Re: [Fed-Talk] Security Update Broke my ftp service (Very important)
Re: [Fed-Talk] Security Update Broke my ftp service (Very important)
- Subject: Re: [Fed-Talk] Security Update Broke my ftp service (Very important)
- From: Dave Schroeder <email@hidden>
- Date: Wed, 25 Apr 2007 18:48:24 -0500
Mike,
I'll be the first person in the "Apple's got a looong way to go in
some areas with Mac OS X Server" line. Not the least of which is this
dichotomy between wanting to be the server that you can run with a
GUI - except when you can't - type paradigm.
But as to the oddities of Mac OS X Server, and even changes between
versions of Mac OS X Server, Mac OS X Server really isn't different
in that respect from any other UNIX variant. OK, maybe a little more
different, but the larger point is that if you're administering Mac
OS X Server systems, you need to know these things, plain and simple.
I run Mac OS X Server in many environments over Linux for many
reasons that are probably similar to your own reasons. But, as Mac OS
X Server administrators, we must be knowledgeable about the things
that make Mac OS X Server different and the ways it functions
differently. But if you look across AIX, Solaris, Linux, etc., you're
going to see the same kinds of differences. And things like where
apache's default root web documents folder is are really not that
important...a quick look at the config files for apache, php, tomcat,
etc., and you can see how things are done. Are some things odd? Sure.
But that's one of the tradeoffs of what are presumably the benefits
to running Mac OS X Server, right?
- Dave
On Apr 25, 2007, at 6:36 PM, Michael Pike wrote:
I bet every MCSE on here took offense to that! :)
In Roy's defense, Apple has changed a lot of the standard items..
plist files being one of them. Normally all of this is handled out of
the /etc directory with various .conf files.
I had to search for the plist because it was not where a standard Unix
conf file would be.
The only reason I know what I do is because I came from Linux before
OS X... most Mac users are used to things just working.
If you want to be technical nothing in OS X is "standard" as compared
to it's Unix counter parts... "php.ini.default"???...
/Library/WebServer/Documents/ for Apache?
I love Apple don't get me wrong, but the mistake that was made with
this update should not have happened... it's plain to see they
modified the ftp daemon processes - they should have tested it (on
both platforms) before releasing it. Or maybe it was just an
oversight.
With that being said, I truly love OS X Server, more so than linux,
but, there is nothing in the world more powerful than a terminal
window, and to this day I still have to tweak settings in every OS X
server we set up from the terminal because the GUI utils don't work
right.
Mike
On 4/25/07, Dave Schroeder <email@hidden> wrote:
People who "aren't familiar" with how to navigate to a simple path on
a UNIX system, and edit a file, should not be running servers...
- Dave
On Apr 25, 2007, at 1:18 PM, Michael Pike wrote:
> Good ol' Macintouch! Anyhow, I wrote an installer / patcher that
> will fix this on OS X Server if anyone wants it. It will not
allow me
> to attach here, email off list if you need it. Click once, enter
> admin PW, reboot, fixed.
>
> A lot easier than navigating and finding the .plist file if you
aren't
> familar with where they are.
> mike
>
>
> On 4/25/07, Roy Mendelssohn <email@hidden> wrote:
>> Ok - I am dumb - how do I put that into a plist file. And why
hasn't
>> anyone from Apple responded. I have wasted 3 full days dealing
with
>> the fact that our ftp servers were toasted. The silence was
>> deafening. Would one of the Apple people on this list please have
>> the gumption to give an actual response.
>>
>> -Roy M.
>> On Apr 25, 2007, at 10:44 AM, Rich Trouton wrote:
>>
>> > It looks like Macintouch has the explanation for this in its
latest
>> > reader reports: http://www.macintouch.com/readerreports/
security/
>> > index.html#apr25
>> >
>> > See Guillaume Gete's entry.
>> >
>> > Thanks,
>> > Rich
>> >
>> > On Apr 24, 2007, at 12:09 PM, Roy Mendelssohn wrote:
>> >
>> >> The security update has broken most of my ftp services. A
system
>> >> that was working fine is now broken. It does not automatically
>> >> recognize where the new FTPRoot is, anonymous can nor download
>> from
>> >> directories where they use to be able to (permission
denied) and
>> >> when I change settings using the GUI, no new settings occur.
>> >>
>> >> Something has been severely broken in this change. Can someone
>> >> knowledgeable from Apple please give me a call. We provide
>> data to a
>> >> lot of people and this has broken ftp on 3 different servers
>> with 3
>> >> different configurations.
>> >>
>> >> Thanks,
>> >>
>> >> -Roy M,
>> >> **********************
>> >> "The contents of this message do not reflect any position of
>> the U.S.
>> >> Government or NOAA."
>> >> **********************
>> >> Roy Mendelssohn
>> >> Supervisory Operations Research Analyst
>> >> NOAA/NMFS
>> >> Environmental Research Division
>> >> Southwest Fisheries Science Center
>> >> 1352 Lighthouse Avenue
>> >> Pacific Grove, CA 93950-2097
>> >>
>> >> e-mail: email@hidden (Note new e-mail address)
>> >> voice: (831)-648-9029
>> >> fax: (831)-648-8440
>> >> www: http://www.pfeg.noaa.gov/
>> >>
>> >> "Old age and treachery will overcome youth and skill."
>> >>
>> >>
>> >>
>> >> _______________________________________________
>> >> Do not post admin requests to the list. They will be ignored.
>> >> Fed-talk mailing list (email@hidden)
>> >> Help/Unsubscribe/Update your Subscription:
>> >> 40mail.nih.gov
>> >>
>> >> This email sent to email@hidden
>> >>
>> >
>> > ---
>> >
>> > Rich Trouton (Contractor)
>> > LAN Support
>> > email@hidden
>> > -----------------------------------------------------------
>> > National Human Genome Research Institute
>> > National Institutes of Health — Bethesda, MD
>> >
>> > Office number:
>> > (240) 643-7816
>> >
>> > NHGRI LAN Support number:
>> > (301) 402-7408
>> >
>> > The best way to get in touch with me is through email.
>> >
>> >
>>
>> **********************
>> "The contents of this message do not reflect any position of
the U.S.
>> Government or NOAA."
>> **********************
>> Roy Mendelssohn
>> Supervisory Operations Research Analyst
>> NOAA/NMFS
>> Environmental Research Division
>> Southwest Fisheries Science Center
>> 1352 Lighthouse Avenue
>> Pacific Grove, CA 93950-2097
>>
>> e-mail: email@hidden (Note new e-mail address)
>> voice: (831)-648-9029
>> fax: (831)-648-8440
>> www: http://www.pfeg.noaa.gov/
>>
>> "Old age and treachery will overcome youth and skill."
>>
>>
>>
>> _______________________________________________
>> Do not post admin requests to the list. They will be ignored.
>> Fed-talk mailing list (email@hidden)
>> Help/Unsubscribe/Update your Subscription:
40gmail.com
>>
>> This email sent to email@hidden
>>
>
>
> --
> Michael Pike
> iChat/AIM: email@hidden
> Jabber / GoogleTalk: email@hidden
> Windows Live Messenger: email@hidden
> Yahoo Messenger: email@hidden
> _______________________________________________
> Do not post admin requests to the list. They will be ignored.
> Fed-talk mailing list (email@hidden)
> Help/Unsubscribe/Update your Subscription:
>
> This email sent to email@hidden
--
Michael Pike
iChat/AIM: email@hidden
Jabber / GoogleTalk: email@hidden
Windows Live Messenger: email@hidden
Yahoo Messenger: email@hidden
Attachment:
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden