ELS - Easy Linux Security script

[jdlitson]

Hi,
I installed ELS on a test VPS CentOS 5.
I Have found that the wheel user option is not working correctly.
The user name I chose was not written to the /etc/ssh/sshd_conf file. After I added the user manually; I was able to login.

Thanks,
Jason

 

[hehachris]

i get this when trying to secure /tmp, etc

Modifying /etc/fstab...
Done.
Remounting /dev/shm...
[mntent]: line 2 in /etc/fstab is bad
[mntent]: line 3 in /etc/fstab is bad
[mntent]: line 5 in /etc/fstab is bad
[mntent]: line 6 in /etc/fstab is bad
[mntent]: line 7 in /etc/fstab is bad; rest of file ignored
mount: can't find /dev/shm in /etc/fstab or /etc/mtab
Done.
You should check '/etc/fstab' before you reboot your system!!!

 

[nobaloney]

fstab controls how files will be mounted at boot time. If I were you I'd be very careful before you ever reboot your system, or you could break it badly.

You may want to have a server administrator analyze the problem.

Jeff

 

[donkeyKICK]

I am having trouble update apf:

APF is out of date.  Installed: 9.6 Latest: 0.9.6-5
ELS can now update APF.
Proceed? (y/n): y
Downloading APF...
Download Successful!
MD5 matches.
Extracting...
Extraction Successful!
Installing...
cp: cannot stat `/etc/apf.bk.last/vnet/*.rules': No such file or directory
APF Install Completed Successfully!

Any suggestions?

 

[tenny]

it seems a good script,

i will study it later.


thank you

 

[LolliS]

Hi, the settings of web4host for the module mod_security2 make it difficult to use vBulletin 3.8.x, especially for cookies vb_collapse that contain strings like: forumbit_12%0Aforumbit_38.

Solutions?

 

[Akarawat]

els -apf Not work .

try to install apf manualy.

 

[wanos]

Out of Date ?

I just used the script & it worked ok for most things until I got this

APF is out of date.  Installed: 9.7 Latest: 0.9.6-5
ELS can now update APF.
Proceed? (y/n): n
Not installing APF

BFD is out of date.  Installed: 1.3 Latest: 1.2
ELS can now update BFD.

So it appears that my version is more up to date.
Just thought I'd let you know.

Also, as I use Debian lenny it appears that stopping root login failed for me. Not a big issue just thought I'd let you know

Thanks for a great script

 

[@how@]

apf and bfd work fine with my test server.

Wael

 

[tenny]

does anyone use this for production servers?

i want to use it with csf for da on centos,

is it ok?


thank you

 

[Heuveltje]

How to upgrade RKHUNTER to 1.3.6? Now i have 1.3.4 installed.
if i do: els --rkhunter it only updates its datafiles or something, the daily email says 1.3.4 installed, 1.3.6 avail.

Thanks

 

[nobaloney]

remove the old files and install RKHunter again using the newest version.

Jeff

 

[jonn]

smtalk i used els to install imagemagick on a centos 64 bit box why doesnt it appear in phpinfo as installed it does on the old 32bit box. Its in the box under /usr/lib/ folder.Is that right?

 

[MtK]

hey,
if for some reason I have:

#skip-innodb

(i.e to support magento installations, which require innoDB)

the MySQL optimization process will overwrite this configuration and magento sites will stop functioning, cause the MySQL tables will be unreadable, and unrepairable.

the error would fit to this: http://forums.mysql.com/read.php?22,104693,106235#msg-106235

 

[Nice]

Problem

Just do:

# els --all

And it will ask you what do you want to install/update or optimize/secure

Thanks,but I have a problem :

[root@ns1 ~]# els --all

Admin (your) E-Mail Address (this should NOT be on this server):
*****@gmail.com
You entered: *****@gmail.com
Ensure this is correct.
Proceed? (y/n): y
Using *****@gmail.com.

yum configuration already modified by ELS.

SELinux already disabled.

/etc/sysctl.conf exists.
sysctl is used to harden the kernel. If you have not hardened your
kernel with sysctl or do not know how to, it is recommended to have
ELS do it for you. Your current /etc/sysctl.conf will be backed up to
/usr/local/els/bakfiles/sysctl.conf.
Proceed? (y/n): y
Download Failed.
Invalid MD5.
Aborting.

 

[@how@]

Thanks,but I have a problem :

try again, i fix this problem.

Wael

 

[Suurbier]

u should update els for mysql5 config.

 

[framon]

I get with ZendOptimizer the same error message

ELS can now install Zend Optimizer.
Proceed? (y/n): y
Downloading Zend Optimizer...
/usr/bin/md5sum: ZendOptimizer-3.3.3-linux-glibc21-i386.tar.gz: No such file or directory
Download Failed.
Invalid MD5.
Aborting.

Got same exact problem, this MD5 error seems to be common, but I dont find any explanation of the problem

 

[nobaloney]

An MD5 error is returned becaquse the md5sum program can't verify the file since it doesn't exist.

Jeff

 

[sky]

Hello

The line

skip-innodb

should not be in my.cnf if you use roundcube.

innodb is required for running roundcube.

Took me a while to get this problem solved on a new installed server ^^