I just spent an hour trying to get a Samba share running on Fedora 20.
It used to not take that long, I’m familiar with how to get Samba running,
how to create shares, and how to manage valid users and masks.
But when it still doesn’t work? Well, what other thing do you do–you
TURN OFF SELinux. Why do the Fedora guys wonder at the SELinux hate?
Because SELinux doesn’t return any hint that SELinux policy violations
are the root cause of the strange errors you get when doing even mild
customizations of services…like adding a Samba share.
Please…why cannot I see something like:
smbd: SELinux policy prohibits read of /home/jed/3plibs
Would that be so difficult? I guess those things get reported in SOME log, but
NOT IN THE LOG YOU LOOK AT, which is the logs for the service you are configuring.
I’ve spent the last two days listening to podcast after podcast describing the technical details of the computer programming flaw that allows attackers slurp unprotected memory from websites, Tor nodes, and IMAP email servers. Thousands of websites have patched their web servers but millions more email and web servers are going to be slow to patch their services.
Go install Lastpass. Use it’s Security Report feature. Create new passwords for sites that have fixed themselves against the Heartbleed bug.
Years ago when I first stared listening to podcasts when I had barely worked at PRWeb for a year even, I came up with a piece of shell script to automatically start up an ssh-agent and ask for your passphrase.
Unfortunately, the code created tons of ssh-agents, which was unfortunate.
Here is a version that behaves much better:
2 export SSH_RECENT="$HOME/.ssh/recent"
3 [ -f $SSH_RECENT ] && eval `cat $SSH_RECENT`
5 if [ ! -z "$SSH_AGENT_PID" ]
7 RUNNING_AGENTS=`ps -p $SSH_AGENT_PID | grep -v CMD | wc -l`
9 if [ $RUNNING_AGENTS -lt 1 -a $UID -ne 0 ]
11 eval `ssh-agent`
12 echo "export SSH_AGENT_PID=$SSH_AGENT_PID" > $SSH_RECENT
13 echo "export SSH_AUTH_SOCK=$SSH_AUTH_SOCK" >> $SSH_RECENT
16 [ `ssh-add -l | fgrep -v ' no ' | wc -l` -lt 1 ] && ssh-add
Can you tell me why I’m choosing to evaluate $UID for zero?
And, will this work if I switch from an Xterm to a virtual terminal?
Here’s the Bruce Schneier doll that Modwest donated to the Linuxfest Northwest world famous raffle. What a great prize! Bruce is decked out Matrix style to defeat all your security-thru-obscurity talk and send you packing back to your world of security theater. I wonder what Modwest will donate next year…I know a Leo LaPorte doll would not fly with this crowd ;-) A steampunk Ada doll would rock!
jed and bruce, tag team!
I’ve had brakes stolen and neighbors have had their bikes stolen out of garages. I’m lucky that I don’t need to park my bike downtown or outside. I carry a spare shifter cable and I’d consider spare brake pads if I had to park outside as well.
I’d also avoid commuting with an attractive bike–good looks create more of a target.
There’s also a guide out there describing how to lock your front wheel to your back wheel and frame with a U-lock.