[Mageia-discuss] erros after mageia1 install
bascule
asura at theexcession.co.uk
Tue Dec 13 08:01:51 CET 2011
in my security checks after installing mageia1 (clean install on formatted /
and /usr) i have the following report entries, i don't know how to interpret
all of them or how to fix all of them, please help me! :)
:
group ->
Warning: /etc/group: Line 30: Group nogroup has GID out of range
group: WARNING
Error: /etc/passwd: Line 15: User vcsa has strange shell /sbin/nologin
Error: /etc/passwd: Line 16: User sshd has strange shell /bin/true
Error: /etc/passwd: Line 17: User messagebus has strange shell
/sbin/nologin
Error: /etc/passwd: Line 18: User avahi has strange shell /bin/false
Error: /etc/passwd: Line 19: User avahi-autoipd has strange shell
/bin/false
Error: /etc/passwd: Line 20: User rpc has strange shell /sbin/nologin
Error: /etc/passwd: Line 21: User rpm has strange shell /bin/false
Error: /etc/passwd: Line 22: User rpcuser has strange shell /bin/false
Error: /etc/passwd: Line 23: User polkituser has strange shell
/sbin/nologin
Error: /etc/passwd: Line 24: User haldaemon has strange shell
/sbin/nologin
Error: /etc/passwd: Line 25: User memcached has strange shell /bin/false
Error: /etc/passwd: Line 28: User postfix has strange shell /bin/false
Error: /etc/passwd: Line 30: User ntp has strange shell /bin/false
Error: /etc/passwd: Line 31: User icecast has strange shell /bin/false
passwd: ERROR
home_dirs ->
Error: Home directory of user "avahi-autoipd" does not exist!
Error: Home directory of user "rpm" is world-readable.
Error: Home directory of user "rpm" is world-accessible.
Error: Home directory of user "rpcuser" has wrong uid: 0. Expected uid is
493.
Warning: Home directory of user "rpcuser" has wrong gid: 0. Expected gid
is 492.
Error: Home directory of user "rpcuser" is world-readable.
Error: Home directory of user "rpcuser" is world-accessible.
Error: Home directory of user "memcached" has wrong uid: 0. Expected uid
is 490.
Warning: Home directory of user "memcached" has wrong gid: 0. Expected gid
is 488.
Error: Home directory of user "memcached" is world-writable.
Error: Home directory of user "memcached" is world-readable.
Warning: Home directory of user "memcached" is group-writable.
Error: Home directory of user "apache" is world-readable.
Error: Home directory of user "apache" is world-accessible.
Error: Home directory of user "postfix" has wrong uid: 0. Expected uid is
487.
Warning: Home directory of user "postfix" has wrong gid: 0. Expected gid is
487.
Error: Home directory of user "postfix" is world-readable.
Error: Home directory of user "postfix" is world-accessible.
Warning: Home directory of user "bascule" is world-accessible.
Error: Home directory of user "icecast" has wrong uid: 0. Expected uid is
485.
Warning: Home directory of user "icecast" has wrong gid: 0. Expected gid
is 485.
Error: Home directory of user "icecast" is world-readable.
Error: Home directory of user "icecast" is world-accessible.
home_dirs: ERROR
filesystem ->
Warning: Symbolic link "/sbin/mount.smb" points to a non-existent file
"/etc/alternatives/mount.smb".
Warning: Symbolic link "/sbin/mount.smbfs" points to a non-existent file
"/etc/alternatives/mount.smbfs".
Warning: Symbolic link "/var/lib/menu-xdg/menus/applications-merged"
points to a non-existent file "applications-mdk-merged".
Warning: Symbolic link "/var/lib/hsqldb/lib/hsqldb.jar" points to a non-
existent file "../../../../usr/share/java/hsqldb.jar".
Warning: Symbolic link "/var/lib/hsqldb/lib/servlet.jar" points to a non-
existent file "../../../../usr/share/java/servlet.jar".
Warning: Symbolic link "/var/spool/postfix/lib/libnss_nisplus.so.2" points
to a non-existent file "/lib/libnss_nisplus-2.4.so".
Warning: Directory "/var/spool/spamassassin" is world writable but the
sticky bit is not set.
Warning: File "/var/spool/spamassassin/auto-whitelist.db" is world
writable.
Warning: File "/var/spool/spamassassin/auto-whitelist" is world writable.
Warning: File "/var/www/squirrelmail/plugins/chg_sasl_passwd/Readme" is
executable and group writable.
Warning: File "/var/www/squirrelmail/plugins/chg_sasl_passwd/setup.php" is
executable and group writable.
Warning: File "/var/www/squirrelmail/plugins/chg_sasl_passwd/options.php"
is executable and group writable.
Warning: Symbolic link "/lib/systemd/system/ctrl-alt-del.target" points to
a non-existent file "reboot.target".
Warning: Symbolic link "/lib/systemd/system/default.target" points to a
non-existent file "multi-user.target".
Error: File "/usr/bin/batch" is SUID script.
Error: File "/usr/sbin/fileshareset" is SUID script.
Warning: Symbolic link "/usr/lib/xulrunner-7.0.1/dictionaries" points to a
non-existent file "../../../usr/share/dict/mozilla".
Warning: Symbolic link "/usr/lib/tk8.6/tkConfig.sh" points to a non-
existent file "../../../usr/lib/tkConfig.sh".
Warning: Symbolic link "/usr/lib/tcl8.6/tclConfig.sh" points to a non-
existent file "../../../usr/lib/tclConfig.sh".
Warning: Symbolic link "/usr/lib/samba/nss_info/sfu.so" points to a non-
existent file "../idmap/ad.so".
Warning: Symbolic link "/usr/lib/samba/nss_info/rfc2307.so" points to a
non-existent file "../idmap/ad.so".
Warning: Symbolic link "/usr/lib/samba/nss_info/sfu20.so" points to a non-
existent file "../idmap/ad.so".
filesystem: ERROR
path ->
Error: File /usr/bin/atq, which is placed in PATH directory /usr/bin, is
owned by someone else than by root!
Warning: Path variable contains directory /usr/X11R6/bin, which doesn't
exist or is not an directory.
path: ERROR
firewall ->
Error: No firewall rules in IPv4 INPUT chain and policy is set to ACCEPT.
firewall: ERROR
netserv ->
Warning: Test netserv has missing dependencies: yum
netserv: INVALID
openssh ->
Warning: Wrong permissions on regular file "/etc/ssh/sshd_config": 640 (sshd
configuration file, required permissions are 600)
Error: Missing file or directory: "/var/empty/sshd" (directory used by sshd
during privilege separation in the pre-authentication phase)
Warning: Wrong owner/group on regular file: "/etc/ssh/ssh_host_dsa_key"
(sshd private key - from configuration file, required owner/group is root:root)
Warning: Wrong owner/group on regular file: "/etc/ssh/ssh_host_dsa_key.pub"
(sshd public key - from configuration file, required owner/group is root:root)
Warning: Wrong owner/group on regular file: "/etc/ssh/ssh_host_key" (sshd
private key - from configuration file, required owner/group is root:root)
Warning: Wrong owner/group on regular file: "/etc/ssh/ssh_host_key.pub"
(sshd public key - from configuration file, required owner/group is root:root)
Warning: Wrong owner/group on regular file: "/etc/ssh/ssh_host_rsa_key"
(sshd private key - from configuration file, required owner/group is root:root)
Warning: Wrong owner/group on regular file: "/etc/ssh/ssh_host_rsa_key.pub"
(sshd public key - from configuration file, required owner/group is root:root)
openssh: ERROR
aliases ->
Warning: Alias 'cd..' contains command 'cd', which was not found
Warning: Alias 'p' contains command 'cd', which was not found
Warning: Alias 's' contains command 'cd', which was not found
aliases: WARNING
now some of these errors do say what is wrong in a way that syas how to fix -
expected uid etc. but others say that a directory is world readable but not
what the proper perms should be, the error about the cd command not being
found, well i tested, and it works :)
i suspect that a lot of these errors come from keeping my /var partition which
has all my mail on it, but not all of them surely
i the former case should i do a reinstall formatting everything but /home or
is there a way to get msec to make the corrections it knows about?
bascule
--
"Ah. Philosophy," said Om.
(Small Gods)
More information about the Mageia-discuss
mailing list