Noob-MDK91 Posted November 23, 2003 Report Share Posted November 23, 2003 Hi everyone, I just installed Mandrake 9.1 from the 3 cd's I downloaded. Installed it on a old DELL/POWEREDGE by doing so: on a installed Mandrake 8.1 server copy all disks to /home/me-user (me-user = myname) made a hd.rdz disk for installing. Eveything went fine I dicided to upgrade to Mandrake 9.1 BAMBOO setting everything and then it says install complete. Okay then reboot Ohh now what got an KERNEL PANIC no init found after searching the net and looking into some forms I couldn't figure it out. so I did a fresh install of MDK9.1 formatting all disks exept /dev/sda8 because there is the Mandrake/base located. After selecting all packages I want to install everything went great. So now I can start my MDK9.1 worked fine but can't login as root. I can login as my-name witch I created in the SETUP and then do "su - root" witch works. (I'll be looking into the root problem later) HERE'S THE PROBLEM Got Apache 2.0 running and enabled public_html in the directory /home I have two users with the premissions set as followed example: /home/user1 drwx------ /home/user2` drwx------ now when I access //mydomain.com/~user1 It says Forbidden. so I do: chmod -c 755 user1 and now it has premission /home/user1 drwxr-xr-x and /mydomain.com/~user works but just for a while and then the directory has premission is: /home/user1 drwx------ how is this happend?? I also chmod public_html and changed the owner and group to apache public_html has DRWXR-XR-X and that is okay. Right? why does mandrake restores the premission on /home/* Any help would be nice. Thanks in advance, Vincent Stans Quote Link to comment Share on other sites More sharing options...
Michel Posted November 23, 2003 Report Share Posted November 23, 2003 (edited) I don't know which security-level you are running, but if you have level 4, you have this bheviour indeed. You can change the level on the commandline using: msec <level> you could try msec 3 to lower it. Personnaly I like level 4. But you can make some personal adjustments. Level 4: you cannot login as root directley home users cannot access eachother directories and what I changed...: I couldn't access /proc. There is a script that runs every X time that resets this permissions if changed. So, all weel .. but how do you change it. The root- thing: haven't figured taht out, but like that option personnaly..and don't have to time to find out now..but hopefully someone else will. For the permissions: The script searches for which permissions have to apply in the /usr/share/msec-directory. If you open the file perm>.<your level: I would try 4 or higher for you first> you'll see the permissions the appropriate directories/files(I suppose) have to have: just change the users/group/permissions .. If you have to change alot, I suppose it's possible to create your custom-file. I think you can adjust the root-behaviour in the level.<your level> file. (I want to know how you can do this without msec.) To apply the changes while running: msec <your desired level> Edited November 23, 2003 by Michel Quote Link to comment Share on other sites More sharing options...
Noob-MDK91 Posted November 24, 2003 Author Report Share Posted November 24, 2003 Thanks Michel for the fast response I looked into "/usr/share/msec/prem.3" and there I found it: /home/ root.root 755 /home/* current 711 but as you said I first looked into "prem.4" and there i found this: /home/ root.adm 751 home/* current 700 so I changed the "700" to "755" and did not do msec 4 on the command line because I thought the cron job will do that later if not I can still do "msec 4" to do the job. QUESTION: If I change to "msec 3" will there be any service that quits. from 1 to 1000 :) jump all way off topic: isn't "shorewall" the same as "iptables" cause if I start shorewall it looks like iptables is also started that would mean that shorewall is just a EXTRA service that's running. I'm using pentium so every USELESS service should be stopped. of course I can be wrong here. Thanks for any help Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.