IIAB/Security: Difference between revisions

From OLPC
Jump to navigation Jump to search
No edit summary
No edit summary
Line 3: Line 3:
* The following applies to CentOS-based XSCE school servers, towards downloading and automatically installing recent security patches & updates, that is if you have a reasonably fast connection, and are willing to take risks with certain packages breaking.
* The following applies to CentOS-based XSCE school servers, towards downloading and automatically installing recent security patches & updates, that is if you have a reasonably fast connection, and are willing to take risks with certain packages breaking.


* run [http://www.cyberciti.biz/faq/redhat-fedora-centos-linux-yum-installs-security-updates/ "yum -y update --security"] if you system already has yum-security installed, typically via "yum install yum-security". In the past we ran "yum -y update" but that installs far too many untested and diverse updates/upgrades across the board, adding features not directly related to security.
* run [http://www.cyberciti.biz/faq/redhat-fedora-centos-linux-yum-installs-security-updates/ "yum -y update --security"] if your system already has yum-security installed, typically via [([https://access.redhat.com/solutions/10021 background]) "yum install yum-security"]. In the past we ran "yum -y update" but that installs far too many untested and diverse updates/upgrades across the board, adding features not directly related to security.


* if you notice Wikipedia-like item are no longer accessible from http://schoolserver.lan, try running the following as root:
* if you notice Wikipedia-like item are no longer accessible from http://schoolserver.lan, try running the following as root:

Revision as of 23:55, 9 August 2015

Some security tips that will become more professional as time goes on:

  • The following applies to CentOS-based XSCE school servers, towards downloading and automatically installing recent security patches & updates, that is if you have a reasonably fast connection, and are willing to take risks with certain packages breaking.
  • run "yum -y update --security" if your system already has yum-security installed, typically via [(background) "yum install yum-security"]. In the past we ran "yum -y update" but that installs far too many untested and diverse updates/upgrades across the board, adding features not directly related to security.
  • if you notice Wikipedia-like item are no longer accessible from http://schoolserver.lan, try running the following as root:
 xsce-make-kiwix-lib
 systemctl restart kiwix-serve
  • if ownCloud updates itself, users visiting http://schoolserver.lan/owncloud may face error message "You don't have permission to access /owncloud on this server." Fix guideline forthcoming.