|
|
Sponsored Content
Top Forums
UNIX for Dummies Questions & Answers
/etc/hosts
Post 34930 by tamemi on Saturday 22nd of March 2003 04:42:18 AM
03-22-2003
/etc/hosts
|
|
10 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
Hi!
Im trying to use host.allow & host.deny to resrtic access to my sun machine, but it doesnt seem to work... I want to allow full access from certain IPīs (ssh,http,ftp,etc...) but deny all kind of conections from outsideworld, the way that im doing that is:
hosts.allow
ALL:127.0.0.1... (2 Replies)
Discussion started by: Sorrento
2 Replies
2. Cybersecurity
I was wondering where in UNIX is file where I can delete hosts that can or ca not access UNIX machine
thanks in advance (1 Reply)
Discussion started by: amon
1 Replies
3. IP Networking
I was wondering where in UNIX is file where I can delete hosts that can or ca not access UNIX machine
thanks in advance (5 Replies)
Discussion started by: amon
5 Replies
4. UNIX for Dummies Questions & Answers
Hello everyone,
This is my first posts and I did search for a questions but did not find a question that answered my question unless of course I overlooked it.
I'm running Solaris 8. I use ssh for the users but I have a user called "chatterbox" that uses telnet but I need for chatterbox to... (1 Reply)
Discussion started by: huddlestonsnk
1 Replies
5. UNIX for Dummies Questions & Answers
Hello,
where can I get complete specification for /etc/hosts? I found a lot of snippets but nothing where the format of file is completely written (I'm especially interested in comments in /etc/hosts)
Thank you for help! (3 Replies)
Discussion started by: MartyIX
3 Replies
6. IP Networking
Hello everyone.
Im using last redhat enterprise edition and in my working environment, i'm always reconfiguring both interfaces , eth0 and eth1, everytime i change any interface, (i use ifconfig to change ip, and after i execute "/etc/init.d/network restart") my "/etc/hosts" file... (9 Replies)
Discussion started by: trutoman
9 Replies
7. UNIX for Dummies Questions & Answers
Ive change /etc/hosts many times but it reverts to the previous setting automatically. Ive restarted the server after the edit. Any ideas what im doing wrong
Previous /etc/hosts
127.0.0.1 localhost.localdomain localhost
# Auto-generated hostname. Please do not remove this... (3 Replies)
Discussion started by: wizecho
3 Replies
8. AIX
hi all
just installed the netsec.options.tcpwrapper from expansion pack, which used to be a rpm, for my aix 6.1 test box.
it is so unpredictable. i set up the hosts.deny as suggested for all and allow the sshd for specific ip addresses/hostnames.
the tcpdchk says the hosts allowed and... (0 Replies)
Discussion started by: wf201626
0 Replies
9. UNIX for Dummies Questions & Answers
Hi there,
For /etc/hosts.deny was it used to deny access from the internet? (2 Replies)
Discussion started by: alvinoo
2 Replies
10. Solaris
Am trying to copy a tar file onto a series of remote hosts and untar it at the destination. Need to do this without having to do multiple ssh.
Actions to perform within a single ssh session via shell script
- copy a file
- untar at destination (remote host)
OS : Linux RHEL6 (3 Replies)
Discussion started by: sankasu
3 Replies
LEARN ABOUT LINUX
mod_apparmor
MOD_APPARMOR(8) AppArmor MOD_APPARMOR(8) NAME
mod_apparmor - fine-grained AppArmor confinement for Apache DESCRIPTION
An AppArmor profile applies to an executable program; if a portion of the program needs different access permissions than other portions, the program can "change hats" via aa_change_hat(2) to a different role, also known as a subprofile. The mod_apparmor Apache module uses the aa_change_hat(2) mechanism to offer more fine-grained confinement of dynamic elements within Apache such as individual php and perl scripts, while still allowing the performance benefits of using mod_php and mod_perl. To use mod_apparmor with Apache, ensure that mod_apparmor is configured to be loaded into Apache, either via a2enmod, yast or manual editing of the apache2(8)/httpd(8) configuration files, and restart Apache. Make sure that apparmor is also functioning. Once mod_apparmor is loaded within Apache, all requests to Apache will cause mod_apparmor to attempt to change into a hat named by the URI (e.g. /app/some.cgi). If no such hat is found, it will fall back to attempting to use the hat DEFAULT_URI; if that also does not exist, it will fall back to using the global Apache profile. Most static web pages can simply make use of the DEFAULT_URI hat. Additionally, before any requests come in to Apache, mod_apparmor will attempt to change hat into the HANDLING_UNTRUSTED_INPUT hat. mod_apparmor will attempt to use this hat while Apache is doing the initial parsing of a given http request, before its given to a specific handler (like mod_php) for processing. Because defining hats for every URI/URL often becomes tedious, mod_apparmor provides the AAHatName and AADefaultHatName Apache configuration options. AAHatName AAHatName allows you to specify a hat to be used for a given Apache <Directory>, <DirectoryMatch>, <Location> or <LocationMatch> directive (see the Apache documenation for more details). Note that mod_apparmor behavior can become confused if <Directory*> and <Location*> directives are intermingled and it is recommended to use one type of directive. If the hat specified by AAHatName does not exist in the Apache profile, then it falls back to the behavior described above. AADefaultHatName AADefaultHatName allows you to specify a default hat to be used for virtual hosts and other Apache server directives, so that you can have different defaults for different virtual hosts. This can be overridden by the AAHatName directive and is checked for only if there isn't a matching AAHatName or hat named by the URI. If the AADefaultHatName hat does not exist, it falls back to the DEFAULT_URI hat if it exists (as described above). URI REQUEST SUMMARY
When profiling with mod_apparmor, it is helpful to keep the following order of operations in mind: On each URI request, mod_apparmor will first aa_change_hat(2) into ^HANDLING_UNTRUSTED_INPUT, if it exists. Then, after performing the initial parsing of the request, mod_apparmor will: 1. try to aa_change_hat(2) into a matching AAHatName hat if it exists and applies, otherwise it will 2. try to aa_change_hat(2) into the URI itself, otherwise it will 3. try to aa_change_hat(2) into an AADefaultHatName hat if it has been defined for the server/vhost, otherwise it will 4. try to aa_change_hat(2) into the DEFAULT_URI hat, if it exists, otherwise it will 5. fall back to the global Apache policy BUGS
mod_apparmor() currently only supports apache2, and has only been tested with the prefork MPM configuration -- threaded configurations of Apache may not work correctly. There are likely other bugs lurking about; if you find any, please report them at <http://https://bugs.launchpad.net/apparmor/+filebug>. SEE ALSO
apparmor(7), subdomain.conf(5), apparmor_parser(8), aa_change_hat(2) and <http://wiki.apparmor.net>. AppArmor 2.7.103 2012-06-28 MOD_APPARMOR(8)