 2011
I have puppet running successfully on my CentOS 5.5 boxes. I just came across this guide to use foreman as a frontend for puppet. I am downloaded and installed (source files) from here.
facter-1.5.8
puppet-2.6.4
I have downloaded latest stable foreman RPMs from here. Now, when I am trying to install Foreman rpm, it is unable to find Puppet, probably because I have installed it through source file.
Code:
[root@box1 foreman]# rpm -ivh foreman-0.1.4-3.noarch.rpm
error: Failed dependencies:
puppet >= 0.24.4 is needed by foreman-0.1.4-3.noarch
View 2 Replies
View Related
Apr 25, 2011
I would like to manage the firewall from the command line or with files VIA puppet, however this peice of software seems pretty complicated compared to the other distributions and generic iptables commands / configurations we push out.
View 9 Replies
View Related
Oct 21, 2010
I can see this phenomenon on 2 different systems running 11.3 .In simple mode and also in expert mode.
View 9 Replies
View Related
Dec 7, 2010
I am doing a honeypot project, and after I install nepenthes: $ sudo apt-get install nepenthes
$ nepenthes
I find that there are no configuration files in /etc/nepenthes/, and only a signatures document.
I searched in the internet, all the install guides do not mention this problme, just say that if updating the nepenthes, the /etc/nepenthes/*.conf will not automaticly update.
View 2 Replies
View Related
Jun 7, 2011
I am going to wipe off Windows from my laptop & install only Ubuntu 11.04. Do I need to install a antivirus system, I know about the firewall form ubuntu software centre i.e. firewall confiiguration.
View 9 Replies
View Related
