[389-users] Re: Limiting access to same ou
On 12/2/18 7:45 PM, Alistair Cunningham wrote: This is all done and working. In the end, the changes I needed were: dn: cn=config changetype: modify replace: nsslapd-allow-anonymous-access nsslapd-allow-anonymous-access: rootdse dn: dc=example,dc=com changetype: modify delete: aci aci: (targetattr!="userPassword || aci")(version 3.0; acl "Enable anonymous access"; allow (read, search, compare) userdn="ldap:///anyone;;) dn: dc=example,dc=com changetype: modify add: aci aci: (target="ldap:///($dn),dc=example,dc=com")(targetattr!="userPassword || aci")(version 3.0;acl "aci";allow (read,search) userdn="ldap:///cn=*,[$dn],dc=example,dc=com;;) This page was also useful: https://access.redhat.com/documentation/en-us/red_hat_directory_server/9.0/html/administration_guide/managing_access_control-advanced_access_control_using_macro_acis Many thanks to Olivier Judith, Mark Raynolds, and Ludwig Krispenz for their help! Glad you got working, and glad Ludwig mentioned macro aci's (these are often overlooked)! Best Regards, Mark ___ 389-users mailing list -- 389-users@lists.fedoraproject.org To unsubscribe send an email to 389-users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/389-users@lists.fedoraproject.org
Re: e-mail security.
Sam asked: > How did you determine that this is the destination URL > That's what you see, in the HTML-formatted E-mail? I already knew about the "trick" that Ed Greshko suggests before he posted his suggestion. (But thank-you, Ed, for trying to help.) That's how I determined the destination URL. ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
[389-users] Re: Limiting access to same ou
This is all done and working. In the end, the changes I needed were: dn: cn=config changetype: modify replace: nsslapd-allow-anonymous-access nsslapd-allow-anonymous-access: rootdse dn: dc=example,dc=com changetype: modify delete: aci aci: (targetattr!="userPassword || aci")(version 3.0; acl "Enable anonymous access"; allow (read, search, compare) userdn="ldap:///anyone;;) dn: dc=example,dc=com changetype: modify add: aci aci: (target="ldap:///($dn),dc=example,dc=com")(targetattr!="userPassword || aci")(version 3.0;acl "aci";allow (read,search) userdn="ldap:///cn=*,[$dn],dc=example,dc=com;;) This page was also useful: https://access.redhat.com/documentation/en-us/red_hat_directory_server/9.0/html/administration_guide/managing_access_control-advanced_access_control_using_macro_acis Many thanks to Olivier Judith, Mark Raynolds, and Ludwig Krispenz for their help! -- Alistair Cunningham +1 888 468 3111 +44 20 799 39 799 https://enswitch.com/ ___ 389-users mailing list -- 389-users@lists.fedoraproject.org To unsubscribe send an email to 389-users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/389-users@lists.fedoraproject.org
Re: e-mail security.
On Sun, 2018-12-02 at 12:59 -0500, Howard Howell wrote: > On Sun, 2018-12-02 at 09:59 +, Patrick O'Callaghan wrote: > > On Sun, 2018-12-02 at 11:05 +0800, Ed Greshko wrote: > > > On 12/2/18 10:46 AM, Sam Varshavchik wrote: > > > > I'll be happy to send you an HTML message with a link whose > > > > destination URL seems to be > > > > https://www.whitehouse.gov, but once clicked you'll wind up on > > > > https://pornhub.com > > > > > > FWIW, with T-Bird it is easy to recognize this deception. To see > > > if what is displayed in > > > the message is different than where you will be sent you just need > > > to hover your cursor > > > over the link. The actual link will be displayed in the lower left > > > next to the "online" > > > indicator. > > > > AFAIK most MUAs do that (at least those I've seen), as well as most > > browsers. > > > > poc > > ___ > > users mailing list -- users@lists.fedoraproject.org > > To unsubscribe send an email to users-le...@lists.fedoraproject.org > > Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html > > List Guidelines: > > https://fedoraproject.org/wiki/Mailing_list_guidelines > > List Archives: > > > I'm still using evolution in F28 and it doesn't do that. If I am > interested, I copy the link location and paste it into a new email. > Generally I'm not interested, so it is not too troubling. but it would > be nice if the hover function worked in evolution too. > I'm now on F29 (Evolution 3.20.3) and it definitely does do that. AFAIK it has done so for the last several years, but of course I can't be sure without rolling it back. poc ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Re: e-mail security.
On Sun, 2018-12-02 at 09:59 +, Patrick O'Callaghan wrote: > On Sun, 2018-12-02 at 11:05 +0800, Ed Greshko wrote: > > On 12/2/18 10:46 AM, Sam Varshavchik wrote: > > > I'll be happy to send you an HTML message with a link whose > > > destination URL seems to be > > > https://www.whitehouse.gov, but once clicked you'll wind up on > > > https://pornhub.com > > > > FWIW, with T-Bird it is easy to recognize this deception. To see > > if what is displayed in > > the message is different than where you will be sent you just need > > to hover your cursor > > over the link. The actual link will be displayed in the lower left > > next to the "online" > > indicator. > > AFAIK most MUAs do that (at least those I've seen), as well as most > browsers. > > poc > ___ > users mailing list -- users@lists.fedoraproject.org > To unsubscribe send an email to users-le...@lists.fedoraproject.org > Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html > List Guidelines: > https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: > I'm still using evolution in F28 and it doesn't do that. If I am interested, I copy the link location and paste it into a new email. Generally I'm not interested, so it is not too troubling. but it would be nice if the hover function worked in evolution too. Les ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Re: Scanning problem with HP4620.
On Sun, 2018-12-02 at 17:12 +0100, Ger van Dijck wrote: > Hi all, > > > After an update to Fedora29 I can print but not scan anymore with a HP > officejet 4620 in WLAN. > > When running HP-check I get two messages : cups required incompat : cups > may nt be installed or running . > cups is installed and running. > > python3-notify2 needs to be > installed : Question where can I "find it" > > Has anyone the same experience ? Obvious question: have you installed the hplip package? poc ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Scanning problem with HP4620.
Hi all, After an update to Fedora29 I can print but not scan anymore with a HP officejet 4620 in WLAN. When running HP-check I get two messages : cups required incompat : cups may nt be installed or running . cups is installed and running. python3-notify2 needs to be installed : Question where can I "find it" Has anyone the same experience ? Regards, Ger van Dijck. -- Using Opera's mail client: http://www.opera.com/mail/ ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Re: e-mail security.
On Sat, 2018-12-01 at 20:45 +, finn via users wrote: > > and make sure there is a green lock on your browser address bar. Have a look at: https://krebsonsecurity.com/2018/11/half-of-all-phishing-sites-now-have-the-padlock/ AV ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Re: e-mail security. [SOLVED]
Sorry for the top post, but my phone seems to insist on it using K9 mail. Anyway, I keep an old smartphone that I no longer use -- I have moved my SIM card to my current phone. It can still connect to WiFi, though. I use it to try out dodgy links. I figure there's little loss if it gets screwed up. At worst, I'll circular file a $10 phone. Of course there's the issue of the "reset your password" scam. My firm rule is to never enter or change a password following a link I didn't initiate. Another intriguing attempt at isolation is QubesOS, which puts windows in different virtual mavhines. There is thus a default "untrusted" domain that is isolated from other windows. It was too slow for me using my older hardware. You really need an SSD, it seems. But the idea is appealing. On December 2, 2018 12:44:26 AM EST, finn via users wrote: > >> finn: I used Tor in this case. But in retrospect, one thing I was >> concerned about was the site downloading something malicious without >me >> knowing it. Would Tor have protected me against that? > >yep, Tor browser is harden enough to protect you from these kind of >attack and provide better anonymity unless and untill you don't do any >stupidity. If possible always prefer to use Tor Browser. >___ >users mailing list -- users@lists.fedoraproject.org >To unsubscribe send an email to users-le...@lists.fedoraproject.org >Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html >List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines >List Archives: >https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org -- Sent from my Android device with K-9 Mail. Please excuse my brevity.___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Re: e-mail security.
On Sat, 1 Dec 2018 at 17:18, Samuel Sieb wrote: > On 12/1/18 12:51 PM, home user via users wrote: > > Ryan, > [...] > > I'm using Thunderbird on Fedora-28; there is no "anti-virus" available. > > Is this safe? > > I've never found "anti-virus" to have any use on a Linux system other > than a way to use up CPU time. I've personally never used it or > installed it on any systems I have setup for other people and there have > never been any issues in the more than 20 years I've been doing this. > People that I know have tried using it have generally disabled it > because it's annoying and a CPU hog. It has the same effect on Windows > systems, but there it appears to be useful. > The main reason for running AV on linux is to protect Windows systems that exchange files with the linux box. I'm retired, but at my former work many users have mail accounts on linux systems, but Windows is the "corporate standard", so emails or email attachments get moved back and forth. We also used macOS, which had clamav with Apple's customized patterns. In one case, a user with a macbook was in a high level meeting with military brass, etc. and documents were being exchanged via a USB key. ClamAV found a trojan "copy.exe" on the USB key that was not detected by any of the Windows laptops (presumably running current high-end AV software). Over the years, clamav has found many Windows malware instances in email archives or Word documents. These would have passed Windows AV scans when the messages were delivered. Most clamav hits, but not all, were detected by current Windows AV tools. I suppose suspect mails should be quarantined a few months to let AV software catch up. Even with AV software there were several large-scale Windows infestations at my former work. AV software has been a huge PITA on Windows, but with faster processors and better algorithms it is much less intrusive these days. -- George N. White III ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Re: night light mode
Hello, On Sun, 02 Dec 2018 08:09:49 + Ron Yorston wrote: > Alessio Ciregia wrote: > >I don't know, but I've noted that if geolocalization is disabled in privacy > >settings, automatic (sunset to sunrise) night light doesn't work. And it > >sounds like a bug, or at least I don't remember such behavior on F28 > > There have been interactions between night light and geolocation > since it was introduced. Because sunrise/sunset times depend on > location it's sort of inevitable. > > To have night light use sunrise/sunset when geolocation is disabled you > can configure it by hand: > >gsettings set org.gnome.settings-daemon.plugins.color > night-light-last-coordinates '(40.0, 10.0)' >gsettings set org.gnome.settings-daemon.plugins.color night-light-enabled > true >gsettings set org.gnome.settings-daemon.plugins.color > night-light-schedule-automatic true > > The coordinates are decimal latitude/longitude. The third setting is > just for completeness, it's on by default. Inevitable but no need to be faulty. If geoloc is disabled, software should propose to set the location manually (possibly from a GUI), at least that's how it works quite everywhere else since mobile era and gps-equipped devices. Regards, -- wwp pgpKRjcy9YQ12.pgp Description: OpenPGP digital signature ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Re: e-mail security.
On Sun, 2018-12-02 at 11:05 +0800, Ed Greshko wrote: > On 12/2/18 10:46 AM, Sam Varshavchik wrote: > > I'll be happy to send you an HTML message with a link whose destination URL > > seems to be > > https://www.whitehouse.gov, but once clicked you'll wind up on > > https://pornhub.com > > FWIW, with T-Bird it is easy to recognize this deception. To see if what is > displayed in > the message is different than where you will be sent you just need to hover > your cursor > over the link. The actual link will be displayed in the lower left next to > the "online" > indicator. AFAIK most MUAs do that (at least those I've seen), as well as most browsers. poc ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Re: night light mode
Alessio Ciregia wrote: >I don't know, but I've noted that if geolocalization is disabled in privacy >settings, automatic (sunset to sunrise) night light doesn't work. And it >sounds like a bug, or at least I don't remember such behavior on F28 There have been interactions between night light and geolocation since it was introduced. Because sunrise/sunset times depend on location it's sort of inevitable. To have night light use sunrise/sunset when geolocation is disabled you can configure it by hand: gsettings set org.gnome.settings-daemon.plugins.color night-light-last-coordinates '(40.0, 10.0)' gsettings set org.gnome.settings-daemon.plugins.color night-light-enabled true gsettings set org.gnome.settings-daemon.plugins.color night-light-schedule-automatic true The coordinates are decimal latitude/longitude. The third setting is just for completeness, it's on by default. Ron ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org