Server information error?
-
I was also changing httpd settings and restarted it and php-fpm and I noticed that on the dashboard now under storage node disk usage it has no graph and says 0.00iB. Even if I set settings back to default and restart the web server (httpd/php-fpm) it still shows the same thing
-
Please try:
setenforce 0Refresh the page.
-
This post is deleted! -
@Tom-Elliott SELinux is already set to Permissive so it just gives warnings.
-
@Karrade said in Server information error?:
I was also changing httpd settings and restarted it and php-fpm
What exactly did you change?
Check the logs and post here (see my signature…).
-
@Sebastian-Roth I figured it out. I tried to lock down the web-server a bit, and I assumed FOG didn’t use anything like curl_exec since it’s not listed on the wiki anywhere but it does so things like disable_functions=curl_exec,curl_multi_exec caused it to not load any information from the server at all as far as stats go.
Hopefully whenever 2.0 is released it will go a ways towards letting us be more secure with our FOG deployments because FOG really is a godsend.
-
@Karrade said in Server information error?:
Hopefully whenever 2.0 is released it will go a ways towards letting us be more secure with our FOG deployments because FOG really is a godsend.
We’ll definitely work towards more security in FOG 2.0 but don’t see why CURL calls should be omitted altogether. Why do you think they are dangerous? Sure they can be if input is not validated. But there are many more function just the same.
Web GUI issue? Please check apache error (debian/ubuntu: /var/log/apache2/error.log, centos/fedora/rhel: /var/log/httpd/error_log) and php-fpm log (/var/log/php*-fpm.log)
Please support FOG if you like it: https://wiki.fogproject.org/wiki/index.php/Support_FOG
-
@Sebastian-Roth In particular, pdodb, mysql, ftp, etc… Can be FAR more damaging and dangerous especially if input is not validated.
What makes these curl calls “inherently dangerous?” What makes them insecure? How do you expect systems to cross-communicate with one another if the mechanisms available are not enabled in your environment?
-
Curl calls in themselves aren’t inherently insecure to my knowledge, they can be without validated input like you said. I just go with the practice of turning features off for securities sake rather than leaving it all on and running on default settings unless something we use needs to use it in which case I don’t mind turning it on unless there’s a huge security risk attached.
TL;DR I just try to keep my systems locked down until areas need to be enabled for programs, instead of leaving everything default.
