Unable Read /etc/passwd. /etc/passwd MUST Be World Readable Under UN*X Operating Sys

Feb 14, 2008

i run one bad command :-(

chmod -R 644 /

and this command changes all permision in root server
have any away for fixed all permision in centos?

because all site take error

i use of cpanel

View 14 Replies


ADVERTISEMENT

Enabled Suphp But Still Can Read /etc/passwd

Nov 8, 2008

It there any good way to stop using from reading /etc/passwd?

I have suPHP enabled and open_basedir enabled by WHM too. But it seems susphp ignores open_basedir restrictions?

Here is virtual host config:

<VirtualHost x.x.x.x:80>
<IfModule concurrent_php.c>
php4_admin_value open_basedir "/home/xxx/:/usr/lib/php:/usr/php4/lib/php:/usr/local/lib/php:/usr/local/php4/lib/p$
php5_admin_value open_basedir "/home/xxx/:/usr/lib/php:/usr/local/lib/php:/tmp"
</IfModule>
<IfModule !concurrent_php.c>
<IfModule mod_php4.c>
php_admin_value open_basedir "/home/xxx/:/usr/lib/php:/usr/php4/lib/php:/usr/local/lib/php:/usr/local/php4/li$
</IfModule>
<IfModule mod_php5.c>
php_admin_value open_basedir "/home/xxx/:/usr/lib/php:/usr/local/lib/php:/tmp"
</IfModule>
<IfModule sapi_apache2.c>
php_admin_value open_basedir "/home/xxx/:/usr/lib/php:/usr/php4/lib/php:/usr/local/lib/php:/usr/local/php4/li$
</IfModule>
</IfModule>
ServerName xxx.com
ServerAlias www.xxx.com
DocumentRoot /home/xxx/public_html
ServerAdmin webmaster@xxx.com
UseCanonicalName Off
CustomLog /usr/local/apache/domlogs/xxx.com combined
CustomLog /usr/local/apache/domlogs/xxx.com-bytes_log "%{%s}t %I .
%{%s}t %O ."
## User xxx # Needed for Cpanel::ApacheConf
<IfModule mod_suphp.c>
suPHP_UserGroup xxx xxx
</IfModule>
<IfModule !mod_disable_suexec.c>
SuexecUserGroup xxx xxx
</IfModule>
ScriptAlias /cgi-bin/ /home/xxx/public_html/cgi-bin/
DocumentRoot /home/xxx/public_html
ServerAdmin webmaster@xxx.com
UseCanonicalName Off
CustomLog /usr/local/apache/domlogs/xxx.com combined
CustomLog /usr/local/apache/domlogs/xxx.com-bytes_log "%{%s}t %I .
%{%s}t %O ."
## User xxx # Needed for Cpanel::ApacheConf
<IfModule mod_suphp.c>
suPHP_UserGroup xxx xxx
</IfModule>
<IfModule !mod_disable_suexec.c>
SuexecUserGroup xxx xxx
</IfModule>
ScriptAlias /cgi-bin/ /home/xxx/public_html/cgi-bin/
# To customize this VirtualHost use an include file at the following location
# Include "/usr/local/apache/conf/userdata/std/2/xxx/xxx.com/*.conf"

</VirtualHost>

Scripts are running with user's UID, and that is fine, but it can still read /etc/passwd file for example.

How to fix that? Is it really open_basedir value is ignored by susphp? It works fine if I remove suphp and run scripts with nobody uid.

View 10 Replies View Related

Permission Denied: /home/airtrade/etc/airtrade.com.tw/passwd Passwd

Jul 20, 2008

Permission denied: /home/airtrade/etc/airtrade.com.tw/passwd passwd this is the error message obtained upon trying to create email accounts in cpanel.

the present permissions of the passwd file is 644 and ownership is username nobody i tried changing it to username.mail but still the same error

View 1 Replies View Related

/etc/passwd

Mar 4, 2007

root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
adm:x:3:4:adm:/var/adm:/sbin/nologin
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
sync:x:5:0ync:/sbin:/bin/sync
shutdown:x:6:0hutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
news:x:9:13:news:/etc/news:
uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin
operator:x:11:0perator:/root:/sbin/nologin
games:x:12:100:games:/usr/games:/sbin/nologin
gopher:x:13:30:gopher:/var/gopher:/sbin/nologin
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
nobody:x:99:99:Nobody:/:/sbin/nologin
dbus:x:81:81ystem message bus:/:/sbin/nologin
vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin
rpm:x:37:37::/var/lib/rpm:/sbin/nologin
haldaemon:x:68:68:HAL daemon:/:/sbin/nologin
netdump:x:34:34:Network Crash Dump user:/var/crash:/bin/bash
nscd:x:28:28:NSCD Daemon:/:/sbin/nologin
sshd:x:74:74rivilege-separated SSH:/var/empty/sshd:/sbin/nologin
rpc:x:32:32ortmapper RPC user:/:/sbin/nologin
rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin
nfsnobody:x:65534:65534:Anonymous NFS User:/var/lib/nfs:/sbin/nologin
mailnull:x:47:47::/var/spool/mqueue:/sbin/nologin
smmsp:x:51:51::/var/spool/mqueue:/sbin/nologin
pcap:x:77:77::/var/arpwatch:/sbin/nologin
xfs:x:43:43:X Font Server:/etc/X11/fs:/sbin/nologin
htt:x:100:101:IIIMF Htt:/usr/lib/im:/sbin/nologin
canna:x:39:39:Canna Service User:/var/lib/canna:/sbin/nologin
wnn:x:49:49:Wnn Input Server:/var/lib/wnn:/sbin/nologin
named:x:25:25:Named:/var/named:/sbin/nologin
mysql:x:101:102:MySQL server:/var/lib/mysql:/bin/bash
mailman:x:32001:32001::/usr/local/cpanel/3rdparty/mailman:/bin/bash
cpanel:x:32002:32003::/usr/local/cpanel:/bin/bash
johnny:x:32003:32004::/home/dorn:/usr/local/cpanel/bin/noshell
angel:x:32004:32005::/home/angeliq:/bin/false
clamav:x:32015:32017:Clam AntiVirus:/home/clamav:/bin/false

I heard it may pose a security risk for those unneeded users. Which lines can I remove?

View 1 Replies View Related

Passwd For SSH

Oct 21, 2007

i been wonder today when i try to login my account @box by SSH 21

the password is changed i think!

and when i see the logs files there is no stranger ip!

and there is no email about changeing password for my mail!

i tried to log in by another account in my server and trying to su root permission by my password

but passwd incorect!

and i change the Mysql root passwd and same thing

my support they sleep before 3 days so i should to figure my problem alone...

how to reset my root ssh passwd?

am useing Plesk VPS ...

View 8 Replies View Related

Passwd- And Shadow- Files

Apr 5, 2009

I have been googling this for a while but am not getting anywhere. Curiosity has gotten the best of me, what are the passwd- and shadow- files used for? The date and time stamps for both the passwd- and passwd files are exactly the same, as are the shadow- and shadow files.

Are they automatically-created backups of the passwd and shadow files?

View 2 Replies View Related

How Can I Save My /etc/passwd File

Nov 3, 2007

how can i save /etc/passwd there is many linux order which show my users on server
such as :

cat /etc/passwd
cat /var/cpanel/acounting.log
ls -la /etc/valiases
ls /var/named

-----------------
and how can i disable the geting orders
such as :

wget
curl -o
lynx

View 8 Replies View Related

User Can See /etc/passwd. How To Stop This

Sep 1, 2007

We have CentOS and WHM 11 on the server. Also we have PHP 4.4.4 and open base dir enabled on the server . We have a shared server with many website configured on it.

Now The user uses the following PHP code and can see the /etc/passwd file
=============================================
<?
echo ini_get("safe_mode");
echo ini_get("open_basedir");
include("/etc/passwd");
ini_restore("safe_mode");
ini_restore("open_basedir");
echo ini_get("safe_mode");
echo ini_get("open_basedir");
include("/etc/passwd");
?>
============================================

Now how to stop this. This is a security hole. how to stop this.

View 11 Replies View Related

Passwd: Authentication Token Manipulation Error

Mar 8, 2009

I set up a new account for a client using my reseller. He went to change the password and he is getting this error

There was an error manipulating the password file. This generally means you entered your old password incorrectly.

Changing password for user xxxxx.

Changing password for xxxxx

(current) UNIX password:

passwd: Authentication token manipulation error

The thing is, he is putting the password in correct. I made sure of that

I am able to change it in whm and i am able to log in to the account, i just cant change the password from cpanel

View 3 Replies View Related

Resetting A Root Password After /etc/passwd / Strangeness

Dec 27, 2007

We've had a customer do something strange to their server. They were playing with /etc/passwd or /etc/shadow or similar (not quite sure of the details) but the upshot is booting the server into single user and trying to reset the password via passwd gives

passwd root (and any user)
passwd: Authentication token manipulation error

So far I've

Replaced /etc/passwd* and /etc/shadow* with a copy from another server
Turned off SeLinux
/etc/pam.d/passwd is fine
Root file system is r/w

View 1 Replies View Related

Pcfg_openfile: Unable To Check Htaccess File, Ensure It Is Readable

Apr 16, 2008

Apache error log for a subdomain

[Thu Apr 17 00:02:24 2008] [crit] [client 69.113.17.156] (13)Permission denied: /home/user/public_html/subdir/.htaccess pcfg_openfile: unable to check htaccess file, ensure it is readable

However, there is no htaccess file in that directory anyway

/home/user/public_html/subdir

Server is Centos 5 / Cpanel

View 5 Replies View Related

Disabling Fopen("/etc/passwd","r");

Jul 18, 2007

I were seeing c99.php source code to know how it gets /etc/passwd file. it simply uses fopen() for this goal but I think fopen() is needed and I don't like it to be disabled in disabled_functions. I wonder how can I disable just fopen("/etc/passwd","r"); without doing any restriction to fopen function at all

View 8 Replies View Related

Plesk 12.x / Windows :: MSSQL - Unable To Backup Database Operating System Error 5

Mar 28, 2015

12.0.18 update #39
Server 2012r2

Logged into my panel today to run a database backup on a site I'm working on to be confronted with the following:

Unable to backup database 'XXXXXXXXXX'
Cannot open backup device 'C:Program Files (x86)ParallelsPleskBackupXXXXXXXXX.co.nzdatabasesXXXXXXXXX-29 est'. Operating system error 5(Access is denied.).
BACKUP DATABASE is terminating abnormally.

(Error code 21)

I'm not sure why permissions would change on their own, I'm also not sure how to fix the permissions error. I get the same error on all databases.

PrivateTemp folder appears to have write permissions for Group MSSQLSERVER

View 6 Replies View Related

Unable To Read Data

May 20, 2007

i have a dedicated server with cpanel and when trying to addd any accounts i get the message dns zone already exists but when i go to edit a dns zone to check i am getting the message below

Unable to read data from /dev/urandom (No such file or directory).

View 7 Replies View Related

Plesk 12.x / Linux :: Can't Send Email - Unable To Read Control Files

May 22, 2015

Every out bound email message fails and stays in the queue. The mail log shows this error.

qmail: 1432283802.380653 delivery 27: deferral: Unable_to_read_control_files._(#4.3.0)/

A second problem, also qmail is that I can't send to the server using TLS on the submission port, only if I do plain text. But the first problem is bigger because we can't send at all.

This is a new plesk installation and it has never worked.

View 7 Replies View Related

Plesk 11.x / Windows :: Cannot Log In - Unable To Read Control Panel Configuration File

Apr 29, 2013

I can not log into to plesk right now. It's display message " Unable to read Control Panel configuration file: date_default_timezone_get() [function.date-default-timezone-get]: It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_ timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier.We selected 'Asia/Krasnoyarsk' for '7.0/no DST' instead".

View 1 Replies View Related

Plesk 11.x / Windows :: Unable To Read Control Panel Configuration File Error

Aug 29, 2014

I'm unable to access my plesk control panel .its giving this error "Unable to read Control Panel configuration file";tried all available solution for permissions but the problem remains.

View 3 Replies View Related

Apache :: Created FTP Account With Vsftp And Files Uploaded Are Not Readable

Jan 17, 2014

I created a FTP account with vsftp and files uploaded are not readable via www-data

View 1 Replies View Related

Which Operating System

Feb 18, 2007

There's bloody heaps of them. Which one do I go for on my two new file servers? Which operating system out of these is the most common, has the most support, is most compatible? The server will be used to host videos and will run c-panel. A light weight OS is probably preferred but I really have no idea. And incase it helps, the servers have 512mb of ram, about 30 - 40GB of hDD (not actually sure) and an old AMD Duron.

CentOS
Debian
Direct Admin
Fedora
FreeBSD
Gentoo LiveCD
Redhat
Slackware

View 14 Replies View Related

How Limit All Of World Instead Of One Ip

May 14, 2009

i want to limit all of the world to access my server for example port 80 25 22 an .... instead of two ip.

View 9 Replies View Related

How To Block The World

Jul 4, 2009

IM about tired of spam and hackers putting phishing items on my server.

My question is.

How can I block the whole world expect for US, CA and UK?

I've added several countrys to csf's csf.deny list but half of them keep disappearing.

View 14 Replies View Related

Xen And 64bit Operating Systems

Jun 1, 2009

I tried installing CentOS 64bit using windows image and vnc that comes with HyperVM and it says (your cpu does not support long mode. use a 32 bit distribution), and if I try to install Windows Server 2008 I get blue screen with a stop and error.

View 5 Replies View Related

Which Operating System For Web Server?

Apr 22, 2008

I have always used debian on my virtual machine but was just curious as to what OS people use for their hosting?

The company I am looking at moving to for hosting offer the following options:
* Debian
* Ubuntu Server
* Open Suse
* Free BSD
* Fedora Core
* CentOS
* Gentoo
* Slackware
* Windows 2003 Basic
* Windows 2003 Pro

I have heard from a lot of people that Freebsd is good for hosting but just wondering what your views are

View 14 Replies View Related

FastCGI Hello World Test?

Jun 20, 2009

Just moved to a 1and1 managed server in which FastCGI is enabled.

But I'm having problems getting Movable Type to run under fastcgi - which has never been a problem before, even on shared hosts.

Is there a 'hello world'-type test for fastcgi - so I can check if it is enabled?

View 3 Replies View Related

World's Fastest Hosts

Jun 4, 2009

As you all know about hostingspeeds.com, offering you a list of world's fastest host. Is there any other sites doing such things?

And, be helpful to say me the hosting company whith PHP, MySQL support, that offer fastest speed on page load, accepting LibertyReserve as way of payment for their services.

View 6 Replies View Related

Website That Can Be Seen In A Part Of World But Not The Other

May 28, 2009

I have a website that can be seen in a part of the world but not on the other. How can I troubleshoot this issue. Is there a web utility that can help me figure out what is the problem?

View 1 Replies View Related

Host Once - Where In The World Is My Server?

Sep 30, 2008

I have been running a dedicated server for years, first with Carolina Online, who then sold it to HostOnce.

Today at around 6PM my server, that was working fine and I was actively working on all day, suddenly disappears off the Internet.

I go to Host Once's ticket system, and they have a message up that they moved their servers from NC to NJ, that all the servers were upgraded to Windows 2003, and that they would be very busy with the migration, don't submit multiple tickets. (Host Once seems to mostly have reseller hosting accounts, not many dedicated servers.)

I start pinging IP addresses and everything in my server's IP block is gone (the furthest a tracert goes is 64.70.48.3 - everything under that is gone.)

This is bad.

I'm worried that they may have bought new boxes in NJ for their reseller accounts, transferred up the data, and abandoned the old boxes in NC ... is this something they might do?

Also worried that the block of IPs their old servers were on may have somehow been reassigned... can this happen?

In any case, waiting to hear back on my ticket but looking for advice. Does anyone know the datacenter Carolina Online / Host Once used in Lumberton, NC? Want to start tracking it down if my box may have been left behind.... Any other insight on what in the world they might be doing / what happenned here?

View 10 Replies View Related

Test Dns Lookups From Around The World

Mar 15, 2008

I am trying to debug a dns problem.

What I need is for you to do a dns lookup and report:

1) the address that was returned, the last octect will do.

2) the area of the world you queried from

The answers *will* vary because the dns server is geolocation enabled. Or, at least they *should* vary. But, someone claims its buggered.

The host name to lookup is:

ssl.dnsmasq.com

View 6 Replies View Related

How Many CPanel Licences In The World?

Apr 23, 2008

Does anyone have any idea or estimation about cPanel Licences all over the world? How many servers are licenced and running cPanel at the moment? Has cPanel ever had any official word regarding this?

View 3 Replies View Related

How To Check Websites From All Over The World

Jun 29, 2008

I remember using a few years ago a site where you could plugin a domain name and a report will run showing if the site was vieable or accessible from all different parts of the worls, I forgot the URL does anyone know abou something like this?

View 8 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved