Jump to content


  • Posts

  • Joined

  • Last visited

Everything posted by aioshin

  1. if its ok, can you post the result of ls -l / and ls -l /home just rename your users dir
  2. aioshin

    AVG Icon?

    right click on your desktop, then click create new - link to application - you will have 3 option, eneral - permission - application, on the application - command, enter avggui
  3. try to chmod 755 the /home dir chmod 755 /home then try to chown your $HOME dir chown user.user -R /home/user user is your normal username and see if that helps..
  4. ok, the problem has been solved :D how? its an ACL issue. on my slapd.con, I added the ff: access to attr=userPassword by self write by anonymous auth by dn.base="cn=Manager,dc=duriancity,dc=dvo" write by * none access to * by self write by dn.base="cn=Manager,dc=duriancity,dc=dvo" write by * read Details below for the ACL above, taken from openldap docs - link the on the client box, I change /etc/pam.d/passwd: original file on mandrivaLE2005 #%PAM-1.0 auth required pam_stack.so service=system-auth account required pam_stack.so service=system-auth password required pam_stack.so service=system-auth though with the above input on /etc/pam.d/passwd, the ldap user will be able to change its password using the passwd command but it will prompt to enter the password many times which is not normal... see below [ldapuser1001@nixbox ken]$ passwd Changing password for user ldapuser1001. Enter login(LDAP) password: New UNIX password: Retype new UNIX password: New password: Re-enter new password: LDAP password information changed for ldapuser1001 passwd: all authentication tokens updated successfully. then, i found out by googling that I have to change /etc/pam.d/passwd to something like below: password sufficient pam_ldap.so password required pam_unix.so nullok obscure min=4 max=8 then when ldapuser1001 try to change its password by the passwd command: [ldapuser1001@nixbox ken]$ passwd Changing password for user ldapuser1001. Enter login(LDAP) password: New password: Re-enter new password: LDAP password information changed for ldapuser1001 passwd: all authentication tokens updated successfully. its now behaving normally.. note that its a basic install... no tls, no ssl.. so all ldap traffic uses port 389... and Im really new unto it, so basically, not yet secure :D
  5. here's the ldap.conf on my client mandriva box, part that pertains to ssl # Netscape SDK LDAPS #ssl on # Netscape SDK SSL options #sslpath /etc/ssl/certs/cert7.db # OpenLDAP SSL mechanism # start_tls mechanism uses the normal LDAP port, LDAPS typically 636 #ssl start_tls #ssl on # OpenLDAP SSL options # Require and verify server certificate (yes/no) # Default is to use libldap's default behavior, which can be configured in # /etc/openldap/ldap.conf using the TLS_REQCERT setting. The default for # OpenLDAP 2.0 and earlier is "no", for 2.1 and later is "yes". #tls_checkpeer yes # CA certificates for server certificate verification # At least one of these are required if tls_checkpeer is "yes" #tls_cacertfile /etc/ssl/ca.cert thus are commented, which means, ssl or whatever above has no effect since not in use... thanks ian.. maybe I should ggogle more for an answer
  6. also make sure that ftp users has access to the particular folder, say... /mnt/windows/shared_folder try chown ftpusers -R /mnt/windows/shared_folder then chmod 775 -R /mnt/windows/shared_folder
  7. it wont, I still get this when doin ldappaswd ldap_sasl_interactive_bind_s: Can't contact LDAP server (-1) actually, the server is not yet configured to use ssl... should I have to configure ldap to use ssl first before I can allow users to password change?
  8. ok, I have the LDAP server reside at Centos, and client on Mandriva boxs... I am able to login from the client using the users defined at LDAP server... now I want to allow each LDAP users to change their password by the command passwd but when trying that, it just gave the below error [ldapuser3@nixbox ~]$ passwd Changing password for user ldapuser3. Enter login(LDAP) password: New UNIX password: Retype new UNIX password: New password: Re-enter new password: LDAP password information update failed: Can't contact LDAP server passwd: Permission denied [ldapuser3@nixbox ~]$ ok, here's my /etc/openldap/slapd.conf for add info include /etc/openldap/schema/core.schema include /etc/openldap/schema/cosine.schema include /etc/openldap/schema/inetorgperson.schema include /etc/openldap/schema/nis.schema # Allow LDAPv2 client connections. This is NOT the default. allow bind_v2 loglevel 296 pidfile /var/run/slapd.pid argsfile /var/run/slapd.args # database ldbm suffix "dc=duriancity,dc=dvo" rootdn "cn=ldapadmin,dc=duriancity,dc=dvo" rootpw {SSHA}POzRnaPcqsdffejfefedlacCVNuC7N99J3+u directory /var/lib/ldap/duriancity.dvo mode 0600 # Indices to maintain for this database index objectClass eq,pres index ou,cn,mail,surname,givenname eq,pres,sub index uidNumber,gidNumber,loginShell eq,pres index uid,memberUid eq,pres,sub and here's the entries on client pc's /etc/pam.d/system-auth #/etc/pam.d/system-auth #%PAM-1.0 auth required pam_env.so auth sufficient pam_unix.so auth sufficient pam_ldap.so likeauth nullok use_first_pass auth required pam_deny.so account sufficient pam_unix.so account sufficient pam_ldap.so use_first_pass account required pam_deny.so password required pam_cracklib.so retry=3 minlen=2 dcredit=0 ucredit=0 password sufficient pam_unix.so nullok use_authtok md5 shadow password sufficient pam_ldap.so password required pam_deny.so session optional pam_mkhomedir.so skel=/etc/skel/ umask=0022 session required pam_limits.so session required pam_unix.so session optional pam_ldap.so basically, by the above setup, the Mandriva Box allows local users and LDAP users to Login. . Now, any idea what should I put on my config to allow the user to change their password using the command passwd? TIA!
  9. you need the source of 2.6.12-12mdk-i686 kernel, which is kernel-source-2.6 to install as root: urpmi kernel-source
  10. she can login to yahoo and/or msn using gaim (simultaneoulsly on gaim) or kopete instant messenger.. though gaim, currently have no support on any webcam, I've heard that kopete has a webcam feature.... . kopete is the default IM of Mandy, so it might be already installed.. (internet-chat)
  11. su let you log as root but the path is still under your regular user, while su - let you log as root with all the path of user ROOT... checking kernel ver. at cli.. uname -a
  12. hmmnn.. if it (knoppix) has LinNeighborhood then it allows you to mount smb shared via GUI
  13. try this smbmount // $HOME/your-mountppppoint -o username=user%password
  14. have you tried gparted live.. capable of copying a partition.. though no mondo on it.. http://gparted.sourceforge.net/features.php
  15. yeah, maybe you should turn that off, you only need it if you want it to serve as time server.. say you have other PCs on your network and you want their time to be sync on that BOX..or you want to join the NTP server pool.. but if not... then you may turn it off.. then let the ntpdate do the job
  16. it would be better if you dont run any X application on that server... or maybe after all the configurations or settings to run that server properly, you can then turn off X and KDE and since its a web based, then try to maintain it from remote PC via browser.. unless if you also use the subject as a Desktop...
  17. scheduling ntpdate via cron every hour or maybe every 30 min. is a good idea.. just make sure you got the correct ntp server pool
  18. there are site or linux distro that does'nt have mirrors or happen to have but very few, so they advice to use bitorrent... like xandros.. they usually let you download their community version via bittorent.. but if there are available mirrors for your distro of choice, 'would not rather use it...
  19. maybe OT, but FYI The stuff that you put here are not actually the software you've compiled, these are still sources... if you run the ./configure with out prefixes, the software you've tried to install will go to /usr/local.. or to the default directory the package Makefile has been set.. try to ./configure --help for more options to choose on installing softwre from sources...
  20. 10.2 is the root folder for 2005, so you may add thus inside it, but have to add thus individually
  21. you can untar firefox inside the /usr/local/ dir if you want it to be accessible by all users.. if you want it to be accessible by yourself only, then you can untar it inside your home directory.. then do the ff: . if you want it accessible by all, create a symlink inside /usr/local/bin dir.. as root: cd /usr/local/bin ln -s /usr/local/firefox- that would let you or anyone on that box run firefox by just invoking the command firefox... or create an application shortcut of it on your desktop. . if you like it to be accessible by you only, untarring it in your home dir... then create a bin dir inside your home dir if in'snt exist yet.. you can create it as a regular user since you have full control inside your home dir. mkdir /home/you/bin Note: you is your home dir which is equivalent to your username . then cd /home/you/bin ln -s /home/you/firefox-1.5.05/firefox then same as above mentioned. running the command firefox will lunch firefox 1.5.05 . if you want to remove that firefox-1.5.05.. just delete that directory :D
  22. again make sure you remove the pound sign on this line, since this signifies as commented option..
  23. or if you really want the latest of thus particular packages or software, you may install them from source... if you mean you want to upgrade to latest firefox which is 1.5.05, you can go directly to its website and download it from there.. no need to compile, just untar and ready to run... . other than doing that.. you can also add via easy urpmi the repos such as contrib..and plf, it contains other updated packages.. others to consider... -SoS -MDE just be aware that they are independent packager.
  24. try to remove kat from your system... as root on a konsole urpme kat or for gui drakrpm-remove then search for kat, if you search on this board, kat usually causes the slo down.... so you are using dial-up... since you dont need ethernet interface, you may disable those via MCC.. the logs shows that the modem or might be KPPP has not been confirgured properly, try to reconfigure that via kppp interface...maybe some default options should be change..
  • Create New...