Urza9814 Posted July 21, 2006 Report Share Posted July 21, 2006 I have all my music stored on a windoze drive, so instead of copying it all over, I just run it straight from /mnt/winE. But after a while (half hour to an hour I believe), the permissions on /mnt get reset, and it says it can't find the files until I do a 'chmod 777 /mnt' Anyone know how to make it stop resetting the permissions? I have permission to everything under the winE folder and stuff, but I need read permission for /mnt too, which won't stay. [moved from Software by spinynorman] Quote Link to comment Share on other sites More sharing options...
tyme Posted July 21, 2006 Report Share Posted July 21, 2006 what's the line in your /etc/fstab for the win partition look like? Quote Link to comment Share on other sites More sharing options...
Urza9814 Posted July 21, 2006 Author Report Share Posted July 21, 2006 /dev/hda6 /mnt/winE vfat umask=0022,user,codepage=850,iocharset=iso8859-1 0 0 I don't think it's a problem with the partition...I don't have to mess with that at all, I just have to chmod /mnt....but hey, of course I dunno what's wrong, that's why I'm asking you :P Quote Link to comment Share on other sites More sharing options...
tyme Posted July 21, 2006 Report Share Posted July 21, 2006 what msec are you running at? Quote Link to comment Share on other sites More sharing options...
Urza9814 Posted July 21, 2006 Author Report Share Posted July 21, 2006 well...I dunno what msec is...I googled it, found this: http://linux.about.com/cs/linux101/g/msec.htm so I'm assuming you mean what security level did I choose during the install....I kinda thought that might be a problem..um....I did 'paranoid'...because I am paranoid, and that's what I always choose and it's never been a problem...I did notice the message saying you wouldn't be able to access windows drives, but the only setting that didn't have that was 'standard', and I didn't wanna go that low (I do run several servers off my computer sometimes, so....) Quote Link to comment Share on other sites More sharing options...
aioshin Posted July 21, 2006 Report Share Posted July 21, 2006 the resetting of that permission was due to MSEC, msec runs a cron job that change thus world writable files back to its default, so to ovecome that, you may try to change some settings there.. you can lunch as root in your console draksec and change something there.. Quote Link to comment Share on other sites More sharing options...
Urza9814 Posted July 21, 2006 Author Report Share Posted July 21, 2006 ah, that's quite helpful. Thanks :) Quote Link to comment Share on other sites More sharing options...
ianw1974 Posted July 21, 2006 Report Share Posted July 21, 2006 My lines in fstab for Windows based partitions read: /dev/hda1 /mnt/windows ntfs umask=0 whilst this is for ntfs, the umask=0 would most likely do the trick. If I change this to someone else, I have problems accessing as a normal user. There is more after the umask=0, but I've truncated it, as the rest wasn't relevant. Just the umask bit I wanted to show. Quote Link to comment Share on other sites More sharing options...
Urza9814 Posted July 21, 2006 Author Report Share Posted July 21, 2006 Well, umask 0 is write access, which I don't need. 0022 is read-only, but it should still work.... I still have to play around with the MSEC settings to see if I can get it working...since I have to wait an hour to see if it works, it's going quite slow...heh If nothing else I can disable the hourly checks, but I'm trying to get it working without that. Quote Link to comment Share on other sites More sharing options...
lavaeolus Posted July 22, 2006 Report Share Posted July 22, 2006 (edited) paranoid is a bit high if you're not using your system as a server (higher and paranoid are indeed intended for use on servers), it is better to use a lower basic security setting and set those things that you need up to a higher level, basically high is enough for a normal workstation, from there you can set some additional permissions with drakperm, so you can tailor the system much more to your needs (it is easier to add some bricks to a wall than to tear holes in it) Edited July 22, 2006 by lavaeolus Quote Link to comment Share on other sites More sharing options...
arctic Posted July 22, 2006 Report Share Posted July 22, 2006 Msec 2 (= normal) has been enough on my workstations. WIth some extra-configuration you will have a very secure system without the need for the "paranoid" settings. Voluntary penetration attempts on my boxes failed miserably with Msec 2 in place. Quote Link to comment Share on other sites More sharing options...
lavaeolus Posted July 22, 2006 Report Share Posted July 22, 2006 (edited) yes, even 2 should suffice, just make sure that mandi (the firewall) is active when you connect to the internet and you'll be fine, testing on www.pcflank.com showed all my ports as stealthed, so nothing to worry if you are running server-programs from time-to-time you should consider using different network profiles (e. g. an internet profile and a server profile) Edited July 22, 2006 by lavaeolus Quote Link to comment Share on other sites More sharing options...
Urza9814 Posted July 22, 2006 Author Report Share Posted July 22, 2006 My computer is in my router's DMZ (port forwarding never works right) and I'm running webmin, apache, and sometimes ProFTPD. And I used to have 4 different firewalls on this computer. I'm paranoid. Quote Link to comment Share on other sites More sharing options...
tyme Posted July 24, 2006 Report Share Posted July 24, 2006 you're paranoid but you're using FTP? :unsure: FTP = username and password sent in clear text. no encoded. very bad. you should setup ssh so you can use sftp. Quote Link to comment Share on other sites More sharing options...
scarecrow Posted July 24, 2006 Report Share Posted July 24, 2006 (edited) Normally, the firewall of a good router is enough- no need for shorewalls etc (and after all, most router firmwares are nothing more than a minimalistic Linux distro, which acts like a firewall/dhcp server/ gateway, and is administered via a web ui). I agree that traditional ftp is highly insecure, and ftp via ssl more secure, but resourcess-hungry. Since ssh/sftp is available by only installing the openssh binaries, why not use that one instead- way more secure than ftp, and way less demanding than ftp over ssl. Windoze users can do their sftp job perfectly well using a bunch of free/opensource apps (Filezilla, PuTTy, WinSCP...). Edited July 24, 2006 by scarecrow Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.