DOCSLIB.ORG

Red Hat Enterprise Linux 7 Selinux User's and Administrator's Guide

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Red Hat Enterprise Linux 7 Selinux User's and Administrator's Guide Red Hat Enterprise Linux 7 SELinux User's and Administrator's Guide Basic and advanced configuration of Security-Enhanced Linux (SELinux) Barbora Ančincová Tomáš Čapek Red Hat Enterprise Linux 7 SELinux User's and Administrator's Guide Basic and advanced configuration of Security-Enhanced Linux (SELinux) Barbora Ančincová Red Hat Customer Content Services [email protected] Tomáš Čapek Red Hat Customer Content Services [email protected] Legal Notice Copyright © 2015 Red Hat, Inc. This document is licensed by Red Hat under the Creative Commons Attribution-ShareAlike 3.0 Unported License. If you distribute this document, or a modified version of it, you must provide attribution to Red Hat, Inc. and provide a link to the original. If the document is modified, all Red Hat trademarks must be removed. Red Hat, as the licensor of this document, waives the right to enforce, and agrees not to assert, Section 4d of CC-BY-SA to the fullest extent permitted by applicable law. Red Hat, Red Hat Enterprise Linux, the Shadowman logo, JBoss, MetaMatrix, Fedora, the Infinity Logo, and RHCE are trademarks of Red Hat, Inc., registered in the United States and other countries. Linux ® is the registered trademark of Linus Torvalds in the United States and other countries. Java ® is a registered trademark of Oracle and/or its affiliates. XFS ® is a trademark of Silicon Graphics International Corp. or its subsidiaries in the United States and/or other countries. MySQL ® is a registered trademark of MySQL AB in the United States, the European Union and other countries. Node.js ® is an official trademark of Joyent. Red Hat Software Collections is not formally related to or endorsed by the official Joyent Node.js open source or commercial project. The OpenStack ® Word Mark and OpenStack Logo are either registered trademarks/service marks or trademarks/service marks of the OpenStack Foundation, in the United States and other countries and are used with the OpenStack Foundation's permission. We are not affiliated with, endorsed or sponsored by the OpenStack Foundation, or the OpenStack community. All other trademarks are the property of their respective owners. Abstract This book consists of two parts: SELinux and Managing Confined Services. The former describes the basics and principles upon which SELinux functions, the latter is more focused on practical tasks to set up and configure various services. T able of Cont ent s Table of Contents .P .a .r t. .I .. S. E. .L .i n. u. x. 4. .C .h .a .p . t.e .r . 1. .. I.n .t .r o. .d .u .c .t .i o. n. 5. ⁠1.1. Benefits o f running SELinux 6 ⁠1.2. Examp les 6 ⁠1.3. SELinux Architecture 7 ⁠1.4. SELinux States and Mo d es 7 ⁠1.5. What Is New in Red Hat Enterp rise Linux 7 8 .C .h .a .p . t.e .r . 2. .. S. E. .L .i n. u. x. .C . o. n. t. e. x. t. s. 1. 2. ⁠2.1. Do main Transitio ns 13 ⁠2.2. SELinux Co ntexts fo r Pro cesses 14 ⁠2.3. SELinux Co ntexts fo r Users 15 .C .h .a .p . t.e .r . 3. .. T. a. r. g. e. t. e. d. .P .o . l.i c. y. 1. 6. ⁠3.1. Co nfined Pro cesses 16 ⁠3.2. Unco nfined Pro cesses 18 ⁠3.3. Co nfined and Unco nfined Users 21 .C .h .a .p . t.e .r . 4. .. W. .o .r .k i.n . g. .w . i.t h. S. E. L. i.n . u. x. 2. 6. ⁠4.1. SELinux Packag es 26 ⁠4.2. Which Lo g File is Used 27 ⁠4.3. Main Co nfig uratio n File 28 ⁠4.4. Permanent Chang es in SELinux States and Mo d es 28 ⁠4.5. Bo o leans 31 ⁠4.6 . SELinux Co ntexts – Lab eling Files 34 ⁠4.7. The file_t and d efault_t Typ es 40 ⁠4.8 . Mo unting File Systems 40 ⁠4.9 . Maintaining SELinux Lab els 43 ⁠4.10 . Info rmatio n Gathering To o ls 51 ⁠4.11. Multi-Level Security (MLS) 53 ⁠4.12. File Name Transitio n 59 ⁠4.13. Disab le p trace() 6 0 ⁠4.14. Thumb nail Pro tectio n 6 1 .C .h .a .p . t.e .r . 5. .. T. h. .e . s. e. p. o. l.i c. y. .S . u. i.t .e . 6. 2. ⁠5.1. The sep o licy Pytho n Bind ing s 6 2 ⁠5.2. Generating SELinux Po licy Mo d ules: sep o licy g enerate 6 2 ⁠5.3. Und erstand ing Do main Transitio ns: sep o licy transitio n 6 3 ⁠5.4. Generating Manual Pag es: sep o licy manp ag e 6 4 .C .h .a .p . t.e .r . 6. .. C. o. .n .f i.n . i.n .g . U. .s .e .r s. 6. 5. ⁠6 .1. Linux and SELinux User Map p ing s 6 5 ⁠6 .2. Co nfining New Linux Users: userad d 6 5 ⁠6 .3. Co nfining Existing Linux Users: semanag e lo g in 6 6 ⁠6 .4. Chang ing the Default Map p ing 6 8 ⁠6 .5. xg uest: Kio sk Mo d e 6 8 ⁠6 .6 . Bo o leans fo r Users Executing Ap p licatio ns 6 9 .C .h .a .p . t.e .r . 7. .. s. V. i.r .t . 7. 1. ⁠No n-Virtualized Enviro nment 71 ⁠Virtualized Enviro nment 71 ⁠7.1. Security and Virtualizatio n 72 ⁠7.2. sVirt Lab eling 72 1 SELinux User's and Administ rat or's Guide ⁠7.2. sVirt Lab eling 72 ⁠.C .h .a .p . t.e .r . 8. .. S. e. c. u. .r e. .L .i n. u. .x . C. o. n. .t a. i.n . e. r.s . 7. 4. ⁠.C .h .a .p . t.e .r . 9. .. S. E. .L .i n. u. x. .s .y .s .t .e .m . d. .A . c. c. e. s. s. .C .o .n . t.r .o .l . 7. 5. ⁠9 .1. SELinux Access Permissio ns fo r Services 75 ⁠9 .2. SELinux and jo urnald 77 ⁠.C .h .a .p . t.e .r . 1. 0. .. T. .r o. .u .b .l e. s. h. .o .o .t .i n. g. ..
Load more

Recommended publications
  • Automated IT Service Fault Diagnosis Based on Event Correlation Techniques
    Automated IT Service Fault Diagnosis Based on Event Correlation Techniques Dissertation an der Fakultat¨ fur¨ Mathematik, Informatik und Statistik der Ludwig-Maximilians-Universitat¨ Munchen¨ vorgelegt von Andreas Hanemann Tag der Einreichung: 22. Mai 2007 1. Berichterstatter: Professor Dr. Heinz-Gerd Hegering, Ludwig-Maximilians-Universit¨at M¨unchen 2. Berichterstatterin: Professor Dr. Gabrijela Dreo Rodosek, Universit¨at der Bundeswehr M¨unchen Automated IT Service Fault Diagnosis Based on Event Correlation Techniques Dissertation an der Fakultat¨ fur¨ Mathematik, Informatik und Statistik der Ludwig-Maximilians-Universitat¨ Munchen¨ vorgelegt von Andreas Hanemann Tag der Einreichung: 22. Mai 2007 Tag der m¨undlichen Pr¨ufung: 19. Juli 2007 1. Berichterstatter: Professor Dr. Heinz-Gerd Hegering, Ludwig-Maximilians-Universit¨at M¨unchen 2. Berichterstatterin: Professor Dr. Gabrijela Dreo Rodosek, Universit¨at der Bundeswehr M¨unchen Acknowledgments This thesis has been written as part of my work as a researcher at the Leib- niz Supercomputing Center (Leibniz-Rechenzentrum, LRZ) of the Bavarian Academy of Sciences and Humanities which was funded by the German Re- search Network (DFN-Verein) as well as in cooperation with the research group of Prof. Dr. Heinz-Gerd Hegering. Apart from the LRZ, this research group called MNM-Team (Munich Network Management Team) is located at the University of Munich (LMU), the Munich University of Technology (TUM) and the University of Federal Armed Forces in Munich. At first, I would like to thank my doctoral advisor Prof. Dr. Heinz-Gerd Hegering for his constant support and helpful advice during the whole prepa- ration time of this thesis. I would also like to express my special gratefulness to my second advisor, Prof.
    [Show full text]
  • Linux Administrators Security Guide LASG - 0.1.1
    Linux Administrators Security Guide LASG - 0.1.1 By Kurt Seifried ([email protected]) copyright 1999, All rights reserved. Available at: https://www.seifried.org/lasg/. This document is free for most non commercial uses, the license follows the table of contents, please read it if you have any concerns. If you have any questions email [email protected]. A mailing list is available, send an email to [email protected], with "subscribe lasg-announce" in the body (no quotes) and you will be automatically added. 1 Table of contents License Preface Forward by the author Contributing What this guide is and isn't How to determine what to secure and how to secure it Safe installation of Linux Choosing your install media It ain't over 'til... General concepts, server verses workstations, etc Physical / Boot security Physical access The computer BIOS LILO The Linux kernel Upgrading and compiling the kernel Kernel versions Administrative tools Access Telnet SSH LSH REXEC NSH Slush SSL Telnet Fsh secsh Local YaST sudo Super Remote Webmin Linuxconf COAS 2 System Files /etc/passwd /etc/shadow /etc/groups /etc/gshadow /etc/login.defs /etc/shells /etc/securetty Log files and other forms of monitoring General log security sysklogd / klogd secure-syslog next generation syslog Log monitoring logcheck colorlogs WOTS swatch Kernel logging auditd Shell logging bash Shadow passwords Cracking passwords John the ripper Crack Saltine cracker VCU PAM Software Management RPM dpkg tarballs / tgz Checking file integrity RPM dpkg PGP MD5 Automatic
    [Show full text]
  • Ispmail Tutorial for Debian Lenny
    6.10.2015 ISPmail tutorial for Debian Lenny ISPmail tutorial for Debian Lenny Add new comment 223533 reads This tutorial is for the former stable version "Debian Lenny". If you are using "Debian Squeeze" then please follow the new tutorial. A spanish translation of this tutorial is also available ­ courtesy of José Ramón Magán Iglesias. What this tutorial is about You surely know the internet service providers that allow you to rent a domain and use it to receive emails. If you have a computer running Debian which is connected to the internet permanently you can do that yourself. You do not even need to have a fixed IP address thanks to dynamic DNS services like dyndns.org. All you need is this document, a cup of tea and a little time. When you are done your server will be able to... receive and store emails for your users from other mail servers let your users retrieve the email through IMAP and POP3 ­ even with SSL to encrypt to connection receive and forward ("relay") email for your users if they are authenticated offer a webmail interface to read emails in a web browser detect most spam emails and filter them out or tag them License/Copyright This tutorial book is copyrighted 2009 Christoph Haas (email@christoph­haas.de). It can be used freely under the terms of the GNU General Public License. Don't forget to refer to this URL when using it. Thank you. Changelog 17.6.09: Lenny tutorial gets published. 19.6.09: The page on SPF checks is temporarily offline.
    [Show full text]
  • Projeto Final
    UNIVERSIDADE CATÓLICA DE BRASÍLIA PRÓ-REITORIA DE GRADUAÇÃO TRABALHO DE CONCLUSÃO DE CURSO Bacharelado em Ciência da Computação e Sistemas de Informação CRIAÇÃO DE UM CORREIO ELETRÔNICO CORPORATIVO COM POSTFIX Autores: Davi Eduardo R. Domingues Luiz Carlos G. P. C. Branco Rafael Bispo Silva Orientador: MSc. Eduardo Lobo BRASÍLIA 2007 Criação de um Servidor de Correio Eletrônico Corporativo com Postfix 2 / 111 DAVI EDUARDO R. DOMINGUES LUIZ CARLOS G. P. C. BRANCO RAFAEL BISPO SILVA CRIAÇÃO DE UM SERVIDOR DE CORREIO ELETRÔNICO CORPORATIVO COM POSTFIX Monografia apresentada ao Programa de Graduação da Universidade Católica de Brasília, como requisito para obtenção do Título de Bacharelado em Ciência da Computação. Orientador: MSc. Eduardo Lobo Brasília 2007 Criação de um Servidor de Correio Eletrônico Corporativo com Postfix 3 / 111 TERMO DE APROVAÇÃO Dissertação defendida e aprovada como requisito parcial para obtenção do Título de Bacharel em Ciência da Computação, defendida e aprovada, em 05 de dezembro de 2007, pela banca examinadora constituída por: _______________________________________________________ Professor Eduardo Lobo – Orientador do Projeto _______________________________________________________ Professor Mário de Oliveira Braga Filho – Membro Interno _______________________________________________________ Professor Giovanni – Membro Interno Brasília UCB Criação de um Servidor de Correio Eletrônico Corporativo com Postfix 4 / 111 Dedico este trabalho primeiramente a Deus que me deu a vida e paciência para chegar a este nível de estudo que me encontro. Em especial a minha mãe que acreditou em mim, aos bons valores que me ensinou e pelo apoio a toda minha vida acadêmica e me compreendeu pelos momentos de ausência ao seu lado. Davi Eduardo R. Domingues Criação de um Servidor de Correio Eletrônico Corporativo com Postfix 5 / 111 Dedico a minha família que sempre acreditou em mim, também aos meus grandes amigos e aos grandes amigos que se foram, aqueles que nos deixam saudades e uma vontade de continuar seus trabalhos.
    [Show full text]
  • An E-Mail Quarantine with Open Source Software
    An e-mail quarantine with open source software Using amavis, qpsmtpd and MariaDB for e-mail filtering Daniel Knittel Dirk Jahnke-Zumbusch HEPiX fall 2016 NERSC, Lawrence Berkeley National Laboratory United States of America October 2016 e-mail services at DESY > DESY is hosting 70+ e-mail domains, most prominent: ▪ desy.de — of course :) ▪ xfel.eu — European XFEL ▪ belle2.org — since summer 2016 ▪ cfel.de — Center for Free-Electron Laser Science ▪ cssb-hamburg.de — Center for Structural Systems Biology > mixed environment of open source software and commercial products ▪ Zimbra network edition with web access and standard clients (Outlook, IMAP, SMTP) ▪ Postfix for MTAs ▪ SYMPA for mailing list services ▪ Sophos and Clearswift‘s MIMEsweeper for SMTP > currently ~6.500 fully-fledged mailboxes, some 1000s extra with reduced functionality (e.g. no Outlook/ActiveSync/EWS access) > daily ~300.000 delivered e-mails 2 DESY e-mail infrastructure 1b 3 4 1 2 5 > 1 DMZ filtering ▪ restrictive filtering, reject e-mails from very suspicious MTAs ▪ 1b soon: DESY’s NREN (DFN) will be integrated into e-mail flow with virus- and SPAM-scanning > 2 filter for bad content ➔ suspicious e-mails into quarantine > 3 2nd-level SPAM-scan based on mail text and own rules > 4 distribution of e-mails to mailbox servers, mailing list servers or DESY-external destinations > 5 throttling of e-mail flow to acceptable rates (individual vs. newsletter) ▪ think “phishing” ➔ high rates trigger an alarm > mixed HW/VM environment 3 e-mail at DESY – attachment filtering & quarantine > policy: e-mail traffic is filtered ▪ block “bad” e-mails in the first place ➔ viruses are blocked ➔ executable content is blocked ▪ also block e-mails originating from DESY if they contain malicious or suspicious content ▪ up to now: commercial solution > additional measures ▪ mark e-mails with a high SPAM-score (2nd-level SPAM-filtering) ▪ monitor outgoing e-mail-flow ▪ throttle if over a specific rate ➔ this is sender-specific and customizable (e.g.
    [Show full text]
  • Scott E. Harney
    Scott E. Harney 1425 Melpomene St., New Orleans, LA 70130 504-298-UNIX scotth@scottharney. com Summary Highly motivated systems engineer with a broad background building and managing 24/7/365 Enterprise and service provider environments with a focus on getting the job done for customers. I am a self starter with a broad and deep understanding of a variety of technologies and how they can best be assembled to support business needs. I can handle multiple simultaneous projects from design through implementation to operational phases. Technologies • Operating Systems: Linux (Debian/Ubuntu, RedHat, Slackware, SuSe, CoreOS), Solaris 2.51-10, Open Solaris, Cisco IOS & NX-OS, VMWare Server/ESX/ESXi/vSphere 3.x-6.x, Sun Xvm Virtualbox, Xen 3.x, Win- dows Server 2008-2012R2 • Server software: Apache, Tomcat, Qmail, Postfix, Sendmail, Exim, OpenLDAP, SunONE Directory, Lucent QIP, ISC dhcpd, Bind, MySQL, PostresSQL, OpenSSL, OpenSSH, djbdns, Samba, NFS, Snort, Cisco CNR3.5-5.0.11, Nagios, MS Clustering Services, Active Directory, IIS, MSSQL • Storage software: Commvault Simpana 9-11, Legato Networker 7.2.x-8.x, Avamar 3.x-5.x, Netapp OnCommand Suite, Netapp Data OnTap 7.2.x- 8.2.x EMC ControlCenter 5.x, EMC Solutions Enabler 6.x, Navisphere 6.24.x, Veritas Command Central 4.3.x, Symmetrix Management Console Hitachi Storage Navigator, HDS Device Manager, Celerra Manager 5.6„ Veritas VxVM 3.x-6 • Cloud Technologies: AWS, GCE, Docker, Kubernetes, Ansible • Network technolgies: ISDN, PPP, MLPPP, DSL, BGP, Frame Relay, VoIP, POP3, IMAP, SMTP, SNMP, DNS, FTP, DHCP, SONET, EIGRP, RIP, IS-IS, Pv6, IPSEC, RADIUS, DOCSIS • Programming/Scripting: Python, PowerShell, Perl, Bourne and C shell scripting, PHP, C, HTML, XML • Hardware: – Sun Servers and Workstations including large scale SunFire E20/E25K through all current hardware Sparc, Intel, and AMD.
    [Show full text]
  • Gary Briggs Personal Details
    Gary Briggs Personal Details Home Address: 2251 S Bentley Ave, Apt 202 Los Angeles CA 90064 E-mail: [email protected] Phone: +1 (310) 406 7955 Objective I am looking to obtain a position that utilizes my skills and background as an advanced software engineer Work Experience Summer 2002 - Codehost, Inc, General Engineer. Multiple positions: Spring 2009: Software Engineer [C and C++] for server, desktop and limited-hardware work Database and Server administration. Maintaining a variety of servers including SCM repositories, file and mail servers [Samba, NFS/NIS, Postfix, Amavis], MySQL and Apache Printer driver development [for mostly PostScript devices] and associated tool development Web development [PHP and Perl with MySQL, developing an entire licensing system] Project Management including specification writing and managing external teams Documentation authoring QA Spring 2007 - Chickenware, Senior Games Architect and Developer Present: [Part Time] Lead Programmer and designer on fully networked multiplayer game Use many libraries: Bullet [physics], Ogre3d [graphics], RakNet [networking], Lua [scripting], OpenAL [sound] Fully cross-platform, works on Linux, OSX, Windows Extensive documentation authoring, including complete Doxygen source comments and PDF guides Summer 2000 - Lehman Brothers bank, Web technology group. General Web engineer including Fall 2001: Testing and expanding open source search engine technologies Server administration [Solaris, Linux, Apache, Netscape web server] Initiating work on a test lab for checking the functionality
    [Show full text]
  • Biblioteca Antispam De Propósito Geral
    Universidade Federal do Rio de Janeiro Escola Politécnica Departamento de Eletrônica e de Computação LibAntispam – Biblioteca Antispam de Propósito Geral Autor: _________________________________________________ Rafael Jorge Csura Szendrodi Orientador: _________________________________________________ Prof. Jorge Lopes de Souza Leão, Dr. Ing. Examinador: _________________________________________________ Prof. Antônio Cláudio Gómez de Sousa, M. Sc. Examinador: _________________________________________________ Prof. Aloysio de Castro Pinto Pedroza, Dr. DEL Maio de 2009 DEDICATÓRIA Dedico este trabalho: À Zeus (Jupiter), deus do Céu e da Terra, pai e rei dos deuses e dos homens, senhor do Olímpio e deus supremo deste universo. À Hera (Juno), rainha dos deuses, protetora da vida, das mulheres, da fecundidade e do matrimônio. À Athena (Miverva), deusa da sabedoria, do oficio, da inteligência e da guerra justa. Protetora do povo de Atenas. À Ártemis (Diana), deusa da caça, da natureza, da colheita, da serena luz da lua, dos nascimentos e protetora das Amazonas. À Afrodite (Venus), deusa da beleza e do amor, mãe de Enéias, fundador da raça romana, e matriarca da dinastia Julia (a dinastia de Julio Cesar). À minha mãe, Ildi e ao meu pai Gyorgy, pelo meu nascimento e por, de certa forma, terem contribuído para que eu me moldasse no que sou hoje. ii AGRADECIMENTO Ao povo brasileiro que contribuiu de forma significativa à minha formação e estada nesta Universidade. Este projeto é uma pequena forma de retribuir o investimento e confiança em mim depositados. Ao professor Leão, meu orientador neste projeto, por ter aceitado me guiar nesta minha jornada final do meu curso. Aos professores Baruqui (meu orientador acadêmico), Joarez, Gabriel, Petraglia e Mariane, meus amigos há vários anos que sempre me incentivaram a não desistir do curso de eletrônica.
    [Show full text]
  • Zimbra Collaboration Server Administrator's Guide
    Zimbra Collaboration Server Administrator’s Guide ZCS 8.0 Open Source Edition August 2013 Legal Notices Copyright ©2005-2014 Telligent Systems, Inc. All rights reserved. This product is protected by U.S. and international copyright and intellectual property laws. “Telligent” and “Zimbra” are registered trademarks or trademarks of Telligent Systems, Inc. in the United States and other jurisdictions. All other marks and names mentioned herein may be trademarks of their respective companies. Telligent Systems, Inc. d/b/a Zimbra Software, LLC www.zimbra.com ZCS 8.0 March 2014 Rev 6 for 8.0.7 Table of Contents 1 Introduction . 9 Audience . 9 Third-Party Components . 9 Support and Contact Information . 9 2 Product Overview . 11 Core Email, Calendar and Collaboration Functionality . 11 Zimbra Components . 12 System Architecture . 12 Zimbra Application Packages . 14 Example of a Typical Multiserver Configuration . 15 Zimbra System Directory Tree . 17 Web Client Versions . 18 3 Zimbra Mailbox Server . 21 Incoming Mail Routing . 21 Mailbox Server . 21 Message Store . 21 Data Store. 22 Index Store . 22 Mailbox Server Logs . 23 4 Zimbra LDAP Service . 25 LDAP Traffic Flow . 25 LDAP Directory Hierarchy . 26 ZCS LDAP Schema . 27 ZCS Objects . 28 Account Authentication . 30 Internal Authentication Mechanism. 30 External LDAP and External AD Authentication Mechanism . 30 Custom Authentication . 31 Kerberos5 Authentication Mechanism . 32 Global Address List . 33 Flushing LDAP Cache . 34 Flush the Cache for Themes and Locales . 35 Flush Accounts, Groups, COS, Domains, and Servers . 35 5 Zimbra Mail Transfer Agent. 37 Zimbra MTA Deployment . 37 Postfix Configuration Files . 38 SMTP Authentication . 38 SMTP Restrictions . 39 Sending Non Local Mail to a Different Server.
    [Show full text]
  • Debian Tips & Tricks
    Linux-Kurs Theme - Debian Tips & Tricks - 14. Feb. 2008 Michel Bisson Debian Linux Tips and Tricks Table of Contents Basic configuration program.................................................................................................. 4 Install package groups...........................................................................................................4 Install individual packages.....................................................................................................4 Configuration program for system......................................................................................... 4 To configure postscript fonts for a postscript printer.............................................................4 Configuration for kdm to manage remote X servers..............................................................4 Xserver DPI settings ca be changed..................................................................................... 4 Edit the following files to allow TrueType fonts..................................................................... 4 Configuration of X-Server access control..............................................................................4 X-Server keyboard symbols for keys layout meanings......................................................... 4 To get rid of all the unused libraries ..................................................................................... 4 To search for a package name in All available packages.....................................................4
    [Show full text]
  • Macsysadmin 2009 Presentatio
    Slide 1 SpamAssassin Way more than the Mac OS X Server GUI shows Presented by: Kevin A. McGrail Project Management Committee Member of the Apache Software Foundation SpamAssassin Project & President, PCCC September 16, 2009 Good Afternoon, My name is Kevin A. McGrail. If you read my biographyi for this conference, you’ll know already that I hate Spam and enjoy greatly fighting spammers. You’ll also know that I love all types of computers and use a wide variety of machines & operating systems. But I’m definitely old-school in my love for the command line interface. This doesn’t mean I don’t think that Apple’s OS X is the most beautiful pairing of a rock-solid CLI with a beautifully polished GUI. But it does mean that while we are here to talk about Mac system administration, the configuration of SpamAssassin is largely not server specific and most of the heavy- handed configuration changes will be done behind the scenes using the CLI. So let’s get started by talking about the definition of Spam. Page 1 of 67 Slide 2 What is Spam? •Spam is NOT about content, its about CONSENT. – Consent: to give assent or approval : agree <consent to being tested> Merriam‐Webster Dictionary •What is SPAM vs. spam? September 16, 2009 Chris Santerre gave the best definition of Spam I’ve ever seen. He based the definition of Spam on CONSENT not content because consent is when you give approval to someone to send you e-mails. Many people try and use various legal definitions such as CAN-SPAM in the US.
    [Show full text]
  • Linux-Cookbook.Pdf
    LINUX COOKBOOK ™ Other Linux resources from O’Reilly Related titles Linux Device Drivers Exploring the JDS Linux Linux in a Nutshell Desktop Running Linux Learning Red Hat Enterprise Building Embedded Linux Linux and Fedora Systems Linux Pocket Guide Linux Security Cookbook Understanding the Linux Kernel Linux Books linux.oreilly.com is a complete catalog of O’Reilly’s books on Resource Center Linux and Unix and related technologies, including sample chapters and code examples. ONLamp.com is the premier site for the open source web plat- form: Linux, Apache, MySQL, and either Perl, Python, or PHP. Conferences O’Reilly brings diverse innovators together to nurture the ideas that spark revolutionary industries. We specialize in document- ing the latest tools and systems, translating the innovator’s knowledge into useful skills for those in the trenches. Visit conferences.oreilly.com for our upcoming events. Safari Bookshelf (safari.oreilly.com) is the premier online refer- ence library for programmers and IT professionals. Conduct searches across more than 1,000 books. Subscribers can zero in on answers to time-critical questions in a matter of seconds. Read the books on your Bookshelf from cover to cover or sim- ply flip to the page you need. Try it today with a free trial. LINUX COOKBOOK ™ Carla Schroder Beijing • Cambridge • Farnham • Köln • Paris • Sebastopol • Taipei • Tokyo Linux Cookbook™ by Carla Schroder Copyright © 2005 O’Reilly Media, Inc. All rights reserved. Printed in the United States of America. Published by O’Reilly Media, Inc., 1005 Gravenstein Highway North, Sebastopol, CA 95472. O’Reilly books may be purchased for educational, business, or sales promotional use.
    [Show full text]