DOCSLIB.ORG

Security Guide Security Guide SUSE Linux Enterprise Server 12 SP4

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Security Guide Security Guide SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12 SP4 Security Guide Security Guide SUSE Linux Enterprise Server 12 SP4 Introduces basic concepts of system security, covering both local and network security aspects. Shows how to use the product inherent security software like AppArmor or the auditing system that reliably collects information about any security-relevant events. Publication Date: September 24, 2021 SUSE LLC 1800 South Novell Place Provo, UT 84606 USA https://documentation.suse.com Copyright © 2006– 2021 SUSE LLC and contributors. All rights reserved. Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.2 or (at your option) version 1.3; with the Invariant Section being this copyright notice and license. A copy of the license version 1.2 is included in the section entitled “GNU Free Documentation License”. For SUSE trademarks, see https://www.suse.com/company/legal/ . All other third-party trademarks are the property of their respective owners. Trademark symbols (®, ™ etc.) denote trademarks of SUSE and its aliates. Asterisks (*) denote third-party trademarks. All information found in this book has been compiled with utmost attention to detail. However, this does not guarantee complete accuracy. Neither SUSE LLC, its aliates, the authors nor the translators shall be held liable for possible errors or the consequences thereof. Contents About This Guide xvi 1 Available Documentation xvi 2 Giving Feedback xviii 3 Documentation Conventions xviii 4 Product Life Cycle and Support xx Support Statement for SUSE Linux Enterprise Server xxi • Technology Previews xxii 1 Security and Confidentiality 1 1.1 Local Security and Network Security 1 Local Security 3 • Network Security 6 1.2 Some General Security Tips and Tricks 10 1.3 Using the Central Security Reporting Address 12 I AUTHENTICATION 13 2 Authentication with PAM 14 2.1 What is PAM? 14 2.2 Structure of a PAM Configuration File 15 2.3 The PAM Configuration of sshd 17 2.4 Configuration of PAM Modules 20 pam_env.conf 20 • pam_mount.conf.xml 21 • limits.conf 21 2.5 Configuring PAM Using pam-config 22 2.6 Manually Configuring PAM 23 2.7 For More Information 23 iii Security Guide 3 Using NIS 25 3.1 Configuring NIS Servers 25 Configuring a NIS Master Server 26 • Configuring a NIS Slave Server 30 3.2 Configuring NIS Clients 31 4 Setting Up Authentication Servers and Clients Using YaST 33 4.1 Configuring an Authentication Server with YaST 33 Initial Configuration of an Authentication Server 33 • Editing an Authentication Server Configuration with YaST 37 • Editing LDAP Users and Groups 42 4.2 Configuring an Authentication Client with YaST 42 4.3 SSSD 43 Checking the Status 43 • Caching 43 • For More Information 44 5 LDAP—A Directory Service 45 5.1 LDAP versus NIS 46 5.2 Structure of an LDAP Directory Tree 46 5.3 Configuring an LDAP Client with YaST 49 5.4 Configuring LDAP Users and Groups in YaST 51 5.5 Manually Configuring an LDAP Server 52 5.6 Manually Administering LDAP Data 53 Inserting Data into an LDAP Directory 53 • Modifying Data in the LDAP Directory 55 • Searching or Reading Data from an LDAP Directory 56 • Deleting Data from an LDAP Directory 57 5.7 For More Information 57 6 Network Authentication with Kerberos 59 6.1 Conceptual Overview 59 6.2 Kerberos Terminology 59 iv Security Guide 6.3 How Kerberos Works 61 First Contact 61 • Requesting a Service 62 • Mutual Authentication 63 • Ticket Granting—Contacting All Servers 63 6.4 User View of Kerberos 64 6.5 Installing and Administering Kerberos 65 Kerberos Network Topology 66 • Choosing the Kerberos Realms 67 • Setting Up the KDC Hardware 67 • Configuring Time Synchronization 68 • Configuring the KDC 69 • Configuring Kerberos Clients 72 • Configuring Remote Kerberos Administration 75 • Creating Kerberos Service Principals 76 • Enabling PAM Support for Kerberos 78 • Configuring SSH for Kerberos Authentication 79 • Using LDAP and Kerberos 80 6.6 Setting up Kerberos using LDAP and Kerberos Client 82 6.7 Kerberos and NFS 85 Group Membership 86 • Performance and Scalability 87 • Master KDC, Multiple Domains, and Trust Relationships 88 6.8 For More Information 88 7 Active Directory Support 90 7.1 Integrating Linux and Active Directory Environments 90 7.2 Background Information for Linux Active Directory Support 91 Domain Join 93 • Domain Login and User Homes 94 • Offline Service and Policy Support 95 7.3 Configuring a Linux Client for Active Directory 96 Choosing Which YaST Module to Use for Connecting to Active Directory 97 • Joining Active Directory Using User Logon Management 98 • Joining Active Directory Using Windows Domain Membership 102 • Checking Active Directory Connection Status 105 7.4 Logging In to an Active Directory Domain 105 GDM 105 • Console Login 106 7.5 Changing Passwords 106 v Security Guide II LOCAL SECURITY 108 8 Configuring Security Settings with YaST 109 8.1 Security Overview 109 8.2 Predefined Security Configurations 110 8.3 Password Settings 111 8.4 Boot Settings 112 8.5 Login Settings 112 8.6 User Addition 112 8.7 Miscellaneous Settings 112 9 Authorization with PolKit 114 9.1 Conceptual Overview 114 Available Authentication Agents 114 • Structure of PolKit 114 • Available Commands 115 • Available Policies and Supported Applications 115 9.2 Authorization Types 117 Implicit Privileges 117 • Explicit Privileges 117 • Default Privileges 118 9.3 Querying Privileges 118 9.4 Modifying Configuration Files 119 Adding Action Rules 119 • Adding Authorization Rules 120 • Modifying Configuration Files for Implicit Privileges 121 9.5 Restoring the Default Privileges 122 10 Access Control Lists in Linux 124 10.1 Traditional File Permissions 124 The setuid Bit 124 • The setgid Bit 125 • The Sticky Bit 125 10.2 Advantages of ACLs 125 10.3 Definitions 126 vi Security Guide 10.4 Handling ACLs 127 ACL Entries and File Mode Permission Bits 128 • A Directory with an ACL 129 • A Directory with a Default ACL 131 • The ACL Check Algorithm 134 10.5 ACL Support in Applications 135 10.6 For More Information 135 11 Encrypting Partitions and Files 136 11.1 Setting Up an Encrypted File System with YaST 137 Creating an Encrypted Partition during Installation 137 • Creating an Encrypted Partition on a Running System 138 • Creating an Encrypted Virtual Disk 139 • Encrypting the Content of Removable Media 139 11.2 Using Encrypted Home Directories 140 11.3 Encrypting Files with GPG 141 12 Certificate Store 142 12.1 Activating Certificate Store 142 12.2 Importing Certificates 142 13 Intrusion Detection with AIDE 144 13.1 Why Use AIDE? 144 13.2 Setting Up an AIDE Database 144 13.3 Local AIDE Checks 147 13.4 System Independent Checking 148 13.5 For More Information 149 III NETWORK SECURITY 150 14 SSH: Secure Network Operations 151 14.1 ssh—Secure Shell 151 Starting X Applications on a Remote Host 152 • Agent Forwarding 152 vii Security Guide 14.2 scp—Secure Copy 152 14.3 sftp—Secure File Transfer 153 Using sftp 153 • Setting Permissions for File Uploads 154 14.4 The SSH Daemon (sshd) 155 Maintaining SSH Keys 156 • Rotating Host Keys 156 14.5 SSH Authentication Mechanisms 157 Generating an SSH Key 158 • Copying an SSH Key 158 • Using the ssh- agent 159 14.6 Port Forwarding 160 14.7 For More Information 160 15 Masquerading and Firewalls 162 15.1 Packet Filtering with iptables 162 15.2 Masquerading Basics 165 15.3 Firewalling Basics 166 15.4 SuSEFirewall2 167 Configuring the Firewall with YaST 168 • Configuring Manually 169 15.5 For More Information 172 16 Configuring a VPN Server 173 16.1 Conceptual Overview 173 Terminology 173 • VPN Scenarios 174 16.2 Setting Up a Simple Test Scenario 178 Configuring the VPN Server 179 • Configuring the VPN Clients 180 • Testing the VPN Example Scenario 181 16.3 Setting Up Your VPN Server Using a Certificate Authority 182 Creating Certificates 182 • Configuring the VPN Server 185 • Configuring the VPN Clients 187 16.4 Setting Up a VPN Server or Client Using YaST 188 viii Security Guide 16.5 For More Information 189 17 Managing X.509 Certification 191 17.1 The Principles of Digital Certification 191 Key Authenticity 192 • X.509 Certificates 192 • Blocking X.509 Certificates 193 • Repository for Certificates and CRLs 194 • Proprietary PKI 195 17.2 YaST Modules for CA Management 195 Creating a Root CA 195 • Changing Password 197 • Creating or Revoking a Sub-CA 198 • Creating or Revoking User Certificates 200 • Changing Default Values 201 • Creating Certificate Revocation Lists (CRLs) 202 • Exporting CA Objects to LDAP 203 • Exporting CA Objects as a File 204 • Importing Common Server Certificates 205 IV CONFINING PRIVILEGES WITH APPARMOR 206 18 Introducing AppArmor 207 18.1 AppArmor Components 207 18.2 Background Information on AppArmor Profiling 208 19 Getting Started 209 19.1 Installing AppArmor 209 19.2 Enabling and Disabling AppArmor 210 19.3 Choosing Applications to Profile 211 19.4 Building and Modifying Profiles 211 19.5 Updating Your Profiles 213 20 Immunizing Programs 214 20.1 Introducing the AppArmor Framework 215 20.2 Determining Programs to Immunize 217 20.3 Immunizing cron Jobs 218 ix Security Guide 20.4 Immunizing Network Applications 218 Immunizing Web Applications 220 • Immunizing Network Agents 222 21 Profile Components and Syntax 223 21.1 Breaking an AppArmor Profile into Its Parts 224 21.2 Profile Types 226 Standard Profiles 226 • Unattached Profiles 227 • Local Profiles 227 • Hats 228 • Change rules 228 21.3 Include Statements 229 Abstractions 230 • Program Chunks 231 • Tunables 231 21.4 Capability Entries (POSIX.1e)
Load more

Recommended publications
  • Creating Awareness for the Use of Opensource Systems in the Public Sector in Afghanistan
    A Service of Leibniz-Informationszentrum econstor Wirtschaft Leibniz Information Centre Make Your Publications Visible. zbw for Economics Hussini, Sayed Jahed (Ed.); Finke, Wolfgang F. (Ed.) Research Report Creating Awareness for the Use of OpenSource Systems in the Public Sector in Afghanistan. Workshop Proceedings, Sept. 15-17, 2012, Kabul/ Afghanistan Wirtschaftswissenschaftliche Schriften, No. 02/2013 Provided in Cooperation with: Ernst-Abbe-Hochschule Jena – University of Applied Sciences, Department of Business Administration Suggested Citation: Hussini, Sayed Jahed (Ed.); Finke, Wolfgang F. (Ed.) (2013) : Creating Awareness for the Use of OpenSource Systems in the Public Sector in Afghanistan. Workshop Proceedings, Sept. 15-17, 2012, Kabul/Afghanistan, Wirtschaftswissenschaftliche Schriften, No. 02/2013, ISBN 3-939046-32-9, Ernst-Abbe-Fachhochschule, Fachbereich Betriebswirtschaft, Jena, http://nbn-resolving.de/urn:nbn:de:gbv:27-20130408-110626-4 This Version is available at: http://hdl.handle.net/10419/71197 Standard-Nutzungsbedingungen: Terms of use: Die Dokumente auf EconStor dürfen zu eigenen wissenschaftlichen Documents in EconStor may be saved and copied for your Zwecken und zum Privatgebrauch gespeichert und kopiert werden. personal and scholarly purposes. Sie dürfen die Dokumente nicht für öffentliche oder kommerzielle You are not to copy documents for public or commercial Zwecke vervielfältigen, öffentlich ausstellen, öffentlich zugänglich purposes, to exhibit the documents publicly, to make them machen, vertreiben oder anderweitig nutzen. publicly available on the internet, or to distribute or otherwise use the documents in public. Sofern die Verfasser die Dokumente unter Open-Content-Lizenzen (insbesondere CC-Lizenzen) zur Verfügung gestellt haben sollten, If the documents have been made available under an Open gelten abweichend von diesen Nutzungsbedingungen die in der dort Content Licence (especially Creative Commons Licences), you genannten Lizenz gewährten Nutzungsrechte.
    [Show full text]
  • Vulnerability Scanners and Penetration Testing
    Vulnerability Scanners and Penetration Testing Introduction OBJECTIVE: CompTIA Security+ Domain: Domain 3: Threats and Vulnerabilities CompTIA Security+ Objective Mapping: Objective 3.8: Explain the proper use of penetration testing versus vulnerability scanning. OVERVIEW: In this lab, you will scan a host to discover security holes. Discovering vulnerabilities is critical so they can be patched before attackers compromise your system. Key Term Description OpenVAS an open source vulnerability scanner gaining a higher level of access (possible administrative access) from account with less Privilege escalation permissions and rights Zenmap a GUI front end for nmap, will allow you to scan for open ports and services Metasploit a framework that contains exploits for various information systems nmap a port scanner which will indicate whether ports are open or closed on a remote system Nmap and OpenVAS 1. Click on the External Kali 2 Linux icon on the topology. Type root for the username, and click the Next button. TOPOLOGY MACHINES If the Kali Linux is displaying the time, and not the logon box, press the Enter Key. EXTERNAL KALI 2 USERNAME 2. For the password, type toor (root spelled backwards), and click the Sign In button. EXTERNAL KALI 2 PASSWORD 3. Click the terminal icon (second from the top) to launch the Linux terminal. OPENING THE KALI 2 TERMINAL 4. Type the following command to scan the firewall for open ports, then press Enter. root@kali2:~# nmap 203.0.113.100 NMAP 5. Type the following command, then press Enter to open Zenmap. After Zenmap opens, type 203.0.113.100 in the Target box and then click the Scan button to launch an intense scan.
    [Show full text]
  • Version 7.8-Systemd
    Linux From Scratch Version 7.8-systemd Created by Gerard Beekmans Edited by Douglas R. Reno Linux From Scratch: Version 7.8-systemd by Created by Gerard Beekmans and Edited by Douglas R. Reno Copyright © 1999-2015 Gerard Beekmans Copyright © 1999-2015, Gerard Beekmans All rights reserved. This book is licensed under a Creative Commons License. Computer instructions may be extracted from the book under the MIT License. Linux® is a registered trademark of Linus Torvalds. Linux From Scratch - Version 7.8-systemd Table of Contents Preface .......................................................................................................................................................................... vii i. Foreword ............................................................................................................................................................. vii ii. Audience ............................................................................................................................................................ vii iii. LFS Target Architectures ................................................................................................................................ viii iv. LFS and Standards ............................................................................................................................................ ix v. Rationale for Packages in the Book .................................................................................................................... x vi. Prerequisites
    [Show full text]
  • Pluggable Authentication Modules
    Who this book is written for This book is for experienced system administrators and developers working with multiple Linux/UNIX servers or with both UNIX and Pluggable Authentication Windows servers. It assumes a good level of admin knowledge, and that developers are competent in C development on UNIX-based systems. Pluggable Authentication Modules PAM (Pluggable Authentication Modules) is a modular and flexible authentication management layer that sits between Linux applications and the native underlying authentication system. The PAM framework is widely used by most Linux distributions for authentication purposes. Modules Originating from Solaris 2.6 ten years ago, PAM is used today by most proprietary and free UNIX operating systems including GNU/Linux, FreeBSD, and Solaris, following both the design concept and the practical details. PAM is thus a unifying technology for authentication mechanisms in UNIX. This book provides a practical approach to UNIX/Linux authentication. The design principles are thoroughly explained, then illustrated through the examination of popular modules. It is intended as a one-stop introduction and reference to PAM. What you will learn from this book From Technologies to Solutions • Install, compile, and configure Linux-PAM on your system • Download and compile third-party modules • Understand the PAM framework and how it works • Learn to work with PAM’s management groups and control fl ags • Test and debug your PAM confi guration Pluggable Authentication Modules • Install and configure the pamtester utility
    [Show full text]
  • Connotative Meanings in Ed Sheeran's Song Lyrics
    CONNOTATIVE MEANINGS IN ED SHEERAN’S SONG LYRICS THESIS Submitted as a Partial Requirements for the degree of Sarjana in English Letters Department Written By: WAHYU KUSUMANINGRUM SRN. 163 211 050 ENGLISH LETTERS DEPARTMENT CULTURES AND LANGUAGES FACULTY THE STATE ISLAMIC INSTITUTE OF SURAKARTA 2020 CONNOTATIVE MEANINGS IN ED SHEERAN’S SONG LYRICS THESIS Submitted as a Partial Requirements for the degree of Sarjana in English Letters Department Written By: WAHYU KUSUMANINGRUM SRN. 163 211 050 ENGLISH LETTERS DEPARTMENT CULTURES AND LANGUAGES FACULTY THE STATE ISLAMIC INSTITUTE OF SURAKARTA 2020 i ADVISOR SHEET Subject : Thesis of Wahyu Kusumaningrum SRN : 163211050 To: The Dean of Cultures and Languages Faculty IAIN Surakarta In Surakarta \ Assalamu’alaikum Wr. Wb. After reading thoroughly and giving necessary advices, herewith, as the advisors, we state that the thesis of Name : Wahyu Kusumaningrum SRN : 16.32.1.1.050 Title : Connotative Meanings in Ed Sheeran’s Song Lyrics has already fulfilled the requirements to be presented before the board of Examiners (munaqosyah) to gain Bachelor Degree in English Letters. Thank you for the attention Wassalamu’alaikum Wr. Wb. Surakarta, November 2, 2020 Advisor Robith Khoiril Umam S.S., M.Hum. NIP. 19871011 201503 1 006 ii iii DEDICATION This thesis is dedicated to: 1. Myself 2. My beloved parents 3. My beloved family 4. English Letters 2016 5. English Letters Department 6. My Almamater IAIN Surakarta iv MOTTO “Dan (ingatlah juga), tatkala Tuhanmu memaklumkan; "Sesungguhnya jika kamu bersyukur, pasti Kami akan menambah (nikmat) kepadamu, dan jika kamu mengingkari (nikmat-Ku), maka sesungguhnya azab-Ku sangat pedih.” (Q.S.
    [Show full text]
  • List of NMAP Scripts Use with the Nmap –Script Option
    List of NMAP Scripts Use with the nmap –script option Retrieves information from a listening acarsd daemon. Acarsd decodes ACARS (Aircraft Communication Addressing and Reporting System) data in real time. The information retrieved acarsd-info by this script includes the daemon version, API version, administrator e-mail address and listening frequency. Shows extra information about IPv6 addresses, such as address-info embedded MAC or IPv4 addresses when available. Performs password guessing against Apple Filing Protocol afp-brute (AFP). Attempts to get useful information about files from AFP afp-ls volumes. The output is intended to resemble the output of ls. Detects the Mac OS X AFP directory traversal vulnerability, afp-path-vuln CVE-2010-0533. Shows AFP server information. This information includes the server's hostname, IPv4 and IPv6 addresses, and hardware type afp-serverinfo (for example Macmini or MacBookPro). Shows AFP shares and ACLs. afp-showmount Retrieves the authentication scheme and realm of an AJP service ajp-auth (Apache JServ Protocol) that requires authentication. Performs brute force passwords auditing against the Apache JServ protocol. The Apache JServ Protocol is commonly used by ajp-brute web servers to communicate with back-end Java application server containers. Performs a HEAD or GET request against either the root directory or any optional directory of an Apache JServ Protocol ajp-headers server and returns the server response headers. Discovers which options are supported by the AJP (Apache JServ Protocol) server by sending an OPTIONS request and lists ajp-methods potentially risky methods. ajp-request Requests a URI over the Apache JServ Protocol and displays the result (or stores it in a file).
    [Show full text]
  • Security Guide
    Fedora 19 Security Guide A Guide to Securing Fedora Linux Johnray Fuller John Ha David O'Brien Scott Radvan Eric Christensen Adam Ligas Murray McAllister Scott Radvan Daniel Walsh Security Guide Dominick Grift Eric Paris James Morris Fedora 19 Security Guide A Guide to Securing Fedora Linux Edition 19.1 Author Johnray Fuller [email protected] Author John Ha [email protected] Author David O'Brien [email protected] Author Scott Radvan [email protected] Author Eric Christensen [email protected] Author Adam Ligas [email protected] Author Murray McAllister [email protected] Author Scott Radvan [email protected] Author Daniel Walsh [email protected] Author Dominick Grift [email protected] Author Eric Paris [email protected] Author James Morris [email protected] Copyright © 2007-2013 Fedora Project Contributors. The text of and illustrations in this document are licensed by Red Hat under a Creative Commons Attribution–Share Alike 3.0 Unported license ("CC-BY-SA"). An explanation of CC-BY-SA is available at http://creativecommons.org/licenses/by-sa/3.0/. The original authors of this document, and Red Hat, designate the Fedora Project as the "Attribution Party" for purposes of CC-BY-SA. In accordance with CC-BY-SA, if you distribute this document or an adaptation of it, you must provide the URL for the original version. Red Hat, as the licensor of this document, waives the right to enforce, and agrees not to assert, Section 4d of CC-BY-SA to the fullest extent permitted by applicable law. Red Hat, Red Hat Enterprise Linux, the Shadowman logo, JBoss, MetaMatrix, Fedora, the Infinity Logo, and RHCE are trademarks of Red Hat, Inc., registered in the United States and other countries.
    [Show full text]
  • Openvas Reporting Documentation Release 1.4.4
    OpenVAS Reporting Documentation Release 1.4.4 TheGroundZero May 23, 2021 Contents 1 Table of contents 3 1.1 Changelog..............................................3 1.2 Usage.................................................3 1.2.1 Installation.........................................3 1.2.2 Command line usage....................................4 2 What’s OpenVAS Reporting?9 3 Why create this tool? 11 4 Aren’t there other tools to achieve this? 13 5 How can I help? 15 6 TODO list 17 i ii OpenVAS Reporting Documentation, Release 1.4.4 A tool to convert OpenVAS XML into reports. Contents 1 OpenVAS Reporting Documentation, Release 1.4.4 2 Contents CHAPTER 1 Table of contents 1.1 Changelog 1.4.2 - Fixed "ValueError: Unknown format code ’f’ for object of type ’str’" 1.4.1 - Small bugfixes and code refactoring 1.4.0 - Use Word template for report building 1.3.1 - Add charts to Word document using matplotlib. Some code clean-up and small lay-out changes in Excel. 1.3.0 - Fix retrieval of description and other useful info by parsing <tags> instead of <description> 1.2.3 - Implement https://github.com/cr0hn/openvas_to_report/pull/12 1.2.2 - Fix bug where port info was not correctly extracted 1.2.1 - Fix bug where affected hosts were added on wrong row in Excel export 1.2.0 - Functional export to Word document (.docx). Includes some formatting. TODO: graphs 1.1.0a - Support for exporting to Word document (.docx). Limited formatting, needs more testing 1.0.1a - Small updates, preparing for export to other formats 1.0.0 - First official release, supports export to Excel with graphs, ToC and worksheet per vulnerability 1.2 Usage 1.2.1 Installation You can install this package directly from source by cloning the Git repository.
    [Show full text]
  • SPI Annual Report 2015
    Software in the Public Interest, Inc. 2015 Annual Report July 12, 2016 To the membership, board and friends of Software in the Public Interest, Inc: As mandated by Article 8 of the SPI Bylaws, I respectfully submit this annual report on the activities of Software in the Public Interest, Inc. and extend my thanks to all of those who contributed to the mission of SPI in the past year. { Martin Michlmayr, SPI Secretary 1 Contents 1 President's Welcome3 2 Committee Reports4 2.1 Membership Committee.......................4 2.1.1 Statistics...........................4 3 Board Report5 3.1 Board Members............................5 3.2 Board Changes............................6 3.3 Elections................................6 4 Treasurer's Report7 4.1 Income Statement..........................7 4.2 Balance Sheet............................. 13 5 Member Project Reports 16 5.1 New Associated Projects....................... 16 5.2 Updates from Associated Projects................. 16 5.2.1 0 A.D.............................. 16 5.2.2 Chakra............................ 16 5.2.3 Debian............................. 17 5.2.4 Drizzle............................. 17 5.2.5 FFmpeg............................ 18 5.2.6 GNU TeXmacs........................ 18 5.2.7 Jenkins............................ 18 5.2.8 LibreOffice.......................... 18 5.2.9 OFTC............................. 19 5.2.10 PostgreSQL.......................... 19 5.2.11 Privoxy............................ 19 5.2.12 The Mana World....................... 19 A About SPI 21 2 Chapter 1 President's Welcome SPI continues to focus on our core services, quietly and competently supporting the activities of our associated projects. A huge thank-you to everyone, particularly our board and other key volun- teers, whose various contributions of time and attention over the last year made continued SPI operations possible! { Bdale Garbee, SPI President 3 Chapter 2 Committee Reports 2.1 Membership Committee 2.1.1 Statistics On January 1, 2015 we had 512 contributing and 501 non-contributing mem- bers.
    [Show full text]
  • Frodo Is Grea…Who Is That?!?: The
    FRODO IS GREA…WHO IS THAT?!?: THE PRODUCTION AND CONSUMPTION OF AN ONLINE CELEBRITY PARODY A THESIS SUBMITTED IN PARTIAL FULFILMENT OF THE REQUIREMENTS FOR THE DEGREE OF MASTER OF ARTS IN ANTHROPOLOGY UNIVERSITY OF CANTERBURY 2007 Yadana J. Saw Abstract My thesis analyses the phenomenon of Figwit, a non-speaking elf extra who appeared for only three-seconds in the first instalment of Peter Jackson’s 2001 Lord of the Rings movie trilogy. Figwit was initially generated as an online parody by female fans of the movie and as a foil to the ‘swooning, drooling girly’ fandom that was being directed towards the movie’s star actors. However, Figwit evolved into a bona fide, albeit minor, celebrity both on and offline as he attracted attention from worldwide media, a small speaking role in the final movie and genuine adulatory fandom as manifested in the production of Figwit merchandise. In my thesis I argue that Figwit’s creation and consequential community formation reflects a dynamic online-offline dialogic in which pre-existing offline and habitus- generated social practices and distinctions, ideal reflexive individuality and celebrity/fandom were dynamically reproduced within online technological frameworks. I also argue that online activity and interactivity is generated by users to strategically express and engage intensified reflexive individuality, affirming sociability and hyper-social distinctions. In this regard I have also argued that these various potentials and imaginaries were significantly enabled by digital architectures and genres of online communication and interactivity. In particular, I discuss the internet’s capacity for searchability, traceability, and rhetorical framing processes that facilitate continuous re-editing authorship possibilities, which are not necessarily replicable in face-to-face interactions.
    [Show full text]
  • SUSE Linux Enterprise Server 15 SP2 Security and Hardening Guide Security and Hardening Guide SUSE Linux Enterprise Server 15 SP2
    SUSE Linux Enterprise Server 15 SP2 Security and Hardening Guide Security and Hardening Guide SUSE Linux Enterprise Server 15 SP2 Introduces basic concepts of system security, covering both local and network security aspects. Shows how to use the product inherent security software like AppArmor, SELinux, or the auditing system that reliably collects information about any security-relevant events. Supports the administrator with security-related choices and decisions in installing and setting up a secure SUSE Linux Enterprise Server and additional processes to further secure and harden that installation. Publication Date: September 24, 2021 SUSE LLC 1800 South Novell Place Provo, UT 84606 USA https://documentation.suse.com Copyright © 2006– 2021 SUSE LLC and contributors. All rights reserved. Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.2 or (at your option) version 1.3; with the Invariant Section being this copyright notice and license. A copy of the license version 1.2 is included in the section entitled “GNU Free Documentation License”. For SUSE trademarks, see https://www.suse.com/company/legal/ . All other third-party trademarks are the property of their respective owners. Trademark symbols (®, ™ etc.) denote trademarks of SUSE and its aliates. Asterisks (*) denote third-party trademarks. All information found in this book has been compiled with utmost attention to detail. However, this does not guarantee complete accuracy. Neither SUSE LLC, its
    [Show full text]
  • Pipenightdreams Osgcal-Doc Mumudvb Mpg123-Alsa Tbb
    pipenightdreams osgcal-doc mumudvb mpg123-alsa tbb-examples libgammu4-dbg gcc-4.1-doc snort-rules-default davical cutmp3 libevolution5.0-cil aspell-am python-gobject-doc openoffice.org-l10n-mn libc6-xen xserver-xorg trophy-data t38modem pioneers-console libnb-platform10-java libgtkglext1-ruby libboost-wave1.39-dev drgenius bfbtester libchromexvmcpro1 isdnutils-xtools ubuntuone-client openoffice.org2-math openoffice.org-l10n-lt lsb-cxx-ia32 kdeartwork-emoticons-kde4 wmpuzzle trafshow python-plplot lx-gdb link-monitor-applet libscm-dev liblog-agent-logger-perl libccrtp-doc libclass-throwable-perl kde-i18n-csb jack-jconv hamradio-menus coinor-libvol-doc msx-emulator bitbake nabi language-pack-gnome-zh libpaperg popularity-contest xracer-tools xfont-nexus opendrim-lmp-baseserver libvorbisfile-ruby liblinebreak-doc libgfcui-2.0-0c2a-dbg libblacs-mpi-dev dict-freedict-spa-eng blender-ogrexml aspell-da x11-apps openoffice.org-l10n-lv openoffice.org-l10n-nl pnmtopng libodbcinstq1 libhsqldb-java-doc libmono-addins-gui0.2-cil sg3-utils linux-backports-modules-alsa-2.6.31-19-generic yorick-yeti-gsl python-pymssql plasma-widget-cpuload mcpp gpsim-lcd cl-csv libhtml-clean-perl asterisk-dbg apt-dater-dbg libgnome-mag1-dev language-pack-gnome-yo python-crypto svn-autoreleasedeb sugar-terminal-activity mii-diag maria-doc libplexus-component-api-java-doc libhugs-hgl-bundled libchipcard-libgwenhywfar47-plugins libghc6-random-dev freefem3d ezmlm cakephp-scripts aspell-ar ara-byte not+sparc openoffice.org-l10n-nn linux-backports-modules-karmic-generic-pae
    [Show full text]