Xusontha@ls.buckodr.ink to Programmer Humor@lemmy.ml · edit-21 year agoIt's always "temporary troubleshooting"loot.buckodr.inkimagemessage-square27fedilinkarrow-up11.14Karrow-down116file-text
arrow-up11.12Karrow-down1imageIt's always "temporary troubleshooting"loot.buckodr.inkXusontha@ls.buckodr.ink to Programmer Humor@lemmy.ml · edit-21 year agomessage-square27fedilinkfile-text
minus-squareiluminae@lemmy.worldlinkfedilinkarrow-up35·1 year ago(after) …ah crap it’s actually selinux…
minus-squarelightnegative@lemmy.worldlinkfedilinkarrow-up1·1 year agoFirst thing to do if you need a functioning server Unless you’re a security guy and get off on people not being able to do their jobs due to Access Denied
minus-squareKnusper@feddit.delinkfedilinkarrow-up7·1 year agoRecently, I learned of the concept of “Linux capabilities”. And yeah, as much as I enjoy reading up on these things, the whole time I was thinking, if something’s fucky with these capabilities, I’ll never remember to check them…
minus-squareuis@lemmy.worldlinkfedilinkarrow-up3·edit-21 year agoFunfact: if you want to run for example HTTP server, you can run it with CAP_NET_BIND_SERVICE and no_new_priv.
(after) …ah crap it’s actually selinux…
SELINUX=disabled
First thing to do if you need a functioning server
Unless you’re a security guy and get off on people not being able to do their jobs due to Access Denied
Recently, I learned of the concept of “Linux capabilities”. And yeah, as much as I enjoy reading up on these things, the whole time I was thinking, if something’s fucky with these capabilities, I’ll never remember to check them…
Funfact: if you want to run for example HTTP server, you can run it with CAP_NET_BIND_SERVICE and no_new_priv.
Too real