DOCSLIB.ORG

CIS 228 - UNIX System Administration

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text

Load more

CIS 228 - UNIX System Administration Lab 14: Virtual program execution under LINUX: DOSBox, Windows Emulation (wine), chroot jail, Linux Containers (lxc), KVM/ Xen, VirtualBox DOS Compatibility Tools Read man page on mtools, dos2unix, unix2dos. Running DOS under LINUX: DOSBOX (DOSEMU is no longer supported) 1) Mount /dev/sda1 as a R/O NTFS drive at /mnt/Windows 2) yum install dosbox 3) Start DOSBox 4) mount c /root 5) c: , z: 6) mount d /mnt/cdrom 7) Insert a DVD into the CDROM drive mounted as /mnt/cdrom 8) d: , z: 9) exit Running Windows Emulation (WINE) under LINUX 10) Install all WINE packages (yum install wine or from DVD) 11) Run winecfg. Does anything unusual occur? 12) Under Drives, run autodetect. See what appears 13) Find wordpad.exe under /mnt/Windows 14) Copy wordpad.exe and msfc*.dll to ~/.wine/windows 15) From a terminal session: cd ~/.wine/drive_c/windows, run: wine wordpad.exe 16) Go to Applications/Wine/wine configuration 17) Add wordpad.exe as Windows 2000 application 18) Right click on Applications, go to Wine, Add wordpad.exe from Browse Tab 19) Copy putty.exe and add it to the Wine Menu \ 20) Copy putty.exe, go to Win File and run it. Add it to the Wine menu Related commands: wine, winecfg, CIS 228 - UNIX System Administration Standard Chroot Jail (Fedora) Creating a chroot jail, as root, give the command: /usr/sbin/chroot <directory> <command>. The directory becomes the root directory, and the process attempts to run the default shell. 21) To create an ordinary user chroot jail, as ROOT: useradd user8 passwd user8 22) Create jailed directories: cd /home/user8 mkdir /home/user8/etc mkdir /home/user8/dev mkdir /home/user8/bin mkdir /home/user8/lib mkdir /home/user8/lib64 (64 bit omage) ls –al (Note root ownership) 23) Change ownership to the ordinary user: chown user8 * ls –al (note user8 ownership) 24) Determine which utilities the chroot jail needs. Copy the appropriate binaries and their .so libraries ( as listed by the ldd command) into the jail. Below displays will be /lib for 32 bit /lib64 for 64 bit image. Substitute as necessary. cp /bin/ls ./bin cp /bin/bash ./bin cp /bin/echo ./bin ldd /bin/ls linux-gate.so.1 => (0xb77b6000) libselinux.so.1 => /lib64/libselinux.so.1 (0x46af0000) librt.so.1 => /lib64/librt.so.1 (0x46967000) libcap.so.2 => /lib64/libcap.so.2 (0x46cba000) libacl.so.1 => /lib64/libacl.so.1 (0x47837000) libc.so.6 => /lib64/libc.so.6 (0x467b6000) libdl.so.2 => /lib64/libdl.so.2 (0x46960000) /lib64/ld-linux.so.2 (0x46794000) libpthread.so.0 => /lib64/libpthread.so.0 (0x46944000) libattr.so.1 => /lib64/libattr.so.1 (0x477f6000) ldd /bin/bash linux-gate.so.1 => (0xb770e000) libtinfo.so.5 => /lib64/libtinfo.so.5 (0x480ad000) libdl.so.2 => /lib64/libdl.so.2 (0x46960000) libgcc_s.so.1 => /lib64/libgcc_s.so.1 (0x469b6000) libc.so.6 => /lib64/libc.so.6 (0x467b6000) /lib64/ld-linux.so.2 (0x46794000) ldd /bin/echo linux-gate.so.1 => (0xb7790000) libc.so.6 => /lib64/libc.so.6 (0x467b6000) /lib64/ld-linux.so.2 (0x46794000) list="$(ldd /bin/ls | egrep -o '/lib.*\.[0-9]')" for i in $list; do cp -v "$i" ./lib64; done 25) Run the process from chroot: chroot /home/user8 /bin/ls bin dev etc lib chroot /home/user8 /bin/echo hi there hi there 26) As an ordinary user: exit (root) su - user8 pwd chroot /home/user8 /bin/ls ... chroot: cannot change root directory to /home/user8: Operation not permitted 27) As root: su -c "chroot /home/user8 /bin/ls" You can also automate the process for user8 login. However chroot jails are less common than before, most daemon processes come with their own “chroot jail” procedures – Apache, BIND, SSH, etc. and are application specific. CIS 228 - UNIX System Administration Running Linux Application Containers (lxc) - (similar to BSD “chroot jail” OR Solaris zones”) Ubunti 16.04 LTS procedure. Install the software: 28) apt-get install lxc lxc-templates lxc-extra debootstrap libvirt perl gpg 29) lxc-create -t download -n ubuntu-c1 -- -d ubuntu -r xenial -a amd64 30) chroot /var/lib64/lxc/ubuntu-c1/rootfs/ passwd ubuntu (set password for ubuntu id) 31) chroot /var/lib64/lxc/ubuntu-c1/rootfs/ passwd (lock out root) 32) lxc-start -n ubuntu-c1 33) lxc-console -n ubuntu-c1 34) apt-get install openssh-server (inside lxc) 35) lxc-info -n ubuntu-c1 36) lxc-ps 37) To exit from lxc-console type Ctrl+a q to exit the console session and back to the host. Fedora 25 procedure: 38) dnf install lxc lxc-templates lxc-extra debootstrap libvirt perl gpg 39) sudo systemctl start libvirtd.service 40) systemctl start lxc.service 41) systemctl enable lxc.service 42) systemctl status libvirtd.service 43) systemctl status lxc.service 44) brctl show 45) vi /etc/lxc/default.conf lxc.network.type = veth lxc.network.link = virbr0 lxc.network.flags = up lxc.network.hwaddr = 00:16:3e:xx:xx:xx 46) systemctl status libvirtd.service | grep range 47) lxc-checkconfig 48) lxc-create -t download -n ubuntu-c1 -- -d ubuntu -r xenial -a amd64 49) chroot /var/lib/lxc/ubuntu-c1/rootfs/ passwd ubuntu 50) chroot /var/lib/lxc/ubuntu-c1/rootfs/ passwd 51) lxc-start -n ubuntu-c1 52) lxc-console -n ubuntu-c1 Others: lxc-create -t download -n debian-c1 -- -d debian -r stretch -a amd64 chroot /var/lib64/lxc/debian-c1/rootfs/ passwd lxc-start -n debian-c1 lxc-console -n debian-c1 lxc-create -t download -n centos-c1 -- -d centos -r 7 -a amd64 chroot /var/lib64/lxc/centos-c1/rootfs/ passwd $ sudo lxc-start -n centos-c1 $ lxc-console -n centos-c1 lxc-create -t download -n fedora-c1 -- -d fedora -r 25 -a amd64 chroot /var/lib64/lxc/fedora-c1/rootfs/ passwd $ sudo lxc-start -n fedora-c1 $ lxc-console -n fedora-c1 Running Kernel Virtual Machines (kvm) 53) yum install kvm virt-manager virt-viewer libvirt libvirt-python virtinst gnome-applet-vm 54) service libvirtd start 55) virt-manager 56) Right click on localhost 57) New, Install from media 58) Start OS from virt-manager 59) Running VirtualBOX (Oracle) 60) cd /etc/yum.repos.d/ 61) wget http://download.virtualbox.org/virtualbox/rpm/<fedora> or <rhel>/virtualbox.repo 62) yum check-update 63) yum install gcc kernel-<PAE->devel kernel-headers 64) KERN_DIR=/usr/src/kernels/`uname –r` …Add –`uname –m` for RHEL 65) Export KERN_DIR 66) yum install VirtualBox-3.2 o4 4.0 67) usermod -a -G vboxusers user1 68) Run virtualbox from command line or use menu selection. Install Ubuntu. Running Xen (LINUX Hypervisor) See: https://major.io/2013/06/02/installing-the-xen-hypervisor-on-fedora-19/ 50) yum -y install xen xen-hypervisor xen-libs xen-runtime chkconfig xend on chkconfig xendomains on 51) reboot, verify that Xen is running: # xm dmesg | head 52) Start tools and daemoons yum -y install virt-manager dejavu* xorg-x11-xauth yum -y install libvirt-daemon-driver-network libvirt-daemon-driver-storage libvirt-daemon-xen chkconfig libvirtd on service libvirtd start 53) ssh -X hypervisor.mydomain.com and run virt-manager. 54) yum -y install libvirt-daemon-config-network libvirt-daemon-config-nwfilter service libvirtd restart See http://wiki.xen.org/xenwiki/Xen4.0 See http://wiki.xen.org/xenwiki/Fedora13Xen4Tutorial Discuss: Virtualization Issues Docker Containers Fedora 28 method: 55) install docker dnf -y install dnf-plugins-core dnf config-manager --add-repo https://download.docker.com/linux/fedora/docker-ce.repo dnf config-manager --set-enabled docker-ce-edge dnf config-manager --set-enabled docker-ce-test dnf install docker-ce 56) Start docker systemctl start docker.service -OR- service docker start systemctl enable docker (to start at boot) systemctl disable docker docker run hello-world Previous Fedora method Sign up at hub.docker.com dnf install docker dnf install docker-latest dnf install docker* dnf install docker-latest* systemctl start docker systemctl enable docker (to start at boot) systemctl disable docker docker run hello-world 57) Run another image docker pull ubuntu docker run -it ubuntu /bin/sh; exit 58) Docker basics: docker ps ... display running containers docker ps -a ... display container run history docker version docker info docker images ... search local images docker search {os} ... search available images docker pull {image} docker run -it {image} cmd docker exec -it {image} bash docker commit (after changes) docker logs Install Terminal interface dnf install sen 59) Configure Docker: /etc/sysconfig/docker 60) Roll your own In a directory: nano Dockerfile FROM ubuntu:latest CMD env Build the image docker build -t "my-image" . (NOTE THE PERIOND AT THE END!) docker run -it my-image bash Add a user to the Docker control group groupadd docker && sudo gpasswd -a user1 docker && sudo systemctl restart docker newgrp docker Docker resources: https://us.pycon.org/2016/site_media/media/tutorial_handouts/DockerSlides.pdf https://docker-curriculum.com/ https://resources.sei.cmu.edu/asset_files/Presentation/2017_017_001_497378.pdf https://www.ibm.com/developerworks/community/forums/ajax/download/ea016f75-37a3-454a-87e3- 0450d3bb4273/b3f5c675-1449-4160-959f-6b15f46e2c93/IBM%20Services%20Asset%20- %20Open%20Table%20-%20Intro%20to%20Docker%20Containers.pdf https://media.readthedocs.org/pdf/intro-docker-lab-f5-iscfy17/latest/intro-docker-lab-f5-iscfy17.pdf See also: Ubuntu Docker installation. .
Recommended publications
  • QEMU Version 2.10.2 User Documentation I

    QEMU Version 2.10.2 User Documentation I

    QEMU version 2.10.2 User Documentation i Table of Contents 1 Introduction ::::::::::::::::::::::::::::::::::::: 1 1.1 Features :::::::::::::::::::::::::::::::::::::::::::::::::::::::: 1 2 QEMU PC System emulator ::::::::::::::::::: 2 2.1 Introduction :::::::::::::::::::::::::::::::::::::::::::::::::::: 2 2.2 Quick Start::::::::::::::::::::::::::::::::::::::::::::::::::::: 2 2.3 Invocation :::::::::::::::::::::::::::::::::::::::::::::::::::::: 3 2.3.1 Standard options :::::::::::::::::::::::::::::::::::::::::: 3 2.3.2 Block device options ::::::::::::::::::::::::::::::::::::::: 9 2.3.3 USB options:::::::::::::::::::::::::::::::::::::::::::::: 19 2.3.4 Display options ::::::::::::::::::::::::::::::::::::::::::: 19 2.3.5 i386 target only::::::::::::::::::::::::::::::::::::::::::: 26 2.3.6 Network options :::::::::::::::::::::::::::::::::::::::::: 27 2.3.7 Character device options:::::::::::::::::::::::::::::::::: 35 2.3.8 Device URL Syntax::::::::::::::::::::::::::::::::::::::: 39 2.3.9 Bluetooth(R) options ::::::::::::::::::::::::::::::::::::: 42 2.3.10 TPM device options ::::::::::::::::::::::::::::::::::::: 42 2.3.11 Linux/Multiboot boot specific ::::::::::::::::::::::::::: 43 2.3.12 Debug/Expert options ::::::::::::::::::::::::::::::::::: 44 2.3.13 Generic object creation :::::::::::::::::::::::::::::::::: 52 2.4 Keys in the graphical frontends :::::::::::::::::::::::::::::::: 58 2.5 Keys in the character backend multiplexer ::::::::::::::::::::: 58 2.6 QEMU Monitor ::::::::::::::::::::::::::::::::::::::::::::::: 59 2.6.1 Commands :::::::::::::::::::::::::::::::::::::::::::::::
  • Making Linux Protection Mechanisms Egalitarian with Userfs

    Making Linux Protection Mechanisms Egalitarian with Userfs

    Making Linux Protection Mechanisms Egalitarian with UserFS Taesoo Kim and Nickolai Zeldovich MIT CSAIL ABSTRACT firewall rules, forcing applications to invent their own UserFS provides egalitarian OS protection mechanisms protection techniques like system call interposition [15], in Linux. UserFS allows any user—not just the system binary rewriting [30] or analysis [13, 45], or interposing administrator—to allocate Unix user IDs, to use chroot, on system accesses in a language runtime like Javascript. and to set up firewall rules in order to confine untrusted This paper presents the design of UserFS, a kernel code. One key idea in UserFS is representing user IDs as framework that allows any application to use traditional files in a /proc-like file system, thus allowing applica- OS protection mechanisms on a Unix system, and a proto- tions to manage user IDs like any other files, by setting type implementation of UserFS for Linux. UserFS makes permissions and passing file descriptors over Unix do- protection mechanisms egalitarian, so that any user—not main sockets. UserFS addresses several challenges in just the system administrator—can allocate new user IDs, making user IDs egalitarian, including accountability, re- set up firewall rules, and isolate processes using chroot. source allocation, persistence, and UID reuse. We have By using the operating system’s own protection mecha- ported several applications to take advantage of UserFS; nisms, applications can avoid race conditions and ambi- by changing just tens to hundreds of lines of code, we guities associated with system call interposition [14, 43], prevented attackers from exploiting application-level vul- can confine existing code without having to recompile or nerabilities, such as code injection or missing ACL checks rewrite it in a new language, and can enforce a coherent in a PHP-based wiki application.
  • Sandboxing 2 Change Root: Chroot()

    Sandboxing 2 Change Root: Chroot()

    Sandboxing 2 Change Root: chroot() Oldest Unix isolation mechanism Make a process believe that some subtree is the entire file system File outside of this subtree simply don’t exist Sounds good, but. Sandboxing 2 2 / 47 Chroot Sandboxing 2 3 / 47 Limitations of Chroot Only root can invoke it. (Why?) Setting up minimum necessary environment can be painful The program to execute generally needs to live within the subtree, where it’s exposed Still vulnerable to root compromise Doesn’t protect network identity Sandboxing 2 4 / 47 Root versus Chroot Suppose an ordinary user could use chroot() Create a link to the sudo command Create /etc and /etc/passwd with a known root password Create links to any files you want to read or write Besides, root can escape from chroot() Sandboxing 2 5 / 47 Escaping Chroot What is the current directory? If it’s not under the chroot() tree, try chdir("../../..") Better escape: create device files On Unix, all (non-network) devices have filenames Even physical memory has a filename Create a physical memory device, open it, and change the kernel data structures to remove the restriction Create a disk device, and mount a file system on it. Then chroot() to the real root (On Unix systems, disks other than the root file system are “mounted” as a subtree somewhere) Sandboxing 2 6 / 47 Trying Chroot # mkdir /usr/sandbox /usr/sandbox/bin # cp /bin/sh /usr/sandbox/bin/sh # chroot /usr/sandbox /bin/sh chroot: /bin/sh: Exec format error # mkdir /usr/sandbox/libexec # cp /libexec/ld.elf_so /usr/sandbox/libexec # chroot /usr/sandbox
  • The Linux Command Line

    The Linux Command Line

    The Linux Command Line Fifth Internet Edition William Shotts A LinuxCommand.org Book Copyright ©2008-2019, William E. Shotts, Jr. This work is licensed under the Creative Commons Attribution-Noncommercial-No De- rivative Works 3.0 United States License. To view a copy of this license, visit the link above or send a letter to Creative Commons, PO Box 1866, Mountain View, CA 94042. A version of this book is also available in printed form, published by No Starch Press. Copies may be purchased wherever fine books are sold. No Starch Press also offers elec- tronic formats for popular e-readers. They can be reached at: https://www.nostarch.com. Linux® is the registered trademark of Linus Torvalds. All other trademarks belong to their respective owners. This book is part of the LinuxCommand.org project, a site for Linux education and advo- cacy devoted to helping users of legacy operating systems migrate into the future. You may contact the LinuxCommand.org project at http://linuxcommand.org. Release History Version Date Description 19.01A January 28, 2019 Fifth Internet Edition (Corrected TOC) 19.01 January 17, 2019 Fifth Internet Edition. 17.10 October 19, 2017 Fourth Internet Edition. 16.07 July 28, 2016 Third Internet Edition. 13.07 July 6, 2013 Second Internet Edition. 09.12 December 14, 2009 First Internet Edition. Table of Contents Introduction....................................................................................................xvi Why Use the Command Line?......................................................................................xvi
  • Virtualization Technologies Overview Course: CS 490 by Mendel

    Virtualization Technologies Overview Course: CS 490 by Mendel

    Virtualization technologies overview Course: CS 490 by Mendel Rosenblum Name Can boot USB GUI Live 3D Snaps Live an OS on mem acceleration hot of migration another ory runnin disk alloc g partition ation system as guest Bochs partially partially Yes No Container s Cooperati Yes[1] Yes No No ve Linux (supporte d through X11 over networkin g) Denali DOSBox Partial (the Yes No No host OS can provide DOSBox services with USB devices) DOSEMU No No No FreeVPS GXemul No No Hercules Hyper-V iCore Yes Yes No Yes No Virtual Accounts Imperas Yes Yes Yes Yes OVP (Eclipse) Tools Integrity Yes No Yes Yes No Yes (HP-UX Virtual (Integrity guests only, Machines Virtual Linux and Machine Windows 2K3 Manager in near future) (add-on) Jail No Yes partially Yes No No No KVM Yes [3] Yes Yes [4] Yes Supported Yes [5] with VMGL [6] Linux- VServer LynxSec ure Mac-on- Yes Yes No No Linux Mac-on- No No Mac OpenVZ Yes Yes Yes Yes No Yes (using Xvnc and/or XDMCP) Oracle Yes Yes Yes Yes Yes VM (manage d by Oracle VM Manager) OVPsim Yes Yes Yes Yes (Eclipse) Padded Yes Yes Yes Cell for x86 (Green Hills Software) Padded Yes Yes Yes No Cell for PowerPC (Green Hills Software) Parallels Yes, if Boot Yes Yes Yes DirectX 9 Desktop Camp is and for Mac installed OpenGL 2.0 Parallels No Yes Yes No partially Workstati on PearPC POWER Yes Yes No Yes No Yes (on Hypervis POWER 6- or (PHYP) based systems, requires PowerVM Enterprise Licensing) QEMU Yes Yes Yes [4] Some code Yes done [7]; Also supported with VMGL [6] QEMU w/ Yes Yes Yes Some code Yes kqemu done [7]; Also module supported
  • SUSE Linux Enterprise Server 12 Does Not Provide the Repair System Anymore

    SUSE Linux Enterprise Server 12 Does Not Provide the Repair System Anymore

    General System Troubleshooting Sascha Wehnert Premium Service Engineer Attachmate Group Germany GmbH [email protected] What is this about? • This session will cover the following topics: ‒ How to speed up a service request ‒ How to gather system information using supportconfig ‒ Configure serial console in grub to trace kernel boot messages ‒ Accessing a non booting systems using the rescue system ‒ System crash situations and how to prepare (i586/x86_64 only) 2 The challenge of a service request • Complete service request description: “We need to increase our disk space.” 3 The challenge of a service request • Which SUSE® Linux Enterprise Server version? • Is this a physical or virtual environment? • If virtual, what virtualization solution is being used? • If physical, local SCSI RAID array? What hardware? • If using HBAs, dm-multipathing or iSCSI connected disks or a 3rd party solution? • Disk and system partition layout? • What has been done so far? What was achieved? What failed? • What information do I need in order to help? 4 What information would be needed? • SUSE Linux Enterprise Server version → /etc/SuSE-release, uname -a • Physical → dmidecode XEN → /proc/xen/xsd_port KVM → /proc/modules • Hardware information → hwinfo • Partition information → parted -l, /etc/fstab • Multipathing/iSCSI → multipath, iscsiadm • Console output or /var/log/YaST2/y2log in case YaST2 has been used 5 supportconfig • Since SUSE Linux Enterprise Server 10 SP4 included in default installation. • Maintained package, updates available via patch channels. For best results always have latest version installed from channels installed. • One single command to get (almost) everything. • Splits data into files separated by topic. • Can be modified to exclude certain data, either via /etc/supportconfig.conf or command options.
  • Scripting in Axis Network Cameras and Video Servers

    Scripting in Axis Network Cameras and Video Servers

    Scripting in Axis Network Cameras and Video Servers Table of Contents 1 INTRODUCTION .............................................................................................................5 2 EMBEDDED SCRIPTS ....................................................................................................6 2.1 PHP .....................................................................................................................................6 2.2 SHELL ..................................................................................................................................7 3 USING SCRIPTS IN AXIS CAMERA/VIDEO PRODUCTS ......................................8 3.1 UPLOADING SCRIPTS TO THE CAMERA/VIDEO SERVER:...................................................8 3.2 RUNNING SCRIPTS WITH THE TASK SCHEDULER...............................................................8 3.2.1 Syntax for /etc/task.list.....................................................................................................9 3.3 RUNNING SCRIPTS VIA A WEB SERVER..............................................................................11 3.3.1 To enable Telnet support ...............................................................................................12 3.4 INCLUDED HELPER APPLICATIONS ..................................................................................13 3.4.1 The image buffer - bufferd........................................................................................13 3.4.2 sftpclient.........................................................................................................................16
  • Comparison of Platform Virtual Machines - Wikipedia

    Comparison of Platform Virtual Machines - Wikipedia

    Comparison of platform virtual machines - Wikipedia... http://en.wikipedia.org/wiki/Comparison_of_platform... Comparison of platform virtual machines From Wikipedia, the free encyclopedia The table below compares basic information about platform virtual machine (VM) packages. Contents 1 General Information 2 More details 3 Features 4 Other emulators 5 See also 6 References 7 External links General Information Name Creator Host CPU Guest CPU Bochs Kevin Lawton any x86, AMD64 CHARON-AXP Stromasys x86 (64 bit) DEC Alphaserver CHARON-VAX Stromasys x86, IA-64 VAX x86, x86-64, SPARC (portable: Contai ners (al so 'Zones') Sun Microsystems (Same as host) not tied to hardware) Dan Aloni helped by other Cooperati ve Li nux x86[1] (Same as parent) developers (1) Denal i University of Washington x86 x86 Peter Veenstra and Sjoerd with DOSBox any x86 community help DOSEMU Community Project x86, AMD64 x86 1 of 15 10/26/2009 12:50 PM Comparison of platform virtual machines - Wikipedia... http://en.wikipedia.org/wiki/Comparison_of_platform... FreeVPS PSoft (http://www.FreeVPS.com) x86, AMD64 compatible ARM, MIPS, M88K GXemul Anders Gavare any PowerPC, SuperH Written by Roger Bowler, Hercul es currently maintained by Jay any z/Architecture Maynard x64 + hardware-assisted Hyper-V Microsoft virtualization (Intel VT or x64,x86 AMD-V) OR1K, MIPS32, ARC600/ARC700, A (can use all OVP OVP Imperas [1] [2] Imperas OVP Tool s x86 (http://www.imperas.com) (http://www.ovpworld compliant models, u can write own to pu OVP APIs) i Core Vi rtual Accounts iCore Software
  • Guidance on Sftp Chroot Access

    Guidance on Sftp Chroot Access

    Guidance On Sftp Chroot Access How comedic is Husein when tuberculose and untumbled Horace tango some bedstraw? Fucoid Sutherland revenge troubledly and alow, she regives her canvassing unfree unrecognisable. Sayer remains owlish: she phlebotomises her slaister distaste too glowingly? The server performs a chroot2 command to visit home loss of the ftp user. 13 2006 World Meteorological Organization WMO Guide to use of FTP and. Using sftp 199 Setting Permissions for File Uploads 200 244. CVE-2021-1145 A vulnerability in house Secure FTP SFTP of Cisco StarOS for Cisco. Match group yourgroupname ChrootDirectory home X11Forwarding no. Chroot A Linux command used to trace the root before It so often used for sandboxing. The Debian Administrator's Handbook. Selinux context to access on using ecr is to execute permissions of this is. Be replaced by sftp if possible ftp sftp access should be chrooted to. Both rsh and ssh require some coordination between the client and server. If you guidance on sftp chroot access is guidance on ams managed microsoft azure to chroot enforcements on. Are we in a chrooted jail and cannot access the hum system directly. Uses a Linux concept began as CHROOT to physically isolate each SFTP user to a violent part error the filesystem Thus art is lawn for an SFTP user to book another user's data. The file systems serving malware or are required so multiple queues and sftp on volatile data corruption, as having a long as efficiently run a long. The CA Access Control documentation uses the following file location. Guide following the Secure Configuration of another Hat Enterprise Linux.
  • The Linux Command Line

    The Linux Command Line

    The Linux Command Line Second Internet Edition William E. Shotts, Jr. A LinuxCommand.org Book Copyright ©2008-2013, William E. Shotts, Jr. This work is licensed under the Creative Commons Attribution-Noncommercial-No De- rivative Works 3.0 United States License. To view a copy of this license, visit the link above or send a letter to Creative Commons, 171 Second Street, Suite 300, San Fran- cisco, California, 94105, USA. Linux® is the registered trademark of Linus Torvalds. All other trademarks belong to their respective owners. This book is part of the LinuxCommand.org project, a site for Linux education and advo- cacy devoted to helping users of legacy operating systems migrate into the future. You may contact the LinuxCommand.org project at http://linuxcommand.org. This book is also available in printed form, published by No Starch Press and may be purchased wherever fine books are sold. No Starch Press also offers this book in elec- tronic formats for most popular e-readers: http://nostarch.com/tlcl.htm Release History Version Date Description 13.07 July 6, 2013 Second Internet Edition. 09.12 December 14, 2009 First Internet Edition. 09.11 November 19, 2009 Fourth draft with almost all reviewer feedback incorporated and edited through chapter 37. 09.10 October 3, 2009 Third draft with revised table formatting, partial application of reviewers feedback and edited through chapter 18. 09.08 August 12, 2009 Second draft incorporating the first editing pass. 09.07 July 18, 2009 Completed first draft. Table of Contents Introduction....................................................................................................xvi
  • LIFE Packages

    LIFE Packages

    LIFE packages Index Office automation Desktop Internet Server Web developpement Tele centers Emulation Health centers Graphics High Schools Utilities Teachers Multimedia Tertiary schools Programming Database Games Documentation Internet - Firefox - Browser - Epiphany - Nautilus - Ftp client - gFTP - Evolution - Mail client - Thunderbird - Internet messaging - Gaim - Gaim - IRC - XChat - Gaim - VoIP - Skype - Videomeeting - Gnome meeting - GnomeBittorent - P2P - aMule - Firefox - Download manager - d4x - Telnet - Telnet Web developpement - Quanta - Bluefish - HTML editor - Nvu - Any text editor - HTML galerie - Album - Web server - XAMPP - Collaborative publishing system - Spip Desktop - Gnome - Desktop - Kde - Xfce Graphics - Advanced image editor - The Gimp - KolourPaint - Simple image editor - gPaint - TuxPaint - CinePaint - Video editor - Kino - OpenOffice Draw - Vector vraphics editor - Inkscape - Dia - Diagram editor - Kivio - Electrical CAD - Electric - 3D modeller/render - Blender - CAD system - QCad Utilities - Calculator - gCalcTool - gEdit - gxEdit - Text editor - eMacs21 - Leafpad - Application finder - Xfce4-appfinder - Desktop search tool - Beagle - File explorer - Nautilus -Archive manager - File-Roller - Nautilus CD Burner - CD burner - K3B - GnomeBaker - Synaptic - System updates - apt-get - IPtables - Firewall - FireStarter - BackupPC - Backup - Amanda - gnome-terminal - Terminal - xTerm - xTerminal - Scanner - Xsane - Partition editor - gParted - Making image of disks - Partitimage - Mirroring over network - UDP Cast
  • Pipenightdreams Osgcal-Doc Mumudvb Mpg123-Alsa Tbb

    Pipenightdreams Osgcal-Doc Mumudvb Mpg123-Alsa Tbb

    pipenightdreams osgcal-doc mumudvb mpg123-alsa tbb-examples libgammu4-dbg gcc-4.1-doc snort-rules-default davical cutmp3 libevolution5.0-cil aspell-am python-gobject-doc openoffice.org-l10n-mn libc6-xen xserver-xorg trophy-data t38modem pioneers-console libnb-platform10-java libgtkglext1-ruby libboost-wave1.39-dev drgenius bfbtester libchromexvmcpro1 isdnutils-xtools ubuntuone-client openoffice.org2-math openoffice.org-l10n-lt lsb-cxx-ia32 kdeartwork-emoticons-kde4 wmpuzzle trafshow python-plplot lx-gdb link-monitor-applet libscm-dev liblog-agent-logger-perl libccrtp-doc libclass-throwable-perl kde-i18n-csb jack-jconv hamradio-menus coinor-libvol-doc msx-emulator bitbake nabi language-pack-gnome-zh libpaperg popularity-contest xracer-tools xfont-nexus opendrim-lmp-baseserver libvorbisfile-ruby liblinebreak-doc libgfcui-2.0-0c2a-dbg libblacs-mpi-dev dict-freedict-spa-eng blender-ogrexml aspell-da x11-apps openoffice.org-l10n-lv openoffice.org-l10n-nl pnmtopng libodbcinstq1 libhsqldb-java-doc libmono-addins-gui0.2-cil sg3-utils linux-backports-modules-alsa-2.6.31-19-generic yorick-yeti-gsl python-pymssql plasma-widget-cpuload mcpp gpsim-lcd cl-csv libhtml-clean-perl asterisk-dbg apt-dater-dbg libgnome-mag1-dev language-pack-gnome-yo python-crypto svn-autoreleasedeb sugar-terminal-activity mii-diag maria-doc libplexus-component-api-java-doc libhugs-hgl-bundled libchipcard-libgwenhywfar47-plugins libghc6-random-dev freefem3d ezmlm cakephp-scripts aspell-ar ara-byte not+sparc openoffice.org-l10n-nn linux-backports-modules-karmic-generic-pae