IIAB/Security: Difference between revisions
< IIAB
Jump to navigation
Jump to search
No edit summary |
No edit summary |
||
Line 3: | Line 3: | ||
* The following applies to CentOS-based XSCE school servers, towards downloading and automatically installing recent security patches & updates, that is if you have a reasonably fast connection, and are willing to take risks with certain packages breaking. |
* The following applies to CentOS-based XSCE school servers, towards downloading and automatically installing recent security patches & updates, that is if you have a reasonably fast connection, and are willing to take risks with certain packages breaking. |
||
* run [http://www.cyberciti.biz/faq/redhat-fedora-centos-linux-yum-installs-security-updates/ "yum -y update --security"] if |
* run [http://www.cyberciti.biz/faq/redhat-fedora-centos-linux-yum-installs-security-updates/ "yum -y update --security"] if your system already has yum-security installed, typically via [([https://access.redhat.com/solutions/10021 background]) "yum install yum-security"]. In the past we ran "yum -y update" but that installs far too many untested and diverse updates/upgrades across the board, adding features not directly related to security. |
||
* if you notice Wikipedia-like item are no longer accessible from http://schoolserver.lan, try running the following as root: |
* if you notice Wikipedia-like item are no longer accessible from http://schoolserver.lan, try running the following as root: |
Revision as of 23:55, 9 August 2015
Some security tips that will become more professional as time goes on:
- The following applies to CentOS-based XSCE school servers, towards downloading and automatically installing recent security patches & updates, that is if you have a reasonably fast connection, and are willing to take risks with certain packages breaking.
- run "yum -y update --security" if your system already has yum-security installed, typically via [(background) "yum install yum-security"]. In the past we ran "yum -y update" but that installs far too many untested and diverse updates/upgrades across the board, adding features not directly related to security.
- if you notice Wikipedia-like item are no longer accessible from http://schoolserver.lan, try running the following as root:
xsce-make-kiwix-lib systemctl restart kiwix-serve
- if ownCloud updates itself, users visiting http://schoolserver.lan/owncloud may face error message "You don't have permission to access /owncloud on this server." Fix guideline forthcoming.