Xusontha@ls.buckodr.ink to Programmer Humor@lemmy.ml · edit-21 year agoIt's always "temporary troubleshooting"loot.buckodr.inkimagemessage-square23fedilinkarrow-up11.09Karrow-down115file-text
arrow-up11.07Karrow-down1imageIt's always "temporary troubleshooting"loot.buckodr.inkXusontha@ls.buckodr.ink to Programmer Humor@lemmy.ml · edit-21 year agomessage-square23fedilinkfile-text
minus-squarelightnegativelinkfedilinkarrow-up1·1 year agoFirst thing to do if you need a functioning server Unless you’re a security guy and get off on people not being able to do their jobs due to Access Denied
minus-squareKnusper@feddit.delinkfedilinkarrow-up6·1 year agoRecently, I learned of the concept of “Linux capabilities”. And yeah, as much as I enjoy reading up on these things, the whole time I was thinking, if something’s fucky with these capabilities, I’ll never remember to check them…
minus-squareuislinkfedilinkarrow-up3·edit-21 year agoFunfact: if you want to run for example HTTP server, you can run it with CAP_NET_BIND_SERVICE and no_new_priv.
(after) …ah crap it’s actually selinux…
SELINUX=disabled
First thing to do if you need a functioning server
Unless you’re a security guy and get off on people not being able to do their jobs due to Access Denied
Recently, I learned of the concept of “Linux capabilities”. And yeah, as much as I enjoy reading up on these things, the whole time I was thinking, if something’s fucky with these capabilities, I’ll never remember to check them…
Funfact: if you want to run for example HTTP server, you can run it with CAP_NET_BIND_SERVICE and no_new_priv.
deleted by creator