Sunday, January 29, 2012

Jailing an FTP user

Jailing an FTP user

Solaris:


1. Login to the host and check the /etc/ftpd/ftpaccess file.

2. Add the below entry 

restricted-uid

3. This will restrict the ftp user to his home directory and deny navigation through other filesystems.


HP-UX


1. Files related to ftp server configuration

root@MyHPHost:/etc/ftpd# find / -name ftpaccess -print
/etc/ftpd/ftpaccess //this file is not available by default
/usr/newconfig/etc/ftpd/examples/ftpaccess

2. Create the ftpaccess file

cp -p /usr/newconfig/etc/ftpd/examples/ftpaccess /etc/ftpd/ftpaccess

3. Add the guest user entry to restrict user in their home directory

root@MyHPHost:/etc/ftpd# vi ftpaccess

// add this entry in the file to restrict user.

#KEYWORD LABEL USER HOSTS
class real,anonymous,guest *

# Any members of the ftp group will be chroot'd
#guestgroup ftpgrp
guestuser ftpuser1 ftpuser2

Posted by at No comments:
Labels: ,

Friday, January 27, 2012

Messages logged when Veritas Cluster starts up

Messages logged when Veritas cluster starts up (Solaris)


Execute 'hastart' on MyHost.

Apr  9 10:05:24 MyHost Had[24478]: [ID 702911 daemon.notice] VCS NOTICE V-16-1-10619 'HAD' starting on: MyHost
Apr  9 10:05:24 MyHost Had[24478]: [ID 702911 daemon.notice] VCS NOTICE V-16-1-10620 Waiting for local cluster configuration status
Apr  9 10:05:24 MyHost Had[24478]: [ID 702911 daemon.notice] VCS NOTICE V-16-1-10625 Local cluster configuration valid
Apr  9 10:05:24 MyHost Had[24478]: [ID 702911 daemon.notice] VCS NOTICE V-16-1-11034 Registering for cluster membership
Apr  9 10:05:24 MyHost Had[24478]: [ID 702911 daemon.notice] VCS NOTICE V-16-1-11035 Waiting for cluster membership
Apr  9 10:05:29 MyHost genunix: [ID 316943 kern.notice] GAB INFO V-15-1-20036 Port h gen  21e4a4b membership 01
Apr  9 10:05:29 MyHost genunix: [ID 674723 kern.notice] GAB INFO V-15-1-20038 Port h gen  21e4a4b k_jeopardy ; 23
Apr  9 10:05:29 MyHost genunix: [ID 513393 kern.notice] GAB INFO V-15-1-20040 Port h gen  21e4a4b    visible ; 23
Apr  9 10:05:29 MyHost Had[24478]: [ID 702911 daemon.notice] VCS INFO V-16-1-10077 Received new cluster membership
Apr  9 10:05:29 MyHost Had[24478]: [ID 702911 daemon.notice] VCS NOTICE V-16-1-10086 System  (Node '0') is in Regular Membership - Membership: 0x3
Apr  9 10:05:29 MyHost Had[24478]: [ID 702911 daemon.notice] VCS NOTICE V-16-1-10086 System MyHost (Node '1') is in Regular Membership - Membership: 0x3
Apr  9 10:05:29 MyHost Had[24478]: [ID 702911 daemon.notice] VCS NOTICE V-16-1-10075 Building from remote system
Apr  9 10:05:31 MyHost Had[24478]: [ID 702911 daemon.notice] VCS NOTICE V-16-1-10066 Entering RUNNING state
Apr  9 10:05:31 MyHost Had[24478]: [ID 702911 daemon.notice] VCS NOTICE V-16-1-50311 VCS Engine: running with security OFF
Relative message on the member node:

 Apr  9 10:09:31 MyThirdHost genunix: [ID 316943 kern.notice] GAB INFO V-15-1-20036 Port h gen  21e4a4d membership 0123
Apr  9 10:09:31 MyThirdHost Had[9294]: [ID 702911 daemon.notice] VCS INFO V-16-1-10077 Received new cluster membership
Apr  9 10:09:31 MyThirdHost Had[9294]: [ID 702911 daemon.notice] VCS NOTICE V-16-1-10086 System MyOtherHost (Node '3') is in Regular Membership - Membership: 0xf

 VCS Version 5.1SF8
Posted by at No comments:
Labels: ,
Subscribe to: Posts (Atom)