[Mageia-discuss] erros after mageia1 install

bascule asura at theexcession.co.uk
Tue Dec 13 08:01:51 CET 2011


in my security checks after installing mageia1 (clean install on formatted / 
and /usr) i have the following report entries, i don't know how to interpret 
all of them or how to fix all of them, please help me! :)
:
group ->
    Warning: /etc/group: Line 30: Group nogroup has GID out of range
    group: WARNING

Error: /etc/passwd: Line 15: User vcsa has strange shell /sbin/nologin
    Error: /etc/passwd: Line 16: User sshd has strange shell /bin/true
    Error: /etc/passwd: Line 17: User messagebus has strange shell 
/sbin/nologin
    Error: /etc/passwd: Line 18: User avahi has strange shell /bin/false
    Error: /etc/passwd: Line 19: User avahi-autoipd has strange shell 
/bin/false
    Error: /etc/passwd: Line 20: User rpc has strange shell /sbin/nologin
    Error: /etc/passwd: Line 21: User rpm has strange shell /bin/false
    Error: /etc/passwd: Line 22: User rpcuser has strange shell /bin/false
    Error: /etc/passwd: Line 23: User polkituser has strange shell 
/sbin/nologin
    Error: /etc/passwd: Line 24: User haldaemon has strange shell 
/sbin/nologin
    Error: /etc/passwd: Line 25: User memcached has strange shell /bin/false
    Error: /etc/passwd: Line 28: User postfix has strange shell /bin/false
    Error: /etc/passwd: Line 30: User ntp has strange shell /bin/false
    Error: /etc/passwd: Line 31: User icecast has strange shell /bin/false
    passwd: ERROR

home_dirs ->
    Error: Home directory of user "avahi-autoipd" does not exist!
    Error: Home directory of user "rpm" is world-readable.
    Error: Home directory of user "rpm" is world-accessible.
    Error: Home directory of user "rpcuser" has wrong uid: 0. Expected uid is 
493.
    Warning: Home directory of user "rpcuser" has wrong gid: 0. Expected gid 
is 492.
    Error: Home directory of user "rpcuser" is world-readable.
    Error: Home directory of user "rpcuser" is world-accessible.
    Error: Home directory of user "memcached" has wrong uid: 0. Expected uid 
is 490.
    Warning: Home directory of user "memcached" has wrong gid: 0. Expected gid 
is 488.
    Error: Home directory of user "memcached" is world-writable.
    Error: Home directory of user "memcached" is world-readable.
    Warning: Home directory of user "memcached" is group-writable.
    Error: Home directory of user "apache" is world-readable.
    Error: Home directory of user "apache" is world-accessible.
    Error: Home directory of user "postfix" has wrong uid: 0. Expected uid is 
487.
    Warning: Home directory of user "postfix" has wrong gid: 0. Expected gid is 
487.
    Error: Home directory of user "postfix" is world-readable.
    Error: Home directory of user "postfix" is world-accessible.
    Warning: Home directory of user "bascule" is world-accessible.
    Error: Home directory of user "icecast" has wrong uid: 0. Expected uid is 
485.
    Warning: Home directory of user "icecast" has wrong gid: 0. Expected gid 
is 485.
    Error: Home directory of user "icecast" is world-readable.
    Error: Home directory of user "icecast" is world-accessible.
    home_dirs: ERROR

filesystem ->
    Warning: Symbolic link "/sbin/mount.smb" points to a non-existent file 
"/etc/alternatives/mount.smb".
    Warning: Symbolic link "/sbin/mount.smbfs" points to a non-existent file 
"/etc/alternatives/mount.smbfs".
    Warning: Symbolic link "/var/lib/menu-xdg/menus/applications-merged" 
points to a non-existent file "applications-mdk-merged".
    Warning: Symbolic link "/var/lib/hsqldb/lib/hsqldb.jar" points to a non-
existent file "../../../../usr/share/java/hsqldb.jar".
    Warning: Symbolic link "/var/lib/hsqldb/lib/servlet.jar" points to a non-
existent file "../../../../usr/share/java/servlet.jar".
    Warning: Symbolic link "/var/spool/postfix/lib/libnss_nisplus.so.2" points 
to a non-existent file "/lib/libnss_nisplus-2.4.so".
    Warning: Directory "/var/spool/spamassassin" is world writable but the 
sticky bit is not set.
    Warning: File "/var/spool/spamassassin/auto-whitelist.db" is world 
writable.
    Warning: File "/var/spool/spamassassin/auto-whitelist" is world writable.
    Warning: File "/var/www/squirrelmail/plugins/chg_sasl_passwd/Readme" is 
executable and group writable.
    Warning: File "/var/www/squirrelmail/plugins/chg_sasl_passwd/setup.php" is 
executable and group writable.
    Warning: File "/var/www/squirrelmail/plugins/chg_sasl_passwd/options.php" 
is executable and group writable.
    Warning: Symbolic link "/lib/systemd/system/ctrl-alt-del.target" points to 
a non-existent file "reboot.target".
    Warning: Symbolic link "/lib/systemd/system/default.target" points to a 
non-existent file "multi-user.target".
    Error: File "/usr/bin/batch" is SUID script.
    Error: File "/usr/sbin/fileshareset" is SUID script.
    Warning: Symbolic link "/usr/lib/xulrunner-7.0.1/dictionaries" points to a 
non-existent file "../../../usr/share/dict/mozilla".
    Warning: Symbolic link "/usr/lib/tk8.6/tkConfig.sh" points to a non-
existent file "../../../usr/lib/tkConfig.sh".
    Warning: Symbolic link "/usr/lib/tcl8.6/tclConfig.sh" points to a non-
existent file "../../../usr/lib/tclConfig.sh".
    Warning: Symbolic link "/usr/lib/samba/nss_info/sfu.so" points to a non-
existent file "../idmap/ad.so".
    Warning: Symbolic link "/usr/lib/samba/nss_info/rfc2307.so" points to a 
non-existent file "../idmap/ad.so".
    Warning: Symbolic link "/usr/lib/samba/nss_info/sfu20.so" points to a non-
existent file "../idmap/ad.so".
    filesystem: ERROR

path ->
    Error: File /usr/bin/atq, which is placed in PATH directory /usr/bin, is 
owned by someone else than by root!
    Warning: Path variable contains directory /usr/X11R6/bin, which doesn't 
exist or is not an directory.
    path: ERROR

firewall ->
    Error: No firewall rules in IPv4 INPUT chain and policy is set to ACCEPT.
    firewall: ERROR

netserv ->
    Warning: Test netserv has missing dependencies: yum
    netserv: INVALID

openssh ->
    Warning: Wrong permissions on regular file "/etc/ssh/sshd_config": 640 (sshd 
configuration file, required permissions are 600)
    Error: Missing file or directory: "/var/empty/sshd" (directory used by sshd 
during privilege separation in the pre-authentication phase)
    Warning: Wrong owner/group on regular file: "/etc/ssh/ssh_host_dsa_key" 
(sshd private key - from configuration file, required owner/group is root:root)
    Warning: Wrong owner/group on regular file: "/etc/ssh/ssh_host_dsa_key.pub" 
(sshd public key - from configuration file, required owner/group is root:root)
    Warning: Wrong owner/group on regular file: "/etc/ssh/ssh_host_key" (sshd 
private key - from configuration file, required owner/group is root:root)
    Warning: Wrong owner/group on regular file: "/etc/ssh/ssh_host_key.pub" 
(sshd public key - from configuration file, required owner/group is root:root)
    Warning: Wrong owner/group on regular file: "/etc/ssh/ssh_host_rsa_key" 
(sshd private key - from configuration file, required owner/group is root:root)
    Warning: Wrong owner/group on regular file: "/etc/ssh/ssh_host_rsa_key.pub" 
(sshd public key - from configuration file, required owner/group is root:root)
    openssh: ERROR

aliases ->
    Warning: Alias 'cd..' contains command 'cd', which was not found
    Warning: Alias 'p' contains command 'cd', which was not found
    Warning: Alias 's' contains command 'cd', which was not found
    aliases: WARNING

now some of these errors do say what is wrong in a way that syas how to fix - 
expected uid etc. but others say that a directory is world readable but not 
what the proper perms should be, the error about the cd command not being 
found, well i tested, and it works :)
i suspect that a lot of these errors come from keeping my /var partition which 
has all my mail on it, but not all of them surely
i the former case should i do a reinstall formatting everything but /home or 
is there a way to get msec to make the corrections it knows about?

bascule
-- 
"Ah. Philosophy," said Om.
(Small Gods)


More information about the Mageia-discuss mailing list