Recital

Login Register

SE Linux is a feature of the Linux kernel that provides mandatory access control. This policy based access control system grants far greater control over the resources on a machine than standard Linux access controls such as permissions.

Many modern Linux distributions are shipping with SELinux enabled by default, Fedora 14 and Rhel 6 both install with it enabled.

When you run Recital Web on a SELinux enabled machine and navigate to the default.rsp page you will see something similar to the screen shot below.

1
If you launch the SELinux troubleshooter you will see the following problem.

SELinux is blocking the apache server from accessing the Recital server running on port 8001.

2
To manage you SELinux policy you must have the policycoreutils package group installed. The policycoreutils contains the policy core utilities that are required for basic operation of a SELinux system.

If you wish to use a GUI tool, you must install the policycoreutils-gui package.

At the command prompt execute the following:

As root

$ yum install policycoreutils

$ semanage port -a -t http_port_t -p tcp 8001

$ service recital restart

$ service httpd restart 
 

We use the semanage command here to allow the http server access to port 8001. Once you have completed the steps detailed above you can go and navigate back to the default.rsp page in your borwser, where you will find the permission denied message is now replaced by the default.rsp page.


4
SELinux does a great job of restricting services and daemons so rather than simply disabling it, why not work with it!

When it comes to security, every little bit helps...

Published in Blogs
Read more...
Recital 10 introduced the PIPETOSTR() function. This function operates in a similar fashion to the FILETOSTR() function but it can be used to capture the output from externally executed operating system commands. e.g.
// determine how many Recital users are on the system
nusers = pipetostr("ps -ef | grep db.exe | wc -l")
Published in Blogs
Read more...
A really nice plugin for eclipse that lets you write/edit  Trac wiki pages in eclipse.

http://trac-hacks.org/wiki/EclipseTracPlugin
Published in Blogs
Read more...

STRERROR()

Syntax

STRERROR( [ <expN> ] )

Description

The STRERROR() function returns a string describing the last operating system error message. If the optional error number is specified then the related operating system error message will be returned.

Example

mqdes=mqcreate("/myqueue", 2)
 if (mqdes < 0)
     messagebox(strerror()+",errno="+alltrim(str(error())))
    return
 endif
 rc = mqsend(mqdes, "Test message")
 if (rc < 0)
     messagebox(strerror()+",errno="+alltrim(str(error())))
    return
 endif
 mqclose(mqdes)

Published in Blogs
Read more...
I was fascinated to learn that marvel are shipping a complete linux device that runs on a wall plug for less than $100. The device has gigabit ethernet and USB connectivity making it ideal for building home security and surveillance devices that can be connected together. 

This would be an ideal device for Recital Embedded. Details can be found here. Additional information can be found here and this article in Scientific American 8 Big Things to Do with a Mini Server.

Seeing as this device runs linux, nomachine can be installed on it.  

Clearly this device has a lot of uses including acting as a loadbalancer and also as a bunch of loadbalanced application servers that access data on a network using glusterfs or samba. Another great use of this device would to configure it as a rsnapshot server to backup all the machines in your home! Interestingly in quantity the device is only US$50.

Marvell have a development wiki here.
{linkr:none}
Published in Blogs
Read more...
By default Recital uses PAM to authenticate users.  It is also possible to tell PAM to use Kerberos.  Simply replace the existing entries in the /etc/pam.d/recital file with the ones below:

auth       sufficient   pam_krb5.so try_first_pass
auth       sufficient   pam_unix.so shadow nullok try_first_pass
account    required     pam_unix.so broken_shadow
account    [default=bad success=ok user_unknown=ignore] pam_krb5.so
Published in Blogs
Read more...
Found a nice subversion plugin for finder on the MAC.

The goal of the SCPlugin project is to integrate Subversion into the Mac OS X Finder. 

  • Support for Subversion.
  • Access to commonly used source control operations via contextual menu [screenshot]
  • Dynamic icon badging for files under version control. Shows the status of your files visually. [ screenshot ]
Published in Blogs
Read more...

This guide will assist you in setting up an rsnapshot backup server on your network. rsnapshot uses rsync via ssh to perform unattended backups of multiple systems in your network. The guide can be found on the centos website here.

Published in Blogs
Read more...
Dave Michelle at ITPRO writes a good review of the DS3400 San here.
Published in Blogs
Read more...
Twitter

Copyright © 2024 Recital Software Inc.

Login

Register

User Registration
or Cancel