we have run a few security scripts over a red hat linux server and one of the issues it has raised is the fact that passwords are available in plain text in an /etc/fstab file. By review of the permissions I can see all users on the server can read this file, so this is not good. I think the /etc/fstab file is being used as there is a link between this server and another for storing documents. I presume amending the ACL on the /etc/fstab file itself from the current presumably default ACL, is not a good idea as it could break things. So what other options are there to prevent users seeing this plain text password in the /etc/fstab file, or what are the best practices in such cases.

sonarqube on docker on ubuntu.
i try to install sonarqube 7.7-community with postgres version 11.3
its failed with
 

 ERROR web[][o.a.c.h.Http11NioProtocol] Failed to initialize end point associated with ProtocolHandler ["http-nio-"my-ip-9000"]
sonar      | java.net.BindException: Cannot assign requested address
ERROR web[][o.s.s.a.EmbeddedTomcat] Fail to start web server
at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:113)
at org.apache.catalina.core.StandardService.initInternal(StandardService.java:556)
 WARN  app[][o.s.a.p.AbstractProcessMonitor] Process exited with exit value [es]: 143

Select all Open in new window

the port 9000 is not occupied.

I am trying to get a better understanding of available options on RHEL for user password policies. I have reviewed /etc/login.defs which I understand to be the standard default options. The settings in there seem quite weak. I can also not see any evidence that you can enforce a password complexity program in this file, e.g. passwords must comprise of certain number of character sets (A-Z, a-z, 1234567890, special characters etc. It does have a minimum length. I have read about pam.conf and files withinin pam.d. I cant see pam.conf at all, indicating its not in use and our understanding is nobody has amended anything in pam.d files to improve things. A couple of questions:

1) can any user with an account on the server change their own password at any point, or can only root change/reset passwords.
2) can you set account lockout policies for failed login attempts and enforce password complexity policies in /etc/login.defs or must you use an additional program on the server, and if the latter, have you any recommendations.

I used this site to setup a restrictive SFTP server where users can only see files in their folder:

Setup restrictive SFTP users

What I can't find is how to I setup a user that can login and go to everyones folder? I dont want the user to have SSH access and I dont want to use the user I created when building the server.

i have samba domain controller on ubuntu server.
all server and client is member of domain.
issue is some windows 10 client need to write fqdn of a server to ping or connect to it.
f.x. ping topc.example.local  is ok nut when they ping topc (servername) is no responding for server name
This client ins member of domain and all client has nothing in host file.
how to resolve that?

I have executed the following command on a red hat Linux server

rpm -qa --last 

Select all Open in new window

to try and determine when the latest updates/patches were applied to the server. I ran this under the context of a non root account but still got some output.

A couple of questions:
--will the output of this command be full/accurate if it was executed under the context of a none root account.
---Secondly, how often are updates issued for red hat Linux, and are they cumulative / is it similar to Microsoft patch releases, and do the updates also cover security vulnerabilities. The last updates listed in the output of command were 2017 which raises some concerns that security bugs have not been patched, and therefore the server is vulnerable.
----Finally, does red hat Linux have a support lifecycle where they only continue to issue patches for certain versions, and if so where can I see where the version currently operated sits in this support lifecycle, e.g. is it still eligible for updates for new bugs/vulnerabilities.

i try following docker run on ubuntu 16.04:
docker run --name jenkin-nginx -v /containers/nginx/jenkins/conf.d/nginx.conf:/etc/nginx/nginx.conf -p 80:80 nginx
nginx.conf is :

events{
              }
http {
server {

    listen 80;
    server_name build;

    location ^~ /jenkins/ {

        proxy_set_header        Host $host:$server_port;
        proxy_set_header        X-Real-IP $remote_addr;
        proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header        X-Forwarded-Proto $scheme;

        # Fix the "It appears that your reverse proxy set up is broken" error.
        proxy_pass              http://build:8080/;
        proxy_read_timeout      90;

        proxy_redirect          http://jenkins:8080/ http://build/;

        # Required for new HTTP-based CLI
        proxy_http_version 1.1;
        proxy_request_buffering off;
        # workaround for https://issues.jenkins-ci.org/browse/JENKINS-45651
        add_header 'X-SSH-Endpoint' 'build:50022' always;
    }
}
}

i try to http://build
then i have error :

 *1 "/etc/nginx/html/index.html" is not found (2: No such file or directory),

Hi Experts,

I am working on an application with Reactjs as front end (Redux , redux thunk, reactjs) and django and nodejs on backend,  I get the following runtime error

 Unhandled Rejection at: Promise {
[1]   <rejected> TypeError: Cannot read property 'facets' of undefined
[1]     at searchComplete (/home/ubuntu/workarea/sourcecode/ntdl/ntdl/ntdl-2/search/static/search/reducers/search.js:140:59)
[1]     at search (/home/ubuntu/workarea/sourcecode/ntdl/ntdl/ntdl-2/search/static/search/reducers/search.js:246:14)
[1]     at combination (/home/ubuntu/workarea/sourcecode/ntdl/ntdl/ntdl-2/node_modules/redux/lib/combineReducers.js:133:29)
[1]     at dispatch (/home/ubuntu/workarea/sourcecode/ntdl/ntdl/ntdl-2/node_modules/redux/lib/createStore.js:178:22)
[1]     at /home/ubuntu/workarea/sourcecode/ntdl/ntdl/ntdl-2/node_modules/redux-thunk/lib/index.js:14:16
[1]     at /home/ubuntu/workarea/sourcecode/ntdl/ntdl/ntdl-2/node_modules/react-router-redux/middleware.js:18:18
[1]     at dispatch (/home/ubuntu/workarea/sourcecode/ntdl/ntdl/ntdl-2/node_modules/redux/lib/applyMiddleware.js:45:18)
[1]     at _callee$ (/home/ubuntu/workarea/sourcecode/ntdl/ntdl/ntdl-2/search/static/search/actions/search.js:171:15)
[1]     at tryCatch (/home/ubuntu/workarea/sourcecode/ntdl/ntdl/ntdl-2/node_modules/babel-cli/node_modules/regenerator-runtime/runtime.js:65:40)
[1]     at Generator.invoke [as _invoke] 

Select all Open in new window

…

I want to add a character to the 5th column in a csv file using linux

Example- input file
1234,3334,,,ghghghg,55,88
12,34,,,avdfr,5,8899


Add the letters AUID- to the data in the 5th column

Expected result in a new file

1234,3334,,,AUID-ghghghg,55,88
12,34,,,AUID-avdfr,5,8899

I know there should be some awk syntax that does this but not sure what the exact syntax would be. if you could give me a bit of an explination as well as the answer, so I can make adjustments to you answer to fix several files that I want to process

Hi, I have a deprecated each() function on line 89 of this script. Could you please help me with a replacement for this deprecated function?

<?php
/*
 * test_smtp_message.php
 *
 * @(#) $Header: /home/mlemos/cvsroot/PHPlibrary/test_smtp_message.php,v 1.4 2002/08/12 04:46:15 mlemos Exp $
 *
 */

require("mimemessage/email_message.php");
require("mimemessage/smtp_message.php");
require("mimemessage/smtp.php");

function mime_mail($server, $from_name, $from_address, $pass, $to_address, $subject, $message, $html_message = "", $attachments = array(), $other_headers = "") {
/*
    	$attachment=array(
    		"Data"=> "This is just a plain text attachment file named attachment.txt .",
    		"Name"=>"attachment.txt",
    		"Content-Type"=>"automatic/name",
    		"Disposition"=>"attachment"
    	);
*/

  $debug = date("H:i:s");
  $error1 = "";


	$reply_name=$from_name;
	$reply_address=$from_address;
	$error_delivery_name=$from_name;
	$error_delivery_address=$from_address;
	$to_name="";
	
  $email_message=new smtp_message_class;
	
  if($server=="gmail") {
    $email_message->protocol = "tls://";
    $email_message->smtp_port=465; /* SMTP server address */
	  $email_message->smtp_host="smtp.gmail.com"; /* SMTP server address */
	  $email_message->smtp_user=$from_address; /* authentication user name */
	  $email_message->smtp_password=$pass; /* authentication password */
  }
  else {
    global $use_local_smtp;
    $use_local_smtp = true;
    

Select all Open in new window

…

Does access control list testing/reporting in red hat linux follow the same principles as windows, e.g. you can only produce a report (access control list) of who can access a file/directory if the account you are running the tests from has access to it yourself. E.g. if you are not a root level account, can you only check who can access files/directories that you have access to. If you try and get an access control report for a file/folder you don't have access to, will you get some sort of access denied error?

I have been looking at the ls command for my own development. I think this may produce similar to windows CACLS command (but also gives a bit more info such as size etc, what would the correct syntax be to check permissions of a file, is it simply ls path, or is there a bit more to it?

I assume most critical information (e.g. system configuration files) are by default locked down to root access only, so it would take an admin to start amending settings to make a default copy of linux less secure in terms of critical server wide configuration files. Or can other things amend settings above and beyond naive administrator amendments.

Hi Team,

Iam going to work on clustering  application servers for our application.  Iam new to this , any help on below topics really appreciated

1. Introduction to cluster concepts
2. Load Balancing
3. How  to create an application cluster

Do any of the config files in the \etc\ directory give any clues on the last time certain RHEL accounts were used/logged into. I can query /etc/shadow but I think the numerical value in there is actual days since password last set, not days since last login/last login date. It would also be helpfull, if at all possible, to identify the date an account was created.

Also is there a command that will show the exact version number/build of RHEL.

And using putty.exe and running a command with a >>output.txt result, how can you tell where the putty software defaults to when saving the output of a file, e.g. on commandprompt in windows I can see where its going to write the files too unless I specify a new path, but in putty connected to RHEL I cant actually tell where it is going to write the output to.