I'm here today to talk about how you can get higher quality bug reports about packages that you care about.
In any case, if you are not using all the functionality provided by Apache, you might want to take a look at other web servers provided in Debian like dhttpd.
The Apache Documentation provides information regarding security measures to be taken on Apache web server this same information is provided in Debian by the apache-doc package.
Был Debian lenny решил обновить до Debian 6 по причине обновления bash. во время aptitude dist-upgrade завис ssh клиент и выкинуло,по новой aptitude dist-upgrade выдало ошибку. Config script works benjaminpohle.com package will be installed, i.e. if system doesn't have mysql and package depends on mysql config script will ask mysql password before mysql installation. Anyway, db_input works properly in postinst script, the problem was in postinst body. Mar 24, · puf might be right, init-functions have been a frequent cause of problems. Please report the output of AFTER you tried to start pgl.
More information on further restricting Apache by setting up a chroot jail is provided in Chroot environment for Apache, Appendix H. This content can be retrieved remotely using an URL such as: However, if the module was linked statically you can list the modules that are compiled in running apache -l you must add the following to the Apache configuration file: Userdir disabled An attacker might still do user enumeration, since the answer of the web server will be a Permission Denied and not a Not available.
You can avoid this if you use the Rewrite module. These permissions are changed after rotation. An intruder that accessed the system through the web server would not be able without privilege escalation to remove old log file entries.
Just after installation the default file provides some information on the system mainly that it's a Debian system running Apache. The default webpages are owned by user root and group root by default, while the Apache process runs as user www-data and group www-data.
This should make attackers that compromise the system through the web server harder to deface the site. You should, of course, substitute the default web pages which might provide information you do not want to show to outsiders with your own.
If you do, you will find out that Debian provides many finger daemons output from apt-cache search fingerd: In any case, you are encouraged to, when setting it up through inetd, xinetd or tcpserver to: Just imagine a jail around your target, which the target cannot escape from normally, but there are still a lot of conditions that allow one to escape out of such a jail.
You can eventually create a modified root environment for the user or service you do not trust.
This can use quite a bit of disk space as you need to copy all needed executables, as well as libraries, into the jail. But then, even if the user does something malicious, the scope of the damage is limited to the jail.
Many services running as daemons could benefit from this sort of arrangement. The daemons that you install with your Debian distribution will not come, however, chrooted[ 48 ] per default. However, Debian does provide some software that can help set up chroot environments.
See Making chrooted environments automatically, Section 5. Anyway, if you run any service on your system, you should consider running them as secure as possible.
However, be forewarned that a chroot jail can be broken if the user running in it is the superuser. So, you need to make the service run as a non-privileged user.
Even in this situation you cannot be completely sure that there is no way for a clever attacker to somehow break out of the jail. Using only server programs which have a reputation for being secure is a good additional safety measure.
Even minuscule holes like open file handles can be used by a skilled attacker for breaking into the system. After all, chroot was not designed as a security tool but as a testing tool.
Debian currently accepted in May provides Wietse Venema's chrootuid in the chrootuid package, as well as compartment and makejail.
These programs can be used to set up a restricted environment for executing any program chrootuid enables you to even run it as a restricted user. Some of these tools can be used to set up the chroot environment easily.
The makejail program for example, can create and update a chroot jail with short configuration files it provides sample configuration files for bind, apache, postgresql and mysql. It attempts to guess and install into the jail all files required by the daemon using strace, stat and Debian's package dependencies.
More information at http: Jailer is a similar tool which can be retrieved from http: The author recommends the use of ssh instead of telnet and ftp to everybody. Keep in mind that migrating from telnet to ssh, but using other cleartext protocols does not increase your security in ANY way!
Best would be to remove ftp, telnet, pop, imap, http and to supersede them with their respective encrypted services. You should consider moving from these services to their SSL versions, ftp-ssl, telnet-ssl, pop-ssl, httpsInstalling Mattermost on Debian Jessie To install MySQL on Debian Jessie: Log into the server that will host the database, and open a terminal window.
The location must be a directory that exists and has write permissions for the Mattermost server. It can be an absolute path or a relative path. However, most people who generate sales reports want to share the reports with other employees, visualize the data, change the filters, alter the reports for ad-hoc analysis, etc.
If you generate your report in GSheets or Excel, you can do all of the above with ease. There is something wrong with the install script for MariaDB on Ubuntu and as it fails to install if MySQL was ever installed on the system even if MySQL has Main Menu Products.
"Apt configuration problem. An attempt to configure apt to install additional packages from the CD failed" configured to not write apport reports dpkg-deb: subprocess paste killed by signal (Broken pipe) to configure apt to install additional packages from the CD failed.
Development. The following packages will be REMOVED: mysql-server 0 upgraded, 0 newly installed, 1 to remove and 0 not upgraded. 2 not fully installed or removed. After this operation, kB disk space will be freed. MySQL. See MySQL Installation for generic MySQL related issues.
PostgreSQL. See PostgreSQL Installation for generic PostgreSQL related issues. Bad version of PostgreSQL driver on Debian Wheezy. The version of the PostgreSQL driver on Debian Wheezy is the (at least when writing those lines) which does not work well with XWiki.
You will have.