I'm writing a tool to deal with email in mbox format, and I want to properly implement dotlock. For obvious reasons, attempting to create a lockfile in /var/mail or /var/spool/mail results in a permission denied error.
Is there official documentation on dotlock protocol, and does it address this issue? I note that /usr/bin/mail is not SUID-root, so that's not the answer. Linux has the mail-lock program, but neither MacOS or FreeBSD have it.
Another way to ask this question: How does /usr/bin/mail lock the user's inbox?
Related
I am a web developer, and for some upcoming projects I would like to use a file-based CMS. This means that many of the files I create at the start must be editable by the PHP user later, but also remain editable for my user (and also the other way around). My PC runs Debian 9, which I love but am not super knowledgeable about, and I have also just set up a local network server with Debian 9 for backups and possibly file sharing. (I'm using Webmin to configure this, which reflects my level of command line skills).
On my online shared hosting server, the PHP user and the FTP user seem to be the same, and 644/755 permissions work fine, this is also recommended by the CMS I'm using. I would like to mimic this on my computer so I don't have to fiddle with permissions all the time. But how do I do this? Currently, my regular user (anna) does not have access to www-data's files and vice versa. Putting them in the same group still means changing file permissions. Making anna the PHP user is a Bad Idea (as far as I understand it) because anna has sudo permissions.
So far I have researched three possible solutions that I don't really know very much about, and I would like to know which is the best route to take.
Develop locally on my computer and use apache-mpm-itk or suPHP to let PHP edit the files (I got that idea from this question on ServerFault).
Develop locally on my computer and rsync the files to my server with grunt-rsync, and somehow get rsync to set the ownership to www-data (another ServerFault thread helping here).
Mount the project's server directory, which is owned by www-data, on my computer with SSHFS and then either edit the files on the server directly or copy them over from my local directory with grunt-copy.
What do you think: from a security and ease of use perspective, which is the best way? Or do you know an even better one?
Thank you for taking the time to read and think about this!
Anna~
I figured it out! I finally ended up reading about running PHP as CGI instead of as an Apache module, and that this would solve my permissions problem. Plus, as far as I understand it, there are no extra security precautions to take when I'm the only one working with it on my local computer.
In case someone comes across this who might find it helpful, here's what I did (basically following these instructions):
I installed php7.0-fpm
Edited /etc/apache2/sites-enabled/000-default.conf and put the following just before </VirtualHost>:
DirectoryIndex index.php
<LocationMatch "^(.*\.php)$">
ProxyPass fcgi://127.0.0.1:9000/var/www/html
</LocationMatch>
I activated the Apache module proxy_fcgi (via Webmin, which apparently does an automatic Apache restart)
In /etc/php/7.0/fpm/pool.d/www.conf I commented out a listen line and put another below like this:
; listen = /run/php/php7.0-fpm.sock
listen = 127.0.0.1:9000
I then restarted PHP-FPM with this command: /etc/init.d/php7.0-fpm restart (a little different from the instructions, I'm on Debian 9). After that, phpinfo() gave me the Server API "FPM/FastCGI".
And finally, I changed the user and group from www-data to anna in three places, twice in /etc/php/7.0/fpm/pool.d/www.conf and then once more in /usr/lib/tmpfiles.d/php7.0-fpm.conf (this last bit may be Ubuntu/Debian specific, my thanks go to Keith for a comment on StackExchange).
And that was it! :-)
Here is my situation: I have an authenticated proxy at work. I use proxyswitcher.net to change/remove the proxy accordingly to the network identification. Also, I made a powershell script that kills dropbox, changes de config file to the one with/without manual proxy configuration and I restart it.
From what I read, the risks of doing this is that some file may be corrupted while dropbox is writing it. I don´t think this is a problem as the script runs at the moment that the network is identified. Also, dropbox is very good at handling this type of errors.
But, is there a better way or other risks I´m not aware of it?
I think, instead of using kill, you could try Stop-Process. Ex:
Stop-Process -Name "dropbox"
I am trying to create a socket on python that requires administrator privileges. I keep getting this error though:
error: [Errno 10013] An attempt was made to access a socket in a way forbidden by its access permissions
I have tried implementing solutions on this website, concluding that it is probably an administrator error. One of the most notable is the code marked as the best answer to this question. However, even after implementing it in my code, after I tell UAC to allow the elevation, I still get the same error. Any review on my code below would be much appreciated.
if not admin.isUserAdmin():
admin.runAsAdmin()
icmp = socket.getprotobyname("icmp")
# Create Socket
try:
mySocket = socket.socket(socket.AF_INET, socket.SOCK_RAW, icmp)
So, I have a phpBB forum on CentOS 6, however there is a problem. E-mails are simply not working.
I tried using e-mails on domain such as admin#domain.com, and I would get this error:
E-mail error
» EMAIL/PHP/mail()
/adm/index.php
so I trued using SMTP with different SMTP hosts and settings, nothing has worked, I would simply get this error:
E-mail error
» EMAIL/SMTP
/adm/index.php
Could not connect to smtp host : 0 : php_network_getaddresses: getaddrinfo failed: Temporary failure in name resolution
Errno 2: fsockopen(): php_network_getaddresses: getaddrinfo failed: Temporary failure in name resolution at [ROOT]/includes/functions_messenger.php line 1030<br />
Errno 2: fsockopen(): unable to connect to smtp.mail.com:25 (php_network_getaddresses: getaddrinfo failed: Temporary failure in name resolution) at [ROOT]/includes/functions_messenger.php line 1030
I got the errors from PHP Error Log from PHP
Oddly enough, the e-mails appear on my VPS in var/spool/mail/root file.
2 people have told be that this may be a DNS issue, I suspect this being true, as I, for some reason, couldn't use "wget" on my VPS, so I set Nameservers in /etc/resolv.conf and suddenly another problem I was experiencing, "could not get latest phpBB version" or something like that, was fixed. So, if that was fixed with such a solution, I would assume this would have something to do with it too.
And, I asked my host about it, they said "everything is virtualized" and how they have no actual control over it (in a sense that it is their configuration's fault) and how they do not support 3rd party software, even though this is not a software issue. And prior to that they said that they talked to "level 3 Linux admin" and how the admin said it is PHP/Apache issue.
I am losing my mind over this. It is a good machine for a good price with a game panel as we are hosting a game server, and it would really be a bother to move it all elsewhere.
Also, full talk and information on phpBB forums can be found here:
https://www.phpbb.com/community/viewtopic.php?f=46&t=2257586
Check your SMTP settings, make sure its set to the correct client (both on your DNS and within phpbb in General-Client Communication-Email Settings). If you have to use an authenticated account, verify that the username and password you are using is correct by typing it into a word doc to see spelling and copy/pasting it into the fields. In some cases, SMTP will only work with authenticated accounts.
Hi, I've installed TFS2010 trial version in my remote machine. While configuring the Application Tier, I am getting an error stated that TFSJobAgent did not start. While I was looking into the Error logs, I found this message.
An error occurred loading a configuration file: Access to the path 'C:\Windows\Microsoft.NET\Framework64\v4.0.30319\Config\machine.config' is denied. (C:\Windows\Microsoft.NET\Framework64\v4.0.30319\Config\machine.config) ---> System.UnauthorizedAccessException: Access to the path 'C:\Windows\Microsoft.NET\Framework64\v4.0.30319\Config\machine.config' is denied.
It looks like access rights. So I changed the the security rights to allow all rights. And I set the access to that location is available to user Everyone, but still having the problem. But same software I installed in my laptop and I could able to configure and using it. SO I am waiting for the valuable responses from tech guys to resolve my problem.
Thanks,
Siva
Please check the answer on MSDN here: http://social.msdn.microsoft.com/Forums/en/netfxsetup/thread/b31432bc-5025-45a7-91aa-f96644ce4458. These people had the same problem because in the same session they changed passwords. A reboot should fix it, according to them.