/etc/security/access.conf Not Working

Hi everybody,
i am using centOS 6.6 and 7. i configure access.conf as follow.

Step 1: vi /etc/pam.d/sshd
account required pam_access.so

Step 2: vi /etc/security/access.conf
- : ALL : ALL

i am still able to access this machine with any user.

please help me to solve

BR/satti


Similar Content



Samba Configuration Not Letting Me Access Files?

Hey guys, I got samba working and I am able to access my files, however I am now trying to learn security with it. i am pretty much trying to allow certain groups access certain files. if you look at samba group you can see that I have @sambausers group to access sambagroup directory.

I have a user called sambatest01. the user can access "samba users only" but the user can access all of the other files as well. what is a correct set up on the other smb.conf to prevent users from accessing this? I cant seem to find a proper set up


[drivers]
path = /files/drivers
browseable = yes
read only = no
guest ok = no
guest only = no


[samba users only]
path = /files/sambagroup
browseable = yes
read only = no
guest ok = no
guest only = no
write list = @sambausers
valid users = @sambausers

Can't Access Windows Share From Linux

Hi all. I can't connect to my Win 8.1 box from Linux Mint. I can ping the Win box successfully. I can access my Linux share from my Win box. It seems like the problem is with windows. I've been working on this problem for about three days now with no luck. I've uninstalled Norton Security in my Win box. I've deactivated Microsoft's firewall. Not helping. My smb.conf is:

[homes]
read only = no
security = domain
workgroup = WORKGROUP

[share]
comment = Shared Data
path = /home/gary/share
gues ok = yes
writeable = no
browseable = yes

To make things simple i created only one shared folder on my Win box, asm. On Linux i type: sudo mount.cifs //GARYZ97/asm /home/gary/share -o user=Gary ; Gary is apparently my correct Windows username. BTW, i've also tried gary.
Linux responds with: [sudo] password for gary: jj ; this is my correct sudo password
Next response is: Password for Gary@//GARYZ97/asm: ; here i have tried my Microsoft Account password; i've tried just hitting enter; i've tried jj my Linux password. I'm at my wits end. What am i doing wrong? I've googled so many different sites but no one seems to have the problem i have. Please help. I don't want to pull out all my hair. I can access my Linux share from Windows, edit it, save it, and i see the changes on my Linux box. I know i'm being repetitive here but i just can't access my Windows share from Linux. I have run testparm on smb.conf and no problems there. Almost forgot. After entering what i believe is my correct Windows password i get: mount error(115): Operation now in progress, and then on the next line, Refer to the mount.cifs(8) manual page (e.g. man mount.cifs)

Getting Through SAMBA Security

Ugh - been working on this for days

I have a SAMBA server running on a Raspberry Pi. Should be pretty much up to date - retrieved today.

Want to get Windows 7 and Android smartphones to be able to access, but neither can. Ideally, I would like to generate no password challenge, but that does not seem to be on the agenda. Windows 7 cannot seem to send the account name in a way SAMBA understands. The Android phones similarly have no luck getting credentials to SAMBA.

Tried many, many variations, read many, many pieces of advice. Most recent smb.conf attached.

FYI
1) I have tried with and without SECURITY=USER
2) did smbpasswd -an nobody
3) the share has CHMOD 775
4) testparm seems happy

Any help appreciated.

Jonathan

NFS Security

I would like to give access to NFS share to host 192.168.1.11 only and I made following entries
# vi /etc/exports
/common 192.168.1.11/24(rw,sync,root_squash)

# service nfs restart
# exportfs -av
# showmount -e

I have a test box with IP address of 192.168.1.5, This box can access the share. I want only 192.168.1.11 to access the content of share. ANY thoughts?

Unable To Configure LAN And WAN IP In CentOS

We have 20 systems and I installed SQUID proxy on CENTOS to limit internet access but I'm unable to configure LAN and WAN. We have got one router in the network with 192.168.1.1 as default gateway. I installed squid successfully but unable to configure it in client systems as I'm unable to configure LAN and WAN ips in CentOS.
Please suggest me correct configuration of LAN and WAN for my network. We don't have any static IP with us. What series of IPs do I have to configure in Linux server? After that, what would be my Proxy IP?

I have basic knowledge about Linux...

Please suggest me Conf file accordlingly.

Firefox Security Best Practices

What are the recommended best security practices for using Firefox on a new Linux system (Centos 7 in my case)? I only access the web using Firefox using my regular, non-root, account. Other than that, what Firefox and/or system settings should I enable/disable in order to safeguard my system from malware scripts, viruses, etc? Also, are there similar Thunderbird settings that should be enabled/disabled?

Thanks in advance from a new Linux user

Restrict File Share Access To Only Certain LAN IP Addresses?

Hello
I have a few folders that I would like allow only access to certain ip schema
like for example
-folder "Products" allow access only to 10.10.20.x
-folder "Customers" allow access only to 10.10.21.x

Can this be dome using Samba?

machines connecting are windows machine from different networks coming true vpn

Thank you
-Fred

Setting Up Apache2 Virtual Host - Getting URL Not Found Error

Trying to set up Virtual Host on Ubuntu 14.04.

Any help to solve this is greatly appreciated!!!

Here is info:

Directory: /var/www/mydb.com/public_html (owner set to $USER:$USER)

Permissions: sudo chmod -R 755 /var/www/

Sample Page: /var/www/mydb.com/public_html/index.html (Shows Message)

Virtual Host Files:

Sites Available: mydb.com.conf
set ServerAdmin => admin@mydb.com
set ServerName => mydb.com
set ServerAlias => www.mydb.com
set DocumentRoot => /var/www/mydb.com/public_html

Sites Enabled: mydb.com.conf
ServerName mydb.com
ServerAlias www.mydb.com
ServerAdmin admin@mydb.com
DocumentRoot /var/www/mydb.com/public_html


I: disabled 000-default.conf w/a2dissite
enabled mydb.com.conf w/a2ensite

HOSTS File /etc/hosts:

127.0.1.1 localhost mydb.com
127.0.0.1 localhost
127.0.1.1 rick-Latitude-E6510

Result of localhost/mydb.com Same with www.mydb.com.

404 Not Found.
The requested URL /mydb.com was not found on this server.
Apache/2.4.7 (Ubuntu) Server at localhost Port 80

This from /var/log/apache2/access.log

127.0.0.1 - - [03/Apr/2015:13:19:08 -0700] "GET /mydb.com HTTP/1.1" 404 496 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:37.0) Gecko/20100101 Firefox/37.0"

Nagios INternal Server Error

Dear all
i installed nagios on centos. everythins is ok. i can view and login nagios web site. but when i click on every links i recieved error:
-------------------------------------------------
Internal Server Error

The server encountered an internal error or misconfiguration and was unable to complete your request.

Please contact the server administrator, root@localhost and inform them of the time the error occurred, and anything you might have done that may have caused the error.

More information about this error may be available in the server error log.
Apache/2.2.3 (CentOS) Server at 192.168.100.17 Port 80
-------------------------------------------------------

all links say this error.
please some body help me.


/etc/httpd/conf.d/nagios.conf :
---------------------------------------------------
AllowOverride None
Order allow,deny
Allow from all
# Order deny,allow
# Deny from all
# Allow from 127.0.0.1
AuthName "Nagios Access"
AuthType Basic
AuthUserFile /usr/local/nagios/etc/htpasswd.users
Require valid-user
</Directory>

Alias /nagios "/usr/local/nagios/share"

<Directory "/usr/local/nagios/share">
# SSLRequireSSL
Options None
AllowOverride None
Order allow,deny
Allow from all
# Order deny,allow
# Deny from all
# Allow from 127.0.0.1
AuthName "Nagios Access"
AuthType Basic
AuthUserFile /usr/local/nagios/etc/htpasswd.users
Require valid-user
</Directory>
---------------------------------------------------------

Centos 6.6 And Samba 3 - Can't Get Domain User To Login

Hi All

I have been racking my brains for the past 15 hours or so trying to know why my AD users can't actually login to the share which i have assigned.

This is my smb.conf below:

Quote:
[global]
workgroup = EXAMPLE
security = ads
realm = EXAMPLE.GROUP
domain master = no
local master = no
preferred master = no
printcap name = /etc/printcap
load printers = no
idmap backend = tdb
idmap uid = 10000-99999
idmap gid = 10000-99999
idmap config EXAMPLE:backend = rid
idmap config EXAMPLE:range = 10000-9999
winbind enum users = yes
winbind enum groups = yes
winbind use default domain = yes
winbind nested groups = yes
winbind refresh tickets = yes
winbind offline logon = true
template homedir = /home/%D/%U
template shell = /bin/false
client use spnego = yes
client ntlmv2 auth = yes
encrypt passwords = yes
restrict anonymous = 2
log file = /var/log/samba/samba.log
log level = 2
valid users = any
[Research]
comment = Research
path = /sharing/research
valid users = EXAMPLE\user1
force group = "domain users"
writable = yes
read only = no
force create mode = 0660
create mask = 0777
directory mask = 0777
force directory mode = 0770
access based share enum = yes
hide unreadable = yes
[Admin]
comment = Admin Area
path = /var/www/html/cmsmadesimple
browseable = yes
writable = yes
read only = no
inherit acls = yes
inherit permissions = yes
create mask = 700
directory mask = 700
valid users = user1

When i do wbinfo -u or wbinfo -g i can see the usernames and groups in my AD.

Also when i do : id username it actually gives me the information for that user in my domain.

I have done net ads login -U and joined the domain.

I have set the pam auth modifications and the krb5 and nsswitch.conf files.

So i do not get why i can't have the user i have assigned to that share access it?

I can only imagine i have something wrong in my smb.conf?

Please any helps would be appreciated.

Thanks