22Hz

SELinux status: enabled

SELinuxfs mount: /selinux

Current mode: enforcing /* configuration in memory */

Mode from config file: enforcing /* configuration for /etc/sysconfig/selinux */

Policy version: 24

Policy from config file: targeted

Enforcing

usage: setenforce [ Enforcing | Permissive | 1 | 0 ]

SELinux status: enabled

SELinuxfs mount: /selinux

Current mode: permissive

Mode from config file: enforcing

Policy version: 24

Policy from config file: targeted

Permissive

SELinux status: enabled

SELinuxfs mount: /selinux

Current mode: enforcing

Mode from config file: enforcing

Policy version: 24

Policy from config file: targeted

Enforcing

Loaded plugins: fastestmirror, refresh-packagekit, security

Loading mirror speeds from cached hostfile

* base: ftp.daum.net

* extras: ftp.daum.net

* updates: ftp.daum.net

base | 3.7 kB 00:00

extras | 3.3 kB 00:00

updates | 3.4 kB 00:00

updates/primary_db | 5.4 MB 00:01

Setting up Install Process

Resolving Dependencies

--> Running transaction check

---> Package libselinux.x86_64 0:2.0.94-5.3.el6 will be updated

---> Package libselinux.x86_64 0:2.0.94-5.3.el6_4.1 will be an update

---> Package libselinux-python.x86_64 0:2.0.94-5.3.el6 will be updated

---> Package libselinux-python.x86_64 0:2.0.94-5.3.el6_4.1 will be an update

---> Package libselinux-utils.x86_64 0:2.0.94-5.3.el6 will be updated

---> Package libselinux-utils.x86_64 0:2.0.94-5.3.el6_4.1 will be an update

---> Package policycoreutils.x86_64 0:2.0.83-19.30.el6 will be updated

---> Package policycoreutils.x86_64 0:2.0.83-19.39.el6 will be an update

---> Package selinux-policy.noarch 0:3.7.19-195.el6 will be updated

---> Package selinux-policy.noarch 0:3.7.19-231.el6_5.3 will be an update

---> Package selinux-policy-targeted.noarch 0:3.7.19-195.el6 will be updated

---> Package selinux-policy-targeted.noarch 0:3.7.19-231.el6_5.3 will be an update

--> Finished Dependency Resolution

Dependencies Resolved

=============================================================================================================================

Package Arch Version Repository Size

=============================================================================================================================

Updating:

libselinux x86_64 2.0.94-5.3.el6_4.1 base 108 k

libselinux-python x86_64 2.0.94-5.3.el6_4.1 base 202 k

libselinux-utils x86_64 2.0.94-5.3.el6_4.1 base 81 k

policycoreutils x86_64 2.0.83-19.39.el6 base 648 k

selinux-policy noarch 3.7.19-231.el6_5.3 updates 825 k

selinux-policy-targeted noarch 3.7.19-231.el6_5.3 updates 2.8 M

Transaction Summary

=============================================================================================================================

Upgrade 6 Package(s)

Total download size: 4.6 M

Downloading Packages:

(1/6): libselinux-2.0.94-5.3.el6_4.1.x86_64.rpm | 108 kB 00:00

(2/6): libselinux-python-2.0.94-5.3.el6_4.1.x86_64.rpm | 202 kB 00:00

(3/6): libselinux-utils-2.0.94-5.3.el6_4.1.x86_64.rpm | 81 kB 00:00

(4/6): policycoreutils-2.0.83-19.39.el6.x86_64.rpm | 648 kB 00:00

(5/6): selinux-policy-3.7.19-231.el6_5.3.noarch.rpm | 825 kB 00:00

(6/6): selinux-policy-targeted-3.7.19-231.el6_5.3.noarch.rpm | 2.8 MB 00:01

-----------------------------------------------------------------------------------------------------------------------------

Total 1.9 MB/s | 4.6 MB 00:02

warning: rpmts_HdrFromFdno: Header V3 RSA/SHA1 Signature, key ID c105b9de: NOKEY

Retrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6

Importing GPG key 0xC105B9DE:

Userid : CentOS-6 Key (CentOS 6 Official Signing Key) <centos-6-key@centos.org>

Package: centos-release-6-4.el6.centos.10.x86_64 (@anaconda-CentOS-201303020151.x86_64/6.4)

From : /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6

Running rpm_check_debug

Running Transaction Test

Transaction Test Succeeded

Running Transaction

Updating : libselinux-2.0.94-5.3.el6_4.1.x86_64 1/12

Updating : libselinux-utils-2.0.94-5.3.el6_4.1.x86_64 2/12

Updating : policycoreutils-2.0.83-19.39.el6.x86_64 3/12

Updating : selinux-policy-3.7.19-231.el6_5.3.noarch 4/12

Updating : selinux-policy-targeted-3.7.19-231.el6_5.3.noarch 5/12

Updating : libselinux-python-2.0.94-5.3.el6_4.1.x86_64 6/12

Cleanup : selinux-policy-targeted-3.7.19-195.el6.noarch 7/12

Cleanup : selinux-policy-3.7.19-195.el6.noarch 8/12

Cleanup : policycoreutils-2.0.83-19.30.el6.x86_64 9/12

Cleanup : libselinux-utils-2.0.94-5.3.el6.x86_64 10/12

Cleanup : libselinux-python-2.0.94-5.3.el6.x86_64 11/12

Cleanup : libselinux-2.0.94-5.3.el6.x86_64 12/12

Verifying : libselinux-python-2.0.94-5.3.el6_4.1.x86_64 1/12

Verifying : selinux-policy-3.7.19-231.el6_5.3.noarch 2/12

Verifying : selinux-policy-targeted-3.7.19-231.el6_5.3.noarch 3/12

Verifying : libselinux-2.0.94-5.3.el6_4.1.x86_64 4/12

Verifying : libselinux-utils-2.0.94-5.3.el6_4.1.x86_64 5/12

Verifying : policycoreutils-2.0.83-19.39.el6.x86_64 6/12

Verifying : libselinux-python-2.0.94-5.3.el6.x86_64 7/12

Verifying : libselinux-utils-2.0.94-5.3.el6.x86_64 8/12

Verifying : selinux-policy-3.7.19-195.el6.noarch 9/12

Verifying : selinux-policy-targeted-3.7.19-195.el6.noarch 10/12

Verifying : policycoreutils-2.0.83-19.30.el6.x86_64 11/12

Verifying : libselinux-2.0.94-5.3.el6.x86_64 12/12

Updated:

libselinux.x86_64 0:2.0.94-5.3.el6_4.1 libselinux-python.x86_64 0:2.0.94-5.3.el6_4.1

libselinux-utils.x86_64 0:2.0.94-5.3.el6_4.1 policycoreutils.x86_64 0:2.0.83-19.39.el6

selinux-policy.noarch 0:3.7.19-231.el6_5.3 selinux-policy-targeted.noarch 0:3.7.19-231.el6_5.3

Complete!

Loaded plugins: fastestmirror, refresh-packagekit, security

Loading mirror speeds from cached hostfile

* base: ftp.daum.net

* extras: ftp.daum.net

* updates: ftp.daum.net

Setting up Install Process

No package policycoretuils-python available.

Resolving Dependencies

--> Running transaction check

---> Package mcstrans.x86_64 0:0.3.1-4.el6 will be installed

---> Package policycoreutils-gui.x86_64 0:2.0.83-19.39.el6 will be installed

--> Processing Dependency: policycoreutils-python = 2.0.83-19.39.el6 for package: policycoreutils-gui-2.0.83-19.39.el6.x86_64

--> Processing Dependency: gtkhtml2 for package: policycoreutils-gui-2.0.83-19.39.el6.x86_64

--> Processing Dependency: gnome-python2-gtkhtml2 for package: policycoreutils-gui-2.0.83-19.39.el6.x86_64

---> Package selinux-policy-mls.noarch 0:3.7.19-231.el6_5.3 will be installed

--> Processing Dependency: policycoreutils-newrole >= 2.0.78-1 for package: selinux-policy-mls-3.7.19-231.el6_5.3.noarch

---> Package setools-console.x86_64 0:3.3.7-4.el6 will be installed

--> Processing Dependency: setools-libs = 3.3.7-4.el6 for package: setools-console-3.3.7-4.el6.x86_64

--> Processing Dependency: libsefs.so.4(VERS_4.0)(64bit) for package: setools-console-3.3.7-4.el6.x86_64

--> Processing Dependency: libseaudit.so.4(VERS_4.1)(64bit) for package: setools-console-3.3.7-4.el6.x86_64

--> Processing Dependency: libqpol.so.1(VERS_1.5)(64bit) for package: setools-console-3.3.7-4.el6.x86_64

--> Processing Dependency: libqpol.so.1(VERS_1.2)(64bit) for package: setools-console-3.3.7-4.el6.x86_64

--> Processing Dependency: libpoldiff.so.1(VERS_1.3)(64bit) for package: setools-console-3.3.7-4.el6.x86_64

--> Processing Dependency: libpoldiff.so.1(VERS_1.2)(64bit) for package: setools-console-3.3.7-4.el6.x86_64

--> Processing Dependency: libapol.so.4(VERS_4.1)(64bit) for package: setools-console-3.3.7-4.el6.x86_64

--> Processing Dependency: libapol.so.4(VERS_4.0)(64bit) for package: setools-console-3.3.7-4.el6.x86_64

--> Processing Dependency: libsefs.so.4()(64bit) for package: setools-console-3.3.7-4.el6.x86_64

--> Processing Dependency: libseaudit.so.4()(64bit) for package: setools-console-3.3.7-4.el6.x86_64

--> Processing Dependency: libqpol.so.1()(64bit) for package: setools-console-3.3.7-4.el6.x86_64

--> Processing Dependency: libpoldiff.so.1()(64bit) for package: setools-console-3.3.7-4.el6.x86_64

--> Processing Dependency: libapol.so.4()(64bit) for package: setools-console-3.3.7-4.el6.x86_64

---> Package setools-gui.x86_64 0:3.3.7-4.el6 will be installed

--> Processing Dependency: setools-libs-tcl = 3.3.7-4.el6 for package: setools-gui-3.3.7-4.el6.x86_64

--> Processing Dependency: tk >= 8.4.9 for package: setools-gui-3.3.7-4.el6.x86_64

--> Processing Dependency: tcl >= 8.4.9 for package: setools-gui-3.3.7-4.el6.x86_64

--> Processing Dependency: bwidget >= 1.8 for package: setools-gui-3.3.7-4.el6.x86_64

---> Package setroubleshoot.x86_64 0:3.0.47-6.el6 will be installed

---> Package setroubleshoot-server.x86_64 0:3.0.47-6.el6 will be installed

--> Processing Dependency: setroubleshoot-plugins >= 3.0.14 for package: setroubleshoot-server-3.0.47-6.el6.x86_64

--> Processing Dependency: setools-libs-python >= 3.3.7-4 for package: setroubleshoot-server-3.0.47-6.el6.x86_64

--> Processing Dependency: audit-libs-python >= 1.2.6-3 for package: setroubleshoot-server-3.0.47-6.el6.x86_64

--> Processing Dependency: python-slip-dbus for package: setroubleshoot-server-3.0.47-6.el6.x86_64

--> Running transaction check

---> Package audit-libs-python.x86_64 0:2.2-4.el6_5 will be installed

--> Processing Dependency: audit-libs = 2.2-4.el6_5 for package: audit-libs-python-2.2-4.el6_5.x86_64

---> Package bwidget.noarch 0:1.8.0-5.1.el6 will be installed

---> Package gnome-python2-gtkhtml2.x86_64 0:2.25.3-20.el6 will be installed

---> Package gtkhtml2.x86_64 0:2.11.1-7.el6 will be installed

---> Package policycoreutils-newrole.x86_64 0:2.0.83-19.39.el6 will be installed

---> Package policycoreutils-python.x86_64 0:2.0.83-19.39.el6 will be installed

--> Processing Dependency: libsemanage-python >= 2.0.43-4 for package: policycoreutils-python-2.0.83-19.39.el6.x86_64

--> Processing Dependency: libcgroup for package: policycoreutils-python-2.0.83-19.39.el6.x86_64

---> Package python-slip-dbus.noarch 0:0.2.20-1.el6_2 will be installed

--> Processing Dependency: python-decorator for package: python-slip-dbus-0.2.20-1.el6_2.noarch

---> Package setools-libs.x86_64 0:3.3.7-4.el6 will be installed

---> Package setools-libs-python.x86_64 0:3.3.7-4.el6 will be installed

---> Package setools-libs-tcl.x86_64 0:3.3.7-4.el6 will be installed

---> Package setroubleshoot-plugins.noarch 0:3.0.40-2.el6 will be installed

---> Package tcl.x86_64 1:8.5.7-6.el6 will be installed

---> Package tk.x86_64 1:8.5.7-5.el6 will be installed

--> Running transaction check

---> Package audit-libs.x86_64 0:2.2-2.el6 will be updated

--> Processing Dependency: audit-libs = 2.2-2.el6 for package: audit-2.2-2.el6.x86_64

---> Package audit-libs.x86_64 0:2.2-4.el6_5 will be an update

---> Package libcgroup.x86_64 0:0.40.rc1-6.el6_5.1 will be installed

---> Package libsemanage-python.x86_64 0:2.0.43-4.2.el6 will be installed

---> Package python-decorator.noarch 0:3.0.1-3.1.el6 will be installed

--> Running transaction check

---> Package audit.x86_64 0:2.2-2.el6 will be updated

---> Package audit.x86_64 0:2.2-4.el6_5 will be an update

--> Finished Dependency Resolution

Dependencies Resolved

===================================================================================

Package Arch Version Repository Size

===================================================================================

Installing:

mcstrans x86_64 0.3.1-4.el6 base 85 k

policycoreutils-gui x86_64 2.0.83-19.39.el6 base 209 k

selinux-policy-mls noarch 3.7.19-231.el6_5.3 updates 2.3 M

setools-console x86_64 3.3.7-4.el6 base 328 k

setools-gui x86_64 3.3.7-4.el6 base 242 k

setroubleshoot x86_64 3.0.47-6.el6 base 118 k

setroubleshoot-server x86_64 3.0.47-6.el6 base 1.3 M

Installing for dependencies:

audit-libs-python x86_64 2.2-4.el6_5 updates 59 k

bwidget noarch 1.8.0-5.1.el6 base 166 k

gnome-python2-gtkhtml2 x86_64 2.25.3-20.el6 base 22 k

gtkhtml2 x86_64 2.11.1-7.el6 base 154 k

libcgroup x86_64 0.40.rc1-6.el6_5.1 updates 126 k

libsemanage-python x86_64 2.0.43-4.2.el6 base 81 k

policycoreutils-newrole x86_64 2.0.83-19.39.el6 base 112 k

policycoreutils-python x86_64 2.0.83-19.39.el6 base 343 k

python-decorator noarch 3.0.1-3.1.el6 base 14 k

python-slip-dbus noarch 0.2.20-1.el6_2 base 30 k

setools-libs x86_64 3.3.7-4.el6 base 400 k

setools-libs-python x86_64 3.3.7-4.el6 base 222 k

setools-libs-tcl x86_64 3.3.7-4.el6 base 197 k

setroubleshoot-plugins noarch 3.0.40-2.el6 base 506 k

tcl x86_64 1:8.5.7-6.el6 base 1.9 M

tk x86_64 1:8.5.7-5.el6 base 1.4 M

Updating for dependencies:

audit x86_64 2.2-4.el6_5 updates 225 k

audit-libs x86_64 2.2-4.el6_5 updates 60 k

Transaction Summary

===================================================================================

Install 23 Package(s)

Upgrade 2 Package(s)

Total download size: 11 M

Downloading Packages:

(1/25): audit-2.2-4.el6_5.x86_64.rpm | 225 kB 00:00

(2/25): audit-libs-2.2-4.el6_5.x86_64.rpm | 60 kB 00:00

(3/25): audit-libs-python-2.2-4.el6_5.x86_64.rpm | 59 kB 00:00

(4/25): bwidget-1.8.0-5.1.el6.noarch.rpm | 166 kB 00:00

(5/25): gnome-python2-gtkhtml2-2.25.3-20.el6.x86_64.rpm | 22 kB 00:00

(6/25): gtkhtml2-2.11.1-7.el6.x86_64.rpm | 154 kB 00:00

(7/25): libcgroup-0.40.rc1-6.el6_5.1.x86_64.rpm | 126 kB 00:00

(8/25): libsemanage-python-2.0.43-4.2.el6.x86_64.rpm | 81 kB 00:00

(9/25): mcstrans-0.3.1-4.el6.x86_64.rpm | 85 kB 00:00

(10/25): policycoreutils-gui-2.0.83-19.39.el6.x86_64.rpm | 209 kB 00:00

(11/25): policycoreutils-newrole-2.0.83-19.39.el6.x86_64.rp | 112 kB 00:00

(12/25): policycoreutils-python-2.0.83-19.39.el6.x86_64.rpm | 343 kB 00:00

(13/25): python-decorator-3.0.1-3.1.el6.noarch.rpm | 14 kB 00:00

(14/25): python-slip-dbus-0.2.20-1.el6_2.noarch.rpm | 30 kB 00:00

(15/25): selinux-policy-mls-3.7.19-231.el6_5.3.noarch.rpm | 2.3 MB 00:00

(16/25): setools-console-3.3.7-4.el6.x86_64.rpm | 328 kB 00:00

(17/25): setools-gui-3.3.7-4.el6.x86_64.rpm | 242 kB 00:00

(18/25): setools-libs-3.3.7-4.el6.x86_64.rpm | 400 kB 00:00

(19/25): setools-libs-python-3.3.7-4.el6.x86_64.rpm | 222 kB 00:00

(20/25): setools-libs-tcl-3.3.7-4.el6.x86_64.rpm | 197 kB 00:00

(21/25): setroubleshoot-3.0.47-6.el6.x86_64.rpm | 118 kB 00:00

(22/25): setroubleshoot-plugins-3.0.40-2.el6.noarch.rpm | 506 kB 00:00

(23/25): setroubleshoot-server-3.0.47-6.el6.x86_64.rpm | 1.3 MB 00:00

(24/25): tcl-8.5.7-6.el6.x86_64.rpm | 1.9 MB 00:00

(25/25): tk-8.5.7-5.el6.x86_64.rpm | 1.4 MB 00:00

-----------------------------------------------------------------------------------

Total 1.8 MB/s | 11 MB 00:05

Running rpm_check_debug

Running Transaction Test

Transaction Test Succeeded

Running Transaction

Updating : audit-libs-2.2-4.el6_5.x86_64 1/27

Installing : setools-libs-3.3.7-4.el6.x86_64 2/27

Installing : 1:tcl-8.5.7-6.el6.x86_64 3/27

Installing : 1:tk-8.5.7-5.el6.x86_64 4/27

Installing : setools-libs-python-3.3.7-4.el6.x86_64 5/27

Installing : audit-libs-python-2.2-4.el6_5.x86_64 6/27

Installing : gtkhtml2-2.11.1-7.el6.x86_64 7/27

Installing : gnome-python2-gtkhtml2-2.25.3-20.el6.x86_64 8/27

Installing : bwidget-1.8.0-5.1.el6.noarch 9/27

Installing : setools-libs-tcl-3.3.7-4.el6.x86_64 10/27

Installing : setools-console-3.3.7-4.el6.x86_64 11/27

Updating : audit-2.2-4.el6_5.x86_64 12/27

Installing : policycoreutils-newrole-2.0.83-19.39.el6.x86_64 13/27

Installing : python-decorator-3.0.1-3.1.el6.noarch 14/27

Installing : python-slip-dbus-0.2.20-1.el6_2.noarch 15/27

Installing : libsemanage-python-2.0.43-4.2.el6.x86_64 16/27

Installing : mcstrans-0.3.1-4.el6.x86_64 17/27

Installing : libcgroup-0.40.rc1-6.el6_5.1.x86_64 18/27

Installing : policycoreutils-python-2.0.83-19.39.el6.x86_64 19/27

Installing : setroubleshoot-plugins-3.0.40-2.el6.noarch 20/27

Installing : setroubleshoot-server-3.0.47-6.el6.x86_64 21/27

Installing : setroubleshoot-3.0.47-6.el6.x86_64 22/27

Installing : policycoreutils-gui-2.0.83-19.39.el6.x86_64 23/27

Installing : selinux-policy-mls-3.7.19-231.el6_5.3.noarch 24/27

Installing : setools-gui-3.3.7-4.el6.x86_64 25/27

Cleanup : audit-2.2-2.el6.x86_64 26/27

Cleanup : audit-libs-2.2-2.el6.x86_64 27/27

Verifying : setroubleshoot-server-3.0.47-6.el6.x86_64 1/27

Verifying : setools-console-3.3.7-4.el6.x86_64 2/27

Verifying : setools-libs-python-3.3.7-4.el6.x86_64 3/27

Verifying : 1:tcl-8.5.7-6.el6.x86_64 4/27

Verifying : libcgroup-0.40.rc1-6.el6_5.1.x86_64 5/27

Verifying : setools-libs-3.3.7-4.el6.x86_64 6/27

Verifying : python-slip-dbus-0.2.20-1.el6_2.noarch 7/27

Verifying : policycoreutils-gui-2.0.83-19.39.el6.x86_64 8/27

Verifying : audit-libs-python-2.2-4.el6_5.x86_64 9/27

Verifying : setroubleshoot-3.0.47-6.el6.x86_64 10/27

Verifying : audit-2.2-4.el6_5.x86_64 11/27

Verifying : setroubleshoot-plugins-3.0.40-2.el6.noarch 12/27

Verifying : gnome-python2-gtkhtml2-2.25.3-20.el6.x86_64 13/27

Verifying : policycoreutils-python-2.0.83-19.39.el6.x86_64 14/27

Verifying : setools-gui-3.3.7-4.el6.x86_64 15/27

Verifying : selinux-policy-mls-3.7.19-231.el6_5.3.noarch 16/27

Verifying : gtkhtml2-2.11.1-7.el6.x86_64 17/27

Verifying : bwidget-1.8.0-5.1.el6.noarch 18/27

Verifying : setools-libs-tcl-3.3.7-4.el6.x86_64 19/27

Verifying : mcstrans-0.3.1-4.el6.x86_64 20/27

Verifying : audit-libs-2.2-4.el6_5.x86_64 21/27

Verifying : 1:tk-8.5.7-5.el6.x86_64 22/27

Verifying : libsemanage-python-2.0.43-4.2.el6.x86_64 23/27

Verifying : python-decorator-3.0.1-3.1.el6.noarch 24/27

Verifying : policycoreutils-newrole-2.0.83-19.39.el6.x86_64 25/27

Verifying : audit-2.2-2.el6.x86_64 26/27

Verifying : audit-libs-2.2-2.el6.x86_64 27/27

Installed:

mcstrans.x86_64 0:0.3.1-4.el6

policycoreutils-gui.x86_64 0:2.0.83-19.39.el6

selinux-policy-mls.noarch 0:3.7.19-231.el6_5.3

setools-console.x86_64 0:3.3.7-4.el6

setools-gui.x86_64 0:3.3.7-4.el6

setroubleshoot.x86_64 0:3.0.47-6.el6

setroubleshoot-server.x86_64 0:3.0.47-6.el6

Dependency Installed:

audit-libs-python.x86_64 0:2.2-4.el6_5

bwidget.noarch 0:1.8.0-5.1.el6

gnome-python2-gtkhtml2.x86_64 0:2.25.3-20.el6

gtkhtml2.x86_64 0:2.11.1-7.el6

libcgroup.x86_64 0:0.40.rc1-6.el6_5.1

libsemanage-python.x86_64 0:2.0.43-4.2.el6

policycoreutils-newrole.x86_64 0:2.0.83-19.39.el6

policycoreutils-python.x86_64 0:2.0.83-19.39.el6

python-decorator.noarch 0:3.0.1-3.1.el6

python-slip-dbus.noarch 0:0.2.20-1.el6_2

setools-libs.x86_64 0:3.3.7-4.el6

setools-libs-python.x86_64 0:3.3.7-4.el6

setools-libs-tcl.x86_64 0:3.3.7-4.el6

setroubleshoot-plugins.noarch 0:3.0.40-2.el6

tcl.x86_64 1:8.5.7-6.el6

tk.x86_64 1:8.5.7-5.el6

Dependency Updated:

audit.x86_64 0:2.2-4.el6_5 audit-libs.x86_64 0:2.2-4.el6_5

Complete!

auditd (pid 5031)를 실행하고 있습니다.

rsyslogd (pid 1768)를 실행하고 있습니다..

..... (중략) .....

type=LOGIN msg=audit(1412904601.114:34683): pid=9446 uid=0 subj=system_u:system_r:crond_t:s0-s0:c0.c1023 old auid=4294967295 new auid=0 old ses=4294967295 new ses=11

type=USER_START msg=audit(1412904601.121:34684): user pid=9446 uid=0 auid=0 ses=11 subj=system_u:system_r:crond_t:s0-s0:c0.c1023 msg='op=PAM:session_open acct="root" exe="/usr/sbin/crond" hostname=? addr=? terminal=cron res=success'

type=CRED_DISP msg=audit(1412904601.158:34685): user pid=9446 uid=0 auid=0 ses=11 subj=system_u:system_r:crond_t:s0-s0:c0.c1023 msg='op=PAM:setcred acct="root" exe="/usr/sbin/crond" hostname=? addr=? terminal=cron res=success'

type=USER_END msg=audit(1412904601.159:34686): user pid=9446 uid=0 auid=0 ses=11 subj=system_u:system_r:crond_t:s0-s0:c0.c1023 msg='op=PAM:session_close acct="root" exe="/usr/sbin/crond" hostname=? addr=? terminal=cron res=success'

type=AVC msg=audit(1412910127.774:34815): avc: denied { search } for pid=11591 comm="vsftpd" name="home" dev=dm-0 ino=262145 scontext=unconfined_u:system_r:ftpd_t:s0-s0:c0.c1023 tcontext=system_u:object_r:home_root_t:s0 tclass=dir

<CTRL + C>

# This file controls the state of SELinux on the system.

# SELINUX= can take one of these three values:

# enforcing - SELinux security policy is enforced.

# permissive - SELinux prints warnings instead of enforcing.

# disabled - No SELinux policy is loaded.

SELINUX=enforcing

# SELINUXTYPE= can take one of these two values:

# targeted - Targeted processes are protected,

# mls - Multi Level Security protection.

SELINUXTYPE=targeted

SELinux status: enabled

SELinuxfs mount: /selinux

Current mode: enforcing

Mode from config file: enforcing /* /etc/sysconfig/selinux */

Policy version: 24

Policy from config file: targeted

usage: setenforce [ Enforcing | Permissive | 1 | 0 ]

# This file controls the state of SELinux on the system.

# SELINUX= can take one of these three values:

# enforcing - SELinux security policy is enforced.

# permissive - SELinux prints warnings instead of enforcing.

# disabled - No SELinux policy is loaded.

SELINUX=enforcing

# SELINUXTYPE= can take one of these two values:

# targeted - Targeted processes are protected,

# mls - Multi Level Security protection.

SELINUXTYPE=targeted

SELinux status: enabled

SELinuxfs mount: /selinux

Current mode: permissive

Mode from config file: enforcing

Policy version: 24

Policy from config file: targeted

Permissive

SELinux status: enabled

SELinuxfs mount: /selinux

Current mode: enforcing

Mode from config file: enforcing

Policy version: 24

Policy from config file: targeted

SELinux status: enabled

SELinuxfs mount: /selinux

Current mode: permissive

Mode from config file: enforcing

Policy version: 24

Policy from config file: targeted

/usr/sbin/semanage:

semanage [ -S store ] -i [ input_file | - ]

semanage [ -S store ] -o [ output_file | - ]

semanage login -{a|d|m|l|D|E} [-nrs] login_name | %groupname

semanage user -{a|d|m|l|D|E} [-LnrRP] selinux_name

semanage port -{a|d|m|l|D|E} [-nrt] [ -p proto ] port | port_range

semanage interface -{a|d|m|l|D|E} [-nrt] interface_spec

semanage module -{a|d|m} [--enable|--disable] module

semanage node -{a|d|m|l|D|E} [-nrt] [ -p protocol ] [-M netmask] addr

semanage fcontext -{a|d|m|l|D|E} [-efnrst] file_spec

semanage boolean -{d|l|m} [--on|--off|-1|-0] -F boolean | boolean_file

semanage permissive -{d|a|l} [-n] type

semanage dontaudit [ on | off ]

Primary Options:

-a, --add Add a OBJECT record NAME

-d, --delete Delete a OBJECT record NAME

-m, --modify Modify a OBJECT record NAME

-i, --input Input multiple semange commands in a transaction

-o, --output Output current customizations as semange commands

-l, --list List the OBJECTS

-E, --extract extract customizable commands

-C, --locallist List OBJECTS local customizations

-D, --deleteall Remove all OBJECTS local customizations

-h, --help Display this message

-n, --noheading Do not print heading when listing OBJECTS

-S, --store Select and alternate SELinux store to manage

Object-specific Options (see above):

-f, --ftype File Type of OBJECT

"" (all files)

-- (regular file)

-d (directory)

-c (character device)

-b (block device)

-s (socket)

-l (symbolic link)

-p (named pipe)

-F, --file Treat target as an input file for command, change multiple settings

-p, --proto Port protocol (tcp or udp) or internet protocol version of node (ipv4 or

ipv6)

-M, --mask Netmask

-e, --equal Substitue source path for dest path when labeling

-P, --prefix Prefix for home directory labeling

-L, --level Default SELinux Level (MLS/MCS Systems only)

-R, --roles SELinux Roles (ex: "sysadm_r staff_r")

-s, --seuser SELinux User Name

-t, --type SELinux Type for the object

-r, --range MLS/MCS Security Range (MLS/MCS Systems only)

--enable Enable a module

--disable Disable a module

SELinux boolean State Default Description

ftp_home_dir (off , off) Allow ftp to read and write files in the user home directories

smartmon_3ware (off , off) Enable additional permissions needed to support devices on 3ware controllers.

xdm_sysadm_login (off , off) Allow xdm logins as sysadm

xen_use_nfs (off , off) Allow xen to manage nfs files

mozilla_read_content (off , off) Control mozilla content access

ssh_chroot_rw_homedirs (off , off) Allow ssh with chroot env to read and write files in the user home directories

postgresql_can_rsync (off , off) Allow postgresql to use ssh and rsync for point-in-time recovery

allow_console_login (on , on) Allow direct login to the console device. Required for System 390

..... (중략) .....

httpd_setrlimit (off , off) Allow httpd daemon to change system limits

squid_connect_any (on , on) Allow squid to connect to all ports, not just HTTP, FTP, and Gopher ports.

virt_use_samba (off , off) Allow virt to manage cifs files

cluster_use_execmem (off , off) Allow cluster administrative cluster domains memcheck-amd64- to use executable memory

named_write_master_zones (off , off) Allow BIND to write the master zone files. Generally this is used for dynamic DNS or zone transfers.

exim_manage_user_files (off , off) Allow exim to create, read, write, and delete unprivileged user files.

logging_syslog_can_read_tmp (off , off) Allow syslogd daemon to read user tmp content

cron_can_relabel (off , off) Allow system cron jobs to relabel filesystem for restoring file contexts.

git_system_use_cifs (off , off) Determine whether Git system daemon can access cifs file systems.

usage: getsebool -a or getsebool boolean...

abrt_anon_write --> off

abrt_handle_event --> off

allow_console_login --> on

allow_cvs_read_shadow --> off

allow_daemons_dump_core --> on

allow_daemons_use_tcp_wrapper --> off

allow_daemons_use_tty --> on

allow_domain_fd_use --> on

allow_execheap --> off

allow_execmem --> on

..... (중략) .....

virt_use_sysfs --> on

virt_use_usb --> on

virt_use_xserver --> off

webadm_manage_user_files --> off

webadm_read_user_files --> off

wine_mmap_zero_ignore --> off

xdm_exec_bootloader --> off

xdm_sysadm_login --> off

xen_use_nfs --> off

xguest_connect_network --> on

xguest_mount_media --> on

xguest_use_bluetooth --> on

xserver_object_manager --> off

zabbix_can_network --> off

allow_console_login --> on

ftp_home_dir (off , off) Allow ftp to read and write files in the user home directories

allow_ftpd_full_access (off , off) Allow ftp servers to login to local users and read/write all files on the system, governed by DAC.

allow_ftpd_use_cifs (off , off) Allow ftp servers to use cifs used for public file transfer services.

allow_ftpd_use_nfs (off , off) Allow ftp servers to use nfs used for public file transfer services.

allow_ftpd_anon_write (off , off) Allow ftp servers to upload files, used for public file transfer services. Directories must be labeled public_content_rw_t.

tftp_anon_write (off , off) Allow tftp to modify public files used for public file transfer services.

ftpd_use_passive_mode (off , off) Allow ftp servers to use bind to all unreserved ports for passive mode

tftp_use_cifs (off , off) Allow tftp to read from a CIFS store for public file transfer services.

tftp_use_nfs (off , off) Allow tftp to read from a NFS store for public file transfer services.

ftpd_use_fusefs (off , off) Allow ftpd to use ntfs/fusefs volumes.

ftpd_connect_db (off , off) Allow ftp servers to use connect to mysql database

httpd_enable_ftp_server (off , off) Allow httpd to act as a FTP server by listening on the ftp port.

allow_ftpd_full_access --> off

allow_ftpd_full_access --> on

allow_ftpd_full_access (on , off) Allow ftp servers to login to local users and read/write all files on the system, governed by DAC.

allow_ftpd_use_cifs (off , off) Allow ftp servers to use cifs used for public file transfer services.

allow_ftpd_use_nfs (off , off) Allow ftp servers to use nfs used for public file transfer services.

allow_ftpd_anon_write (off , off) Allow ftp servers to upload files, used for public file transfer services. Directories must be labeled public_content_rw_t

allow_ftpd_full_access --> off

5+0 records in

5+0 records out

5242880 bytes (5.2 MB) copied, 0.0127335 s, 412 MB/s

Connected to 192.168.10.250.

220 (vsFTPd 2.2.2)

Name (192.168.10.250:root): user01

331 Please specify the password.

Password: (user01 사용자 암호 입력)

230 Login successful.

Remote system type is UNIX.

Using binary mode to transfer files.

ftp> ls

200 PORT command successful. Consider using PASV.

150 Here comes the directory listing.

226 Directory send OK.

ftp> passive

Passive mode on.

ftp> put test.txt /* KaliLinux(현재DIR/test.txt) -> IDS(/home/user01/test.txt) */

local: test.txt remote: test.txt

227 Entering Passive Mode (192,168,10,250,214,87).

150 Ok to send data.

226 Transfer complete.

5242880 bytes sent in 0.11 secs (44618.3 kB/s)

ftp> lcd /tmp

Local directory now /tmp

ftp> get test.txt /* IDS(/home/user01/test.txt) -> KaliLinux(/tmp/test.txt) */

local: test.txt remote: test.txt

227 Entering Passive Mode (192,168,10,250,254,215).

150 Opening BINARY mode data connection for test.txt (5242880 bytes).

226 Transfer complete.

5242880 bytes received in 0.08 secs (61780.5 kB/s)

ftp> quit

221 Goodbye

type=USER_AUTH msg=audit(1412947954.776:104): user pid=3831 uid=0 auid=0 ses=1 subj=unconfined_u:system_r:ftpd_t:s0-s0:c0.c1023 msg='op=PAM:authentication acct="user01" exe="/usr/sbin/vsftpd" hostname=192.168.10.100 addr=192.168.10.100 terminal=ftp res=success'

type=USER_ACCT msg=audit(1412947954.780:105): user pid=3831 uid=0 auid=0 ses=1 subj=unconfined_u:system_r:ftpd_t:s0-s0:c0.c1023 msg='op=PAM:accounting acct="user01" exe="/usr/sbin/vsftpd" hostname=192.168.10.100 addr=192.168.10.100 terminal=ftp res=success'

type=CRED_ACQ msg=audit(1412947954.780:106): user pid=3831 uid=0 auid=0 ses=1 subj=unconfined_u:system_r:ftpd_t:s0-s0:c0.c1023 msg='op=PAM:setcred acct="user01" exe="/usr/sbin/vsftpd" hostname=192.168.10.100 addr=192.168.10.100 terminal=ftp res=success'

..... (중략) .....

SELinux status: enabled

SELinuxfs mount: /selinux

Current mode: permissive

Mode from config file: enforcing

Policy version: 24

Policy from config file: targeted

SELinux status: enabled

SELinuxfs mount: /selinux

Current mode: enforcing

Mode from config file: enforcing

Policy version: 24

Policy from config file: targeted

allow_ftpd_full_access --> off

Connected to 192.168.10.250.

220 (vsFTPd 2.2.2)

Name (192.168.10.250:root): user01

331 Please specify the password.

Password: (user01 사용자의 암호 입력)

500 OOPS: cannot change directory:/home/user01

Login failed.

ftp> quit

421 Service not available, remote server has closed connection

Connected to 192.168.10.250.

220 (vsFTPd 2.2.2)

Name (192.168.10.250:root): anonymous

331 Please specify the password.

Password: (id@naver.com)

230 Login successful.

Remote system type is UNIX.

Using binary mode to transfer files.

(필요하면 명령어 수행)

(192.168.20.203) CentOS 6.X

# cd /var/ftp/pub

# cp /etc/passwd /var/ftp/pub/test.txt

ftp> cd pub

250 Directory successfully changed.

ftp> dir

200 PORT command successful. Consider using PASV.

150 Here comes the directory listing.

-rw-r--r-- 1 0 0 1571 Oct 10 02:39 test.txt

226 Directory send OK.

ftp> mget test.txt

mget test.txt? y

200 PORT command successful. Consider using PASV.

150 Opening BINARY mode data connection for test.txt (1571 bytes).

226 Transfer complete.

1571 bytes received in 0.00 secs (2293.2 kB/s)

ftp> quit

221 Goodbye.

allow_ftpd_full_access --> on

SELinux status: enabled

SELinuxfs mount: /selinux

Current mode: enforcing

Mode from config file: enforcing

Policy version: 24

Policy from config file: targeted

$ ftp 192.168.10.250

Connected to 192.168.10.250.

220 (vsFTPd 2.2.2)

Name (192.168.10.250:root): user01

331 Please specify the password.

Password: (user01 사용자 암호 입력)

230 Login successful.

Remote system type is UNIX.

Using binary mode to transfer files.

ftp> dir

200 PORT command successful. Consider using PASV.

150 Here comes the directory listing.

-rw-r--r-- 1 501 501 5242880 Oct 10 02:27 test.txt

226 Directory send OK.

ftp> mget test.txt

mget test.txt? y

200 PORT command successful. Consider using PASV.

150 Opening BINARY mode data connection for test.txt (5242880 bytes).

226 Transfer complete.

5242880 bytes received in 0.06 secs (80610.9 kB/s)

ftp> quit

221 Goodbye.

Connected to 192.168.10.250.

220 (vsFTPd 2.2.2)

Name (192.168.10.250:root): anonymous

331 Please specify the password.

Password: (id@naver.com)

230 Login successful.

Remote system type is UNIX.

Using binary mode to transfer files.

ftp> cd pub

250 Directory successfully changed.

ftp> dir

200 PORT command successful. Consider using PASV.

150 Here comes the directory listing.

-rw-r--r-- 1 0 0 1571 Oct 10 02:39 test.txt

226 Directory send OK.

ftp> mget test.txt

mget test.txt? y

200 PORT command successful. Consider using PASV.

150 Opening BINARY mode data connection for test.txt (1571 bytes).

226 Transfer complete.

1571 bytes received in 0.00 secs (1543.4 kB/s)

ftp> quit

221 Goodbye.

-rw-r--r--. root root unconfined_u:object_r:admin_home_t:s0 file1

-rw-r--r--. root root unconfined_u:object_r:samba_share_t:s0 file1

restorecon reset /root/text/file1 context unconfined_u:object_r:samba_share_t:s0->unconfined_u:object_r:admin_home_t:s0

-rw-r--r--. root root unconfined_u:object_r:admin_home_t:s0 file1

file_contexts file_contexts.homedirs file_contexts.local media

/.* system_u:object_r:default_t:s0

/[^/]+ -- system_u:object_r:etc_runtime_t:s0

/a?quota\.(user|group) -- system_u:object_r:quota_db_t:s0

/nsr(/.*)? system_u:object_r:var_t:s0

/sys(/.*)? system_u:object_r:sysfs_t:s0

/xen(/.*)? system_u:object_r:xen_image_t:s0

/mnt(/[^/]*) -l system_u:object_r:mnt_t:s0

/mnt(/[^/]*)? -d system_u:object_r:mnt_t:s0

/bin/.* system_u:object_r:bin_t:s0

/dev/.* system_u:object_r:device_t:s0

/lib/.* system_u:object_r:lib_t:s0

/var/.* system_u:object_r:var_t:s0

/srv/.* system_u:object_r:var_t:s0

/tmp/.* <<none>>

/usr/.* system_u:object_r:usr_t:s0

/opt/.* system_u:object_r:usr_t:s0

/etc/.* system_u:object_r:etc_t:s0

/root(/.*)? system_u:object_r:admin_home_t:s0

/dev/[0-9].* -c system_u:object_r:usb_device_t:s0

/mnt/[^/]*/.* <<none>>

/dev/.*mouse.* -c system_u:object_r:mouse_device_t:s0

/rhev(/[^/]*)? -d system_u:object_r:mnt_t:s0

/dev/.*tty[^/]* -c system_u:object_r:tty_device_t:s0

..... (중략) .....

/usr/share/gitolite3/triggers/post-compile/ssh-authkeys-shell-users -- sys

tem_u:object_r:bin_t:s0

/usr/share/gitolite3/triggers/post-compile/update-gitweb-access-list -- sys

tem_u:object_r:bin_t:s0

/usr/share/system-config-securitylevel/system-config-securitylevel\.py -- sys

tem_u:object_r:bin_t:s0

/usr/share/system-config-services/system-config-services-mechanism\.py -- sys

tem_u:object_r:initrc_exec_t:s0

/usr/share/gitolite3/triggers/post-compile/update-git-daemon-access-list --system_u:object_r:bin_t:s0

-rw-r--r--. root root unconfined_u:object_r:default_t:s0 file1

-rw-r--r--. root root unconfined_u:object_r:default_t:s0 file2

-rw-r--r--. root root unconfined_u:object_r:default_t:s0 file3

drwxr-xr-x. root root unconfined_u:object_r:httpd_sys_content_t:s0 /web

-rw-r--r--. root root unconfined_u:object_r:httpd_sys_content_t:s0 file1

-rw-r--r--. root root unconfined_u:object_r:httpd_sys_content_t:s0 file2

-rw-r--r--. root root unconfined_u:object_r:httpd_sys_content_t:s0 file3

restorecon reset /web context unconfined_u:object_r:httpd_sys_content_t:s0->unconfined_u:object_r:default_t:s0

restorecon reset /web/file2 context unconfined_u:object_r:httpd_sys_content_t:s0->unconfined_u:object_r:default_t:s0

restorecon reset /web/file3 context unconfined_u:object_r:httpd_sys_content_t:s0->unconfined_u:object_r:default_t:s0

restorecon reset /web/file1 context unconfined_u:object_r:httpd_sys_content_t:s0->unconfined_u:object_r:default_t:s0

-rw-r--r--. root root unconfined_u:object_r:etc_t:s0 /etc/file1

-rw-r--r--. root root unconfined_u:object_r:etc_t:s0 /etc/file1

# This file is auto-generated by libsemanage

# Do not edit directly.

/etc/file1 system_u:object_r:samba_share_t:s0

# This file is auto-generated by libsemanage

# Do not edit directly.

-rw-rw-r--. user01 user01 unconfined_u:object_r:user_home_t:s0 file1

-rw-r--r--. user01 user01 unconfined_u:object_r:user_home_t:s0 test.txt

drwxr-xr-x. root root system_u:object_r:httpd_sys_content_t:s0 /var/www/html

-rw-rw-r--. user01 user01 unconfined_u:object_r:user_home_t:s0 file1

-rw-r--r--. root root unconfined_u:object_r:httpd_sys_content_t:s0 file1

-rw-r--r--. root root unconfined_u:object_r:admin_home_t:s0 file1

drwxr-xr-x. root root system_u:object_r:httpd_sys_script_exec_t:s0 cgi-bin

drwxr-xr-x. root root system_u:object_r:httpd_sys_content_t:s0 error

-rw-r--r--. root root unconfined_u:object_r:admin_home_t:s0 file1

drwxr-xr-x. root root system_u:object_r:httpd_sys_content_t:s0 html

drwxr-xr-x. root root system_u:object_r:httpd_sys_content_t:s0 icons

drwxr-xr-x. root root system_u:object_r:httpd_sys_content_t:s0 manual

-rw-rw-r--. user01 user01 unconfined_u:object_r:user_home_t:s0 file1

-rw-rw-r--. user01 user01 unconfined_u:object_r:user_home_t:s0 file1

-rw-rw-r--. user01 user01 system_u:object_r:samba_share_t:s0 file2

-rw-rw-r--. user01 user01 unconfined_u:object_r:user_home_t:s0 file1

-rw-rw-r--. user01 user01 system_u:object_r:samba_share_t:s0 file2

-rw-r--r--. user01 user01 unconfined_u:object_r:user_home_t:s0 test.txt

-rw-r--r--. root root unconfined_u:object_r:admin_home_t:s0 file1

-rw-r--r--. root root system_u:object_r:samba_share_t:s0 file2

-rw-r--r--. root root unconfined_u:object_r:httpd_sys_content_t:s0 file1

/root/text

-rw-r--r--. root root unconfined_u:object_r:admin_home_t:s0 file1

-rw-r--r--. root root system_u:object_r:samba_share_t:s0 file2

-rw-r--r--. root root unconfined_u:object_r:admin_home_t:s0 file1

-rw-r--r--. root root unconfined_u:object_r:httpd_sys_content_t:s0 file1

-rw-r--r--. root root unconfined_u:object_r:httpd_sys_content_t:s0 file2

-rw-r--r--. root root unconfined_u:object_r:httpd_sys_content_t:s0 file3

-rw-r--r--. root root unconfined_u:object_r:samba_share_t:s0 file1

-rw-r--r--. root root unconfined_u:object_r:httpd_sys_content_t:s0 file2

-rw-r--r--. root root unconfined_u:object_r:httpd_sys_content_t:s0 file3

/var/www/html/file1 has context unconfined_u:object_r:samba_share_t:s0, should be system_u:object_r:httpd_sys_content_t:s0

/var/www/html/file2 verified.

/var/www/html/file3 verified.

restorecon reset /var/www/html/file1 context unconfined_u:object_r:samba_share_t:s0->unconfined_u:object_r:httpd_sys_content_t:s0

-rw-r--r--. root root unconfined_u:object_r:httpd_sys_content_t:s0 file1

-rw-r--r--. root root unconfined_u:object_r:httpd_sys_content_t:s0 file2

-rw-r--r--. root root unconfined_u:object_r:httpd_sys_content_t:s0 file3

4

Create an RPM

#!/bin/bash

echo 'This is a test.'

echo

echo ' ________________________'

echo '/ \'

echo '| |'

echo '| 야 !! 공부좀 해라!!! |'

echo '| |'

echo '\________________________/'

echo ' \'

echo ' \'

echo ' (__)'

echo ' (oo)______'

echo ' (__) )\'

echo ' ||---|| *'

echo ' || ||'

echo

BUILD/ RPMS/ SOURCES/ SPECS/ SRPMS/

drwxr-xr-x root/root 0 2014-01-23 16:16:24 hello-1.0/

-rwxr-xr-x root/root 394 2014-01-23 16:16:24 hello-1.0/hello.sh

%define name hello

%define version 1.0

%define release 1

Name: hello

Version: 1.0

Release: 1

Summary: Hello

Group: CentOS

License: GPL

URL: http://www.example.com

Source0: %{name}-%{version}-%{release}.tar.gz

BuildRoot: /var/tmp/%{name}-buildroot

%description

Installs /root/bin/hello.sh

%prep

%setup -q -n %{name}-%{version}

%build

%install

rm -rf $RPM_BUILD_ROOT

mkdir -p $RPM_BUILD_ROOT/root/bin

install -m 755 hello.sh $RPM_BUILD_ROOT/root/bin/hello.sh

%clean

rm -rf $RPM_BUILD_ROOT

%files

%defattr(-,root,root,-)

/root/bin/hello.sh

%changelog

Executing(%prep): /bin/sh -e /var/tmp/rpm-tmp.38857

+ umask 022

+ cd /usr/src/redhat/BUILD

+ cd /usr/src/redhat/BUILD

+ rm -rf hello-1.0

+ /bin/gzip -dc /usr/src/redhat/SOURCES/hello-1.0-1.tar.gz

+ tar -xf -

+ STATUS=0

+ '[' 0 -ne 0 ']'

+ cd hello-1.0

++ /usr/bin/id -u

+ '[' 0 = 0 ']'

+ /bin/chown -Rhf root .

++ /usr/bin/id -u

+ '[' 0 = 0 ']'

+ /bin/chgrp -Rhf root .

+ /bin/chmod -Rf a+rX,u+w,g-w,o-w .

+ exit 0

Executing(%build): /bin/sh -e /var/tmp/rpm-tmp.38857

+ umask 022

+ cd /usr/src/redhat/BUILD

+ cd hello-1.0

+ exit 0

Executing(%install): /bin/sh -e /var/tmp/rpm-tmp.38857

+ umask 022

+ cd /usr/src/redhat/BUILD

+ cd hello-1.0

+ rm -rf /var/tmp/hello-buildroot

+ mkdir -p /var/tmp/hello-buildroot/root/bin

+ install -m 755 hello.sh /var/tmp/hello-buildroot/root/bin/hello.sh

+ /usr/lib/rpm/brp-compress

+ /usr/lib/rpm/brp-strip

+ /usr/lib/rpm/brp-strip-static-archive

+ /usr/lib/rpm/brp-strip-comment-note

Processing files: hello-1.0-1

Requires(rpmlib): rpmlib(CompressedFileNames) <= 3.0.4-1 rpmlib(PayloadFilesHavePrefix) <= 4.0-1

Requires: /bin/bash

Checking for unpackaged file(s): /usr/lib/rpm/check-files /var/tmp/hello-buildroot

Wrote: /usr/src/redhat/SRPMS/hello-1.0-1.src.rpm

Wrote: /usr/src/redhat/RPMS/i386/hello-1.0-1.i386.rpm

Executing(%clean): /bin/sh -e /var/tmp/rpm-tmp.38857

+ umask 022

+ cd /usr/src/redhat/BUILD

+ cd hello-1.0

+ rm -rf /var/tmp/hello-buildroot

+ exit 0

/usr/src/redhat

/usr/src/redhat/RPMS

/usr/src/redhat/RPMS/geode

/usr/src/redhat/RPMS/noarch

/usr/src/redhat/RPMS/i386

/usr/src/redhat/RPMS/i386/hello-1.0-1.i386.rpm

/usr/src/redhat/RPMS/i686

/usr/src/redhat/RPMS/athlon

/usr/src/redhat/RPMS/i486

/usr/src/redhat/RPMS/i586

/usr/src/redhat/SOURCES

/usr/src/redhat/SOURCES/hello-1.0-1.tar.gz

/usr/src/redhat/SPECS

/usr/src/redhat/SPECS/hello.spec

/usr/src/redhat/SRPMS

/usr/src/redhat/SRPMS/hello-1.0-1.src.rpm

/usr/src/redhat/BUILD

/usr/src/redhat/BUILD/hello-1.0

/usr/src/redhat/BUILD/hello-1.0/hello.sh

Preparing... ########################################### [100%]

1:hello ########################################### [100%]

gpg (GnuPG) 1.4.5; Copyright (C) 2006 Free Software Foundation, Inc.

This program comes with ABSOLUTELY NO WARRANTY.

This is free software, and you are welcome to redistribute it

under certain conditions. See the file COPYING for details.

gpg: directory `/root/.gnupg' created

gpg: new configuration file `/root/.gnupg/gpg.conf' created

gpg: WARNING: options in `/root/.gnupg/gpg.conf' are not yet active during this run

gpg: keyring `/root/.gnupg/secring.gpg' created

gpg: keyring `/root/.gnupg/pubring.gpg' created

Please select what kind of key you want:

(1) DSA and Elgamal (default)

(2) DSA (sign only)

(5) RSA (sign only)

Your selection? <ENTER>

DSA keypair will have 1024 bits.

ELG-E keys may be between 1024 and 4096 bits long.

What keysize do you want? (2048) <ENTER>

Please specify how long the key should be valid.

0 = key does not expire

<n> = key expires in n days

<n>w = key expires in n weeks

<n>m = key expires in n months

<n>y = key expires in n years

Key is valid for? (0) <ENTER>

Key does not expire at all

Is this correct? (y/N) y

You need a user ID to identify your key; the software constructs the user ID

from the Real Name, Comment and Email Address in this form:

"Heinrich Heine (Der Dichter) <heinrichh@duesseldorf.de>"

Real name: Baik, SeoungChan

Email address: jang4sc@hanmail.net

Comment: <ENTER>

You selected this USER-ID:

"Baik, SeoungChan <jang4sc@hanmail.net>"

Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? o

You need a Passphrase to protect your secret key.

Passphrase: testing123

Repeat passphrase: testing123

We need to generate a lot of random bytes. It is a good idea to perform

some other action (type on the keyboard, move the mouse, utilize the

disks) during the prime generation; this gives the random number

generator a better chance to gain enough entropy.

++++++++++..++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++.++++++++++++++++++++.+++++++++++++++.+++++.+++++..++++++++++..>+++++.....................................................+++++

Not enough random bytes available. Please do some other work to give

the OS a chance to collect more entropy! (Need 283 more bytes)

We need to generate a lot of random bytes. It is a good idea to perform

some other action (type on the keyboard, move the mouse, utilize the

disks) during the prime generation; this gives the random number

generator a better chance to gain enough entropy.

.+++++++++++++++++++++++++.++++++++++.+++++.++++++++++......+++++++++++++++..+++++++++++++++..+++++.+++++++++++++++.+++++++++++++++++++++++++.+++++.++++++++++.+++++>.+++++.+++++...>+++++..................................................................................+++++^^^

gpg: /root/.gnupg/trustdb.gpg: trustdb created

gpg: key ACD89B3E marked as ultimately trusted

public and secret key created and signed.

gpg: checking the trustdb

gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model

gpg: depth: 0 valid: 1 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 1u

pub 1024D/ACD89B3E 2014-01-23

Key fingerprint = 98A1 E2A6 AE47 FE97 BFE8 6DC4 BCAB 0ADE ACD8 9B3E

uid Baik, SeoungChan <jang4sc@hanmail.net>

sub 2048g/CA2DE316 2014-01-23

RPM-GPG-KEY-test

-----BEGIN PGP PUBLIC KEY BLOCK-----

Version: GnuPG v1.4.5 (GNU/Linux)

mQGiBFLgyxARBACCnrOlR6uregf1SuoqqHxtBXGVq5QKyJVBsb4cXufe0ur5jzk8

Bmc9aKFMnfrp22GZ+CjfBr0BBYCB2A7ANsKtdwNzB2PHl7C9BNQafS8xrpyTo/2C

oc0j21uLJz5TOpcaQ/1qS/jpUNumvDuoD9RXO6fgPhBNaj808cncp6uQ8wCg3gxc

J4bqvc+QjdTXbrcIuMwDIT0D/A++D26YIp0TpzVDmv7Di2GTc4mn6fpKKSLu7vVZ

3IDJuN2B9CL0DJz02S+IR5kF+yf5o6NnUcM9b65nw15MK2d37NE6mOpoUUHao80f

ShAvtQLJl5bVcJWeCz9ORfQqWb36SWLxAJq7TPDsS6l1DUkE3kONQgSZnAzpP4KK

ZS1EA/0aSpKk+/pElSG5muip2xMcflk6ihuGgivcxYlr/E/v2wsH5QELtNt7q4wj

K2ji/QuZabdEi5V77qUHbUvLo2d4By0mB6EPAV6Nk3V9iV7SdKYKb7f01ybuW82s

bzMnfaK2bOmN/7A9LCKk5eQ5urN9Jr8q159kOHaCroTQrelC77QmQmFpaywgU2Vv

dW5nQ2hhbiA8amFuZzRzY0BoYW5tYWlsLm5ldD6IYAQTEQIAIAUCUuDLEAIbAwYL

CQgHAwIEFQIIAwQWAgMBAh4BAheAAAoJELyrCt6s2Js+kwcAn3K/hdtIVFLpWwyX

/65RsA/hWf/tAJ9oA1Sp3M/QSrGwPEwiadjDFr2io7kCDQRS4MsUEAgA5XtEwdw7

H3+yxxObgv+giZWd2oNxjfmrWqecd2N6+dsgR3oc1kbYdv84jU6icozZxz7XHbAR

1Hxj+f31H56k6W8ZXVx0W0qMZSCOcuXY+dmQJV9qcJfzdDc1HahTUL32C6Vz0Emh

L7A2HSgj8apoSkER9YBY9jUAseE9FK7YalhPfIUW79CcY9zSUvmGBiXvpume7+M9

xtwDcaxAA9J46KWDUpuzkCl6n/ru5LbqSv2/qNBIep+eut8WWmEnP5MzFigK0gjs

cP5EnUceNFTmKnw9hwG3pzprJPmd1iu/VbLa3XySmQlrSyWjziZcdquUqq0KxJdC

c7QhQ/kYHS3g9wADBQf/X6il933Tu4s7qKqxz+pIkAcIAkCTvBfePUWqmZ9Rw+S/

amWayHU18rXfJ0+Wo3PK6Hs4FjO/tZamTJokfrleIk9weOLOp6wZVMA0TTcrTpi6

FTp36vWUVveysjuHQa43RpfPqgJNQdgSFUVfm4wMxBFVDS8itx5RWxqmvrPJLrur

egm1EiXNDK+b8Tv1vxHcgiPfcls8Y6gtWvPM7lbH5KY4ORj9oaHB+DhFRPgR6U9l

gFGVQuI6UP4G+3MSNoMEJIuVq0R1r9unytL+ojdyfLisgC2Xja3Z6lZZ67I0RiLr

ZpFuAcROxgtcNsCHmle0DI3Bv9pBCJ8nudeSHahQsohJBBgRAgAJBQJS4MsUAhsM

AAoJELyrCt6s2Js+oLoAoLVRgzLFoBmYiZXKIexIHhbrlRRIAKCaOHPRd4+88L1J

WVbsdJED3F7cAQ==

=lq3h

-----END PGP PUBLIC KEY BLOCK-----

%_gpg_name ACD89B3E

Enter pass phrase: testing123

Pass phrase is good.

/usr/src/redhat/RPMS/i386/hello-1.0-1.i386.rpm:

gpg: WARNING: standard input reopened

gpg: WARNING: standard input reopened

1/1 - hello-1.0-1.i386.rpm

Saving Primary metadata

Saving file lists metadata

Saving other metadata

[hello]

name=hello

description=Test Yum Repository

baseurl=http://172.16.9.252/packages

enabled=1

gpgcheck=1

gpgkey=http://172.16.9.252/packages/RPM-GPG-KEY-test

Loaded plugins: fastestmirror, security

Loading mirror speeds from cached hostfile

* base: mirror.oasis.onnetcorp.com

* extras: mirror.oasis.onnetcorp.com

* updates: mirror.oasis.onnetcorp.com

hello | 951 B 00:00

hello/primary | 668 B 00:00

hello 1/1

Setting up Install Process

Resolving Dependencies

--> Running transaction check

---> Package hello.i386 0:1.0-1 set to be updated

--> Finished Dependency Resolution

Dependencies Resolved

=============================================================================

Package Arch Version Repository Size

=============================================================================

Installing:

hello i386 1.0-1 hello 2.2 k

Transaction Summary

=============================================================================

Install 1 Package(s)

Upgrade 0 Package(s)

Total download size: 2.2 k

Downloading Packages:

hello-1.0-1.i386.rpm | 2.2 kB 00:00

warning: rpmts_HdrFromFdno: Header V3 DSA signature: NOKEY, key ID c1d1124a

hello/gpgkey | 1.6 kB 00:00

Importing GPG key 0xC1D1124A "baik,seoungchan <jang4sc@hanmail.net>" from http://172.16.10.249/packages/RPM-GPG-KEY-test

Running rpm_check_debug

Running Transaction Test

Finished Transaction Test

Transaction Test Succeeded

Running Transaction

Installing : hello 1/1

Installed:

hello.i386 0:1.0-1

Complete!

This is a test.

________________________

/ \

| |

| 야 !! 공부좀 해라!!! |

| |

\________________________/

\

\

(__)

(oo)______

(__) )\

||---|| *

|| ||

[hello]

name=hello

description=Test Yum Repository

baseurl=http://172.16.9.252/packages

enabled=0

gpgcheck=1

gpgkey=http://172.16.9.252/packages/RPM-GPG-KEY-test

[utterramblings]

name=Jason's Utter Ramblings Repo

baseurl=http://yum.jasonlitka.com/EL$releasever/$basearch/

enabled=1

gpgcheck=1

gpgkey=http://yum.jasonlitka.com/RPM-GPG-KEY-jlitka

Loaded plugins: fastestmirror, security

Loading mirror speeds from cached hostfile

* base: mirror.premi.st

* extras: mirror.premi.st

* rpmforge: ftp.riken.jp

* updates: data.nicehosting.co.kr

Setting up Install Process

Resolving Dependencies

--> Running transaction check

--> Processing Dependency: httpd = 2.2.3-87.el5.centos for package: httpd-manual

--> Processing Dependency: httpd = 2.2.3-87.el5.centos for package: mod_ssl

---> Package httpd.i386 0:2.2.22-jason.1 set to be updated

--> Processing Dependency: apr-util-ldap for package: httpd

---> Package httpd-devel.i386 0:2.2.22-jason.1 set to be updated

--> Processing Dependency: apr-util-devel for package: httpd-devel

--> Processing Dependency: apr-devel for package: httpd-devel

--> Running transaction check

---> Package apr-devel.i386 0:1.4.5-1.jason.1 set to be updated

--> Processing Dependency: apr = 1.4.5-1.jason.1 for package: apr-devel

---> Package apr-util-devel.i386 0:1.3.12-1.jason.1 set to be updated

--> Processing Dependency: apr-util = 1.3.12-1.jason.1 for package: apr-util-devel

--> Processing Dependency: openldap-devel for package: apr-util-devel

--> Processing Dependency: expat-devel for package: apr-util-devel

--> Processing Dependency: db4-devel for package: apr-util-devel

---> Package apr-util-ldap.i386 0:1.3.12-1.jason.1 set to be updated

---> Package httpd-manual.i386 0:2.2.22-jason.1 set to be updated

---> Package mod_ssl.i386 1:2.2.22-jason.1 set to be updated

--> Running transaction check

---> Package apr.i386 0:1.4.5-1.jason.1 set to be updated

---> Package apr-util.i386 0:1.3.12-1.jason.1 set to be updated

---> Package db4-devel.i386 0:4.3.29-10.el5_5.2 set to be updated

---> Package expat-devel.i386 0:1.95.8-11.el5_8 set to be updated

---> Package openldap-devel.i386 0:2.3.43-28.el5_10 set to be updated

--> Processing Dependency: cyrus-sasl-devel >= 2.1 for package: openldap-devel

--> Running transaction check

---> Package cyrus-sasl-devel.i386 0:2.1.22-7.el5_8.1 set to be updated

--> Finished Dependency Resolution

Dependencies Resolved

====================================================================================================================

Package Arch Version Repository Size

====================================================================================================================

Installing:

httpd-devel i386 2.2.22-jason.1 utterramblings 151 k

Updating:

httpd i386 2.2.22-jason.1 utterramblings 3.0 M

Installing for dependencies:

apr-devel i386 1.4.5-1.jason.1 utterramblings 181 k

apr-util-devel i386 1.3.12-1.jason.1 utterramblings 70 k

apr-util-ldap i386 1.3.12-1.jason.1 utterramblings 19 k

cyrus-sasl-devel i386 2.1.22-7.el5_8.1 base 1.4 M

db4-devel i386 4.3.29-10.el5_5.2 base 1.9 M

expat-devel i386 1.95.8-11.el5_8 base 132 k

openldap-devel i386 2.3.43-28.el5_10 updates 2.9 M

Updating for dependencies:

apr i386 1.4.5-1.jason.1 utterramblings 258 k

apr-util i386 1.3.12-1.jason.1 utterramblings 196 k

httpd-manual i386 2.2.22-jason.1 utterramblings 989 k

mod_ssl i386 1:2.2.22-jason.1 utterramblings 324 k

Transaction Summary

=============================================================================================================================

Install 8 Package(s)

Upgrade 5 Package(s)

Total download size: 11 M

Downloading Packages:

(1/13): apr-util-ldap-1.3.12-1.jason.1.i386.rpm | 19 kB 00:00

(2/13): apr-util-devel-1.3.12-1.jason.1.i386.rpm | 70 kB 00:01

(3/13): expat-devel-1.95.8-11.el5_8.i386.rpm | 132 kB 00:00

(4/13): httpd-devel-2.2.22-jason.1.i386.rpm | 151 kB 00:01

(5/13): apr-devel-1.4.5-1.jason.1.i386.rpm | 181 kB 00:02

(6/13): apr-util-1.3.12-1.jason.1.i386.rpm | 196 kB 00:01

(7/13): apr-1.4.5-1.jason.1.i386.rpm | 258 kB 00:02

(8/13): mod_ssl-2.2.22-jason.1.i386.rpm | 324 kB 00:04

(9/13): httpd-manual-2.2.22-jason.1.i386.rpm | 989 kB 00:11

(10/13): cyrus-sasl-devel-2.1.22-7.el5_8.1.i386.rpm | 1.4 MB 00:00

(11/13): db4-devel-4.3.29-10.el5_5.2.i386.rpm | 1.9 MB 00:00

(12/13): openldap-devel-2.3.43-28.el5_10.i386.rpm | 2.9 MB 00:01

(13/13): httpd-2.2.22-jason.1.i386.rpm | 3.0 MB 00:39

-----------------------------------------------------------------------------------------------------------------------------

Total 172 kB/s | 11 MB 01:08

Running rpm_check_debug

Running Transaction Test

Finished Transaction Test

Transaction Test Succeeded

Running Transaction

Updating : apr 1/18

Updating : apr-util 2/18

Installing : apr-util-ldap 3/18

Updating : httpd 4/18

warning: /etc/httpd/conf/httpd.conf created as /etc/httpd/conf/httpd.conf.rpmnew

Installing : cyrus-sasl-devel 5/18

Installing : apr-devel 6/18

Installing : openldap-devel 7/18

Installing : db4-devel 8/18

Installing : expat-devel 9/18

Installing : apr-util-devel 10/18

Updating : mod_ssl 11/18

Installing : httpd-devel 12/18

Updating : httpd-manual 13/18

Cleanup : mod_ssl 14/18

Cleanup : httpd 15/18

Cleanup : apr-util 16/18

Cleanup : httpd-manual 17/18

Cleanup : apr 18/18

Installed:

httpd-devel.i386 0:2.2.22-jason.1

Dependency Installed:

apr-devel.i386 0:1.4.5-1.jason.1 apr-util-devel.i386 0:1.3.12-1.jason.1 apr-util-ldap.i386 0:1.3.12-1.jason.1

cyrus-sasl-devel.i386 0:2.1.22-7.el5_8.1 db4-devel.i386 0:4.3.29-10.el5_5.2 expat-devel.i386 0:1.95.8-11.el5_8

openldap-devel.i386 0:2.3.43-28.el5_10

Updated:

httpd.i386 0:2.2.22-jason.1

Dependency Updated:

apr.i386 0:1.4.5-1.jason.1 apr-util.i386 0:1.3.12-1.jason.1 httpd-manual.i386 0:2.2.22-jason.1

mod_ssl.i386 1:2.2.22-jason.1

Complete!

Loaded plugins: fastestmirror, security

Loading mirror speeds from cached hostfile

* base: mirror.premi.st

* extras: mirror.premi.st

* rpmforge: ftp.riken.jp

* updates: data.nicehosting.co.kr

Setting up Install Process

Resolving Dependencies

--> Running transaction check

---> Package pcre.i386 0:8.13-1.jason.2 set to be updated

---> Package pcre-devel.i386 0:8.13-1.jason.2 set to be updated

--> Finished Dependency Resolution

Dependencies Resolved

===================================================================================

Package Arch Version Repository Size

===================================================================================

Updating:

pcre i386 8.13-1.jason.2 utterramblings 509 k

pcre-devel i386 8.13-1.jason.2 utterramblings 438 k

Transaction Summary

===================================================================================

Install 0 Package(s)

Upgrade 2 Package(s)

Total download size: 946 k

Downloading Packages:

(1/2): pcre-devel-8.13-1.jason.2.i386.rpm | 438 kB 00:02

(2/2): pcre-8.13-1.jason.2.i386.rpm | 509 kB 00:01

-----------------------------------------------------------------------------------

Total 202 kB/s | 946 kB 00:04

Running rpm_check_debug

Running Transaction Test

Finished Transaction Test

Transaction Test Succeeded

Running Transaction

Updating : pcre 1/4

Updating : pcre-devel 2/4

Cleanup : pcre 3/4

Cleanup : pcre-devel 4/4

Updated:

pcre.i386 0:8.13-1.jason.2 pcre-devel.i386 0:8.13-1.jason.2

Complete!

mod_security-2.5.9-1.jason.1

/etc/httpd/conf.d/mod_security.conf

/etc/httpd/modsecurity.d

/etc/httpd/modsecurity.d/modsecurity_crs_10_config.conf

/etc/httpd/modsecurity.d/modsecurity_crs_20_protocol_violations.conf

/etc/httpd/modsecurity.d/modsecurity_crs_21_protocol_anomalies.conf

/etc/httpd/modsecurity.d/modsecurity_crs_23_request_limits.conf

/etc/httpd/modsecurity.d/modsecurity_crs_30_http_policy.conf

/etc/httpd/modsecurity.d/modsecurity_crs_35_bad_robots.conf

/etc/httpd/modsecurity.d/modsecurity_crs_40_generic_attacks.conf

/etc/httpd/modsecurity.d/modsecurity_crs_45_trojans.conf

/etc/httpd/modsecurity.d/modsecurity_crs_50_outbound.conf

/etc/httpd/modsecurity.d/modsecurity_localrules.conf

/etc/httpd/modsecurity.d/optional_rules

/etc/httpd/modsecurity.d/optional_rules/modsecurity_crs_20_protocol_violations.conf

/etc/httpd/modsecurity.d/optional_rules/modsecurity_crs_21_protocol_anomalies.conf

/etc/httpd/modsecurity.d/optional_rules/modsecurity_crs_40_generic_attacks.conf

/etc/httpd/modsecurity.d/optional_rules/modsecurity_crs_42_comment_spam.conf

/etc/httpd/modsecurity.d/optional_rules/modsecurity_crs_42_tight_security.conf

/etc/httpd/modsecurity.d/optional_rules/modsecurity_crs_55_marketing.conf

/etc/mlogc.conf

/usr/bin/mlogc

/usr/lib/httpd/modules/mod_security2.so

/usr/share/doc/mod_security-2.5.9

/usr/share/doc/mod_security-2.5.9/CHANGES

/usr/share/doc/mod_security-2.5.9/LICENSE

/usr/share/doc/mod_security-2.5.9/MODSECURITY_LICENSING_EXCEPTION

/usr/share/doc/mod_security-2.5.9/README.TXT

/usr/share/doc/mod_security-2.5.9/doc

/usr/share/doc/mod_security-2.5.9/doc/apache_request_cycle-modsecurity.jpg

/usr/share/doc/mod_security-2.5.9/doc/breach-logo-small.gif

/usr/share/doc/mod_security-2.5.9/doc/html-multipage

/usr/share/doc/mod_security-2.5.9/doc/html-multipage/actions.html

/usr/share/doc/mod_security-2.5.9/doc/html-multipage/apache_request_cycle-modsecurity.jpg

/usr/share/doc/mod_security-2.5.9/doc/html-multipage/ar01s02.html

/usr/share/doc/mod_security-2.5.9/doc/html-multipage/ar01s10.html

/usr/share/doc/mod_security-2.5.9/doc/html-multipage/ar01s11.html

/usr/share/doc/mod_security-2.5.9/doc/html-multipage/ar01s12.html

/usr/share/doc/mod_security-2.5.9/doc/html-multipage/breach-logo-small.gif

/usr/share/doc/mod_security-2.5.9/doc/html-multipage/configuration-directives.html

/usr/share/doc/mod_security-2.5.9/doc/html-multipage/index.html

/usr/share/doc/mod_security-2.5.9/doc/html-multipage/installation.html

/usr/share/doc/mod_security-2.5.9/doc/html-multipage/introduction.html

/usr/share/doc/mod_security-2.5.9/doc/html-multipage/modsecurity-reference.css

/usr/share/doc/mod_security-2.5.9/doc/html-multipage/modsecurity.gif

/usr/share/doc/mod_security-2.5.9/doc/html-multipage/operators.html

/usr/share/doc/mod_security-2.5.9/doc/html-multipage/processing-phases.html

/usr/share/doc/mod_security-2.5.9/doc/html-multipage/transformation-functions.html

/usr/share/doc/mod_security-2.5.9/doc/html-multipage/variables.html

/usr/share/doc/mod_security-2.5.9/doc/index.html

/usr/share/doc/mod_security-2.5.9/doc/migration-matrix.html

/usr/share/doc/mod_security-2.5.9/doc/migration-matrix.xml

/usr/share/doc/mod_security-2.5.9/doc/modsecurity-reference.css

/usr/share/doc/mod_security-2.5.9/doc/modsecurity.gif

/usr/share/doc/mod_security-2.5.9/doc/modsecurity2-apache-reference.html

/usr/share/doc/mod_security-2.5.9/doc/modsecurity2-apache-reference.pdf

/usr/share/doc/mod_security-2.5.9/doc/modsecurity2-apache-reference.xml

/usr/share/doc/mod_security-2.5.9/doc/modsecurity2-data-formats.html

/usr/share/doc/mod_security-2.5.9/doc/modsecurity2-data-formats.pdf

/usr/share/doc/mod_security-2.5.9/doc/modsecurity2-data-formats.xml

/usr/share/doc/mod_security-2.5.9/modsecurity.conf-minimal

--2014-09-23 09:04:05-- https://github.com/SpiderLabs/owasp-modsecurity-crs/zipball/master

Resolving github.com... 192.30.252.130

Connecting to github.com|192.30.252.130|:443... connected.

HTTP request sent, awaiting response... 302 Found

Location: https://codeload.github.com/SpiderLabs/owasp-modsecurity-crs/legacy.zip/master [following]

--2014-09-23 09:04:06-- https://codeload.github.com/SpiderLabs/owasp-modsecurity-crs/legacy.zip/master

Resolving codeload.github.com... 192.30.252.144

Connecting to codeload.github.com|192.30.252.144|:443... connected.

HTTP request sent, awaiting response... 200 OK

Length: 343684 (336K) [application/zip]

Saving to: `master.zip'

100%[===================================================================================>] 343,684 227K/s in 1.5s

2014-09-23 09:04:08 (227 KB/s) - `master.zip' saved [343684/343684]

httpd.conf httpd.conf.rpmnew magic master.zip

httpd.conf httpd.conf.rpmnew magic master.zip SpiderLabs-owasp-modsecurity-crs-ebe8790/

crs/ httpd.conf httpd.conf.rpmnew magic master.zip

activated_rules/ INSTALL optional_rules/

base_rules/ LICENSE README.md

CHANGES lua/ slr_rules/

experimental_rules/ modsecurity_crs_10_setup.conf.example util/

Core Rule Set Quick Setup

=========================

To activate the rules for your web server installation:

1) Copy the modsecurity_crs_10_setup.conf.example file to modsecurity_crs_10_setup.conf

and customize the settings for your local environment.

The modsecurity_crs_10_setup.conf file includes management rules and directives

that can control important CRS functions. Pay attention to

the SecRuleEngine setting (On by default) and that the SecDefaultAction

directive is set to "pass". The 49 inbound blocking and 59 outbound blocking

rules files use the "block" action which

inherits this setting. This effectively means that you can toggle the

SecDefaultAction setting to decide if you would like to deny on an

anomaly scoring/correlation match.

Update the PARANOID_MODE variable setting if you want to become more

aggressive in your detection. Caution - this will cause more false positives.

Update the appropriate anomaly scoring levels that will be propagated

to the inbound/outbound blocking files.

Update the TX policy settings for allowed Request Methods, File Extensions, etc...

2) Enable the CRS rules files you want to use by creating symlinks under the

"activated_rules" directory location. You will want to create symlinks for the

following:

1) The main modsecurity_crs_10_setup.conf file

2) Any rules from the base_rules directory

3) Any remaining rules from the optional_rules, slr_rules or experimental_rules directories

$ pwd

/usr/local/apache/conf/crs

$ ls

CHANGELOG app_sensor modsecurity_crs_10_setup.conf slr_rules

LICENSE base_rules modsecurity_crs_10_setup.conf.example util

README experimental_rules modsecurity_crs_15_customrules.conf

activated_rules lua optional_rules

$ sudo ln -s /usr/local/apache/conf/crs/modsecurity_crs_10_setup.conf activated_rules/modsecurity_crs_10_setup.conf

$ for f in `ls base_rules/` ; do sudo ln -s /usr/local/apache/conf/crs/base_rules/$f activated_rules/$f ; done

$ for f in `ls optional_rules/ | grep comment_spam` ; do sudo ln -s /usr/local/apache/conf/crs/optional_rules/$f activated_rules/$f ; done

$ ls -l activated_rules

total 216

lrwxr-xr-x 1 root wheel 52 May 17 14:01 GsbMalware.dat -> /usr/local/apache/conf/crs/base_rules/GsbMalware.dat

lrwxr-xr-x 1 root wheel 68 May 17 14:01 modsecurity_35_bad_robots.data -> /usr/local/apache/conf/crs/base_rules/modsecurity_35_bad_robots.data

lrwxr-xr-x 1 root wheel 66 May 17 14:01 modsecurity_35_scanners.data -> /usr/local/apache/conf/crs/base_rules/modsecurity_35_scanners.data

lrwxr-xr-x 1 root wheel 73 May 17 14:01 modsecurity_40_generic_attacks.data -> /usr/local/apache/conf/crs/base_rules/modsecurity_40_generic_attacks.data

lrwxr-xr-x 1 root wheel 79 May 17 14:01 modsecurity_41_sql_injection_attacks.data -> /usr/local/apache/conf/crs/base_rules/modsecurity_41_sql_injection_attacks.data

lrwxr-xr-x 1 root wheel 74 May 17 14:14 modsecurity_42_comment_spam.data -> /usr/local/apache/conf/crs/optional_rules/modsecurity_42_comment_spam.data

lrwxr-xr-x 1 root wheel 66 May 17 14:01 modsecurity_50_outbound.data -> /usr/local/apache/conf/crs/base_rules/modsecurity_50_outbound.data

lrwxr-xr-x 1 root wheel 74 May 17 14:01 modsecurity_50_outbound_malware.data -> /usr/local/apache/conf/crs/base_rules/modsecurity_50_outbound_malware.data

lrwxr-xr-x 1 root wheel 73 May 17 14:01 modsecurity_crs_14_customrules.conf -> /usr/local/apache/conf/crs/base_rules/modsecurity_crs_14_customrules.conf

lrwxr-xr-x 1 root wheel 57 May 17 14:22 modsecurity_crs_10_setup.conf -> /usr/local/apache/conf/crs/modsecurity_crs_10_setup.conf

lrwxr-xr-x 1 root wheel 81 May 17 14:01 modsecurity_crs_20_protocol_violations.conf -> /usr/local/apache/conf/crs/base_rules/modsecurity_crs_20_protocol_violations.conf

lrwxr-xr-x 1 root wheel 80 May 17 14:01 modsecurity_crs_21_protocol_anomalies.conf -> /usr/local/apache/conf/crs/base_rules/modsecurity_crs_21_protocol_anomalies.conf

lrwxr-xr-x 1 root wheel 76 May 17 14:01 modsecurity_crs_23_request_limits.conf -> /usr/local/apache/conf/crs/base_rules/modsecurity_crs_23_request_limits.conf

lrwxr-xr-x 1 root wheel 73 May 17 14:01 modsecurity_crs_30_http_policy.conf -> /usr/local/apache/conf/crs/base_rules/modsecurity_crs_30_http_policy.conf

lrwxr-xr-x 1 root wheel 72 May 17 14:01 modsecurity_crs_35_bad_robots.conf -> /usr/local/apache/conf/crs/base_rules/modsecurity_crs_35_bad_robots.conf

lrwxr-xr-x 1 root wheel 77 May 17 14:01 modsecurity_crs_40_generic_attacks.conf -> /usr/local/apache/conf/crs/base_rules/modsecurity_crs_40_generic_attacks.conf

lrwxr-xr-x 1 root wheel 83 May 17 14:01 modsecurity_crs_41_sql_injection_attacks.conf -> /usr/local/apache/conf/crs/base_rules/modsecurity_crs_41_sql_injection_attacks.conf

lrwxr-xr-x 1 root wheel 73 May 17 14:01 modsecurity_crs_41_xss_attacks.conf -> /usr/local/apache/conf/crs/base_rules/modsecurity_crs_41_xss_attacks.conf

lrwxr-xr-x 1 root wheel 78 May 17 14:14 modsecurity_crs_42_comment_spam.conf -> /usr/local/apache/conf/crs/optional_rules/modsecurity_crs_42_comment_spam.conf

lrwxr-xr-x 1 root wheel 76 May 17 14:01 modsecurity_crs_42_tight_security.conf -> /usr/local/apache/conf/crs/base_rules/modsecurity_crs_42_tight_security.conf

lrwxr-xr-x 1 root wheel 69 May 17 14:01 modsecurity_crs_45_trojans.conf -> /usr/local/apache/conf/crs/base_rules/modsecurity_crs_45_trojans.conf

lrwxr-xr-x 1 root wheel 79 May 17 14:01 modsecurity_crs_47_common_exceptions.conf -> /usr/local/apache/conf/crs/base_rules/modsecurity_crs_47_common_exceptions.conf

lrwxr-xr-x 1 root wheel 86 May 17 14:01 modsecurity_crs_48_local_exceptions.conf.example ->

/usr/local/apache/conf/crs/base_rules/modsecurity_crs_48_local_exceptions.conf.example

lrwxr-xr-x 1 root wheel 78 May 17 14:01 modsecurity_crs_49_inbound_blocking.conf -> /usr/local/apache/conf/crs/base_rules/modsecurity_crs_49_inbound_blocking.conf

lrwxr-xr-x 1 root wheel 70 May 17 14:01 modsecurity_crs_50_outbound.conf -> /usr/local/apache/conf/crs/base_rules/modsecurity_crs_50_outbound.conf

lrwxr-xr-x 1 root wheel 79 May 17 14:01 modsecurity_crs_59_outbound_blocking.conf -> /usr/local/apache/conf/crs/base_rules/modsecurity_crs_59_outbound_blocking.conf

lrwxr-xr-x 1 root wheel 73 May 17 14:01 modsecurity_crs_60_correlation.conf -> /usr/local/apache/conf/crs/base_rules/modsecurity_crs_60_correlation.conf

lrwxr-xr-x 1 root wheel 73 May 17 14:01 modsecurity_crs_60_customrules.conf -> /usr/local/apache/conf/crs/base_rules/modsecurity_crs_60_customrules.conf

3) Add the following line to your httpd.conf (assuming

you've placed the rule files into conf/crs/):

<IfModule security2_module>

Include conf/crs/modsecurity_crs_10_setup.conf

Include conf/crs/activated_rules/*.conf

</IfModule>

3) Restart web server.

4) Make sure your web sites are still running fine.

5) Simulate an attack against the web server. Then check

the attack was correctly logged in the Apache error log,

ModSecurity debug log (if you enabled it) and ModSecurity

audit log (if you enabled it).

total 84K

lrwxrwxrwx 1 root root 61 Sep 23 09:36 modsecurity_35_bad_robots.data -> /etc/httpd/conf/crs/base_rules/modsecurity_35_bad_robots.data

lrwxrwxrwx 1 root root 59 Sep 23 09:36 modsecurity_35_scanners.data -> /etc/httpd/conf/crs/base_rules/modsecurity_35_scanners.data

lrwxrwxrwx 1 root root 66 Sep 23 09:36 modsecurity_40_generic_attacks.data -> /etc/httpd/conf/crs/base_rules/modsecurity_40_generic_attacks.data

lrwxrwxrwx 1 root root 35 Sep 23 09:37 modsecurity_42_comment_spam.data -> /etc/httpd/conf/crs/optional_rules//

lrwxrwxrwx 1 root root 59 Sep 23 09:36 modsecurity_50_outbound.data -> /etc/httpd/conf/crs/base_rules/modsecurity_50_outbound.data

lrwxrwxrwx 1 root root 67 Sep 23 09:36 modsecurity_50_outbound_malware.data -> /etc/httpd/conf/crs/base_rules/modsecurity_50_outbound_malware.data

lrwxrwxrwx 1 root root 49 Sep 23 09:22 modsecurity_crs_10_setup.conf -> /etc/httpd/conf/crs/modsecurity_crs_10_setup.conf

lrwxrwxrwx 1 root root 74 Sep 23 09:36 modsecurity_crs_20_protocol_violations.conf -> /etc/httpd/conf/crs/base_rules/modsecurity_crs_20_protocol_violations.conf

lrwxrwxrwx 1 root root 73 Sep 23 09:36 modsecurity_crs_21_protocol_anomalies.conf -> /etc/httpd/conf/crs/base_rules/modsecurity_crs_21_protocol_anomalies.conf

lrwxrwxrwx 1 root root 69 Sep 23 09:36 modsecurity_crs_23_request_limits.conf -> /etc/httpd/conf/crs/base_rules/modsecurity_crs_23_request_limits.conf

lrwxrwxrwx 1 root root 66 Sep 23 09:36 modsecurity_crs_30_http_policy.conf -> /etc/httpd/conf/crs/base_rules/modsecurity_crs_30_http_policy.conf

lrwxrwxrwx 1 root root 65 Sep 23 09:36 modsecurity_crs_35_bad_robots.conf -> /etc/httpd/conf/crs/base_rules/modsecurity_crs_35_bad_robots.conf

lrwxrwxrwx 1 root root 70 Sep 23 09:36 modsecurity_crs_40_generic_attacks.conf -> /etc/httpd/conf/crs/base_rules/modsecurity_crs_40_generic_attacks.conf

lrwxrwxrwx 1 root root 76 Sep 23 09:36 modsecurity_crs_41_sql_injection_attacks.conf -> /etc/httpd/conf/crs/base_rules/modsecurity_crs_41_sql_injection_attacks.conf

lrwxrwxrwx 1 root root 66 Sep 23 09:36 modsecurity_crs_41_xss_attacks.conf -> /etc/httpd/conf/crs/base_rules/modsecurity_crs_41_xss_attacks.conf

lrwxrwxrwx 1 root root 35 Sep 23 09:37 modsecurity_crs_42_comment_spam.conf -> /etc/httpd/conf/crs/optional_rules//

lrwxrwxrwx 1 root root 69 Sep 23 09:36 modsecurity_crs_42_tight_security.conf -> /etc/httpd/conf/crs/base_rules/modsecurity_crs_42_tight_security.conf

lrwxrwxrwx 1 root root 62 Sep 23 09:36 modsecurity_crs_45_trojans.conf -> /etc/httpd/conf/crs/base_rules/modsecurity_crs_45_trojans.conf

lrwxrwxrwx 1 root root 72 Sep 23 09:36 modsecurity_crs_47_common_exceptions.conf -> /etc/httpd/conf/crs/base_rules/modsecurity_crs_47_common_exceptions.conf

lrwxrwxrwx 1 root root 79 Sep 23 09:36 modsecurity_crs_48_local_exceptions.conf.example -> /etc/httpd/conf/crs/base_rules/modsecurity_crs_48_local_exceptions.conf.example

lrwxrwxrwx 1 root root 71 Sep 23 09:36 modsecurity_crs_49_inbound_blocking.conf -> /etc/httpd/conf/crs/base_rules/modsecurity_crs_49_inbound_blocking.conf

lrwxrwxrwx 1 root root 63 Sep 23 09:36 modsecurity_crs_50_outbound.conf -> /etc/httpd/conf/crs/base_rules/modsecurity_crs_50_outbound.conf

lrwxrwxrwx 1 root root 72 Sep 23 09:36 modsecurity_crs_59_outbound_blocking.conf -> /etc/httpd/conf/crs/base_rules/modsecurity_crs_59_outbound_blocking.conf

lrwxrwxrwx 1 root root 66 Sep 23 09:36 modsecurity_crs_60_correlation.conf -> /etc/httpd/conf/crs/base_rules/modsecurity_crs_60_correlation.conf

-rw-r--r-- 1 root root 5.6K Apr 17 07:24 README

..... (중략) .....

207 #

208 # Load config files from the config directory "/etc/httpd/conf.d".

209 #

210 Include conf.d/*.conf

..... (중략) .....

# Example configuration file for the mod_security Apache module

LoadModule security2_module modules/mod_security2.so

LoadModule unique_id_module modules/mod_unique_id.so

<IfModule mod_security2.c>

# This is the ModSecurity Core Rules Set.

# Basic configuration goes in here

Include modsecurity.d/modsecurity_crs_10_config.conf

# Protocol violation and anomalies.

Include modsecurity.d/modsecurity_crs_20_protocol_violations.conf

Include modsecurity.d/modsecurity_crs_21_protocol_anomalies.conf

# HTTP policy rules

Include modsecurity.d/modsecurity_crs_30_http_policy.conf

# Here comes the Bad Stuff...

Include modsecurity.d/modsecurity_crs_35_bad_robots.conf

Include modsecurity.d/modsecurity_crs_40_generic_attacks.conf

Include modsecurity.d/modsecurity_crs_45_trojans.conf

Include modsecurity.d/modsecurity_crs_50_outbound.conf

# Search engines and other crawlers. Only useful if you want to track

# Google / Yahoo et. al.

# Include modsecurity.d/modsecurity_crs_55_marketing.conf

# Put your local rules in here.

Include modsecurity.d/modsecurity_localrules.conf

</IfModule>

Stopping httpd: [FAILED]

Starting httpd: [ OK ]

16819 /usr/sbin/httpd

16822 /usr/sbin/httpd

16823 /usr/sbin/httpd

16824 /usr/sbin/httpd

16825 /usr/sbin/httpd

16826 /usr/sbin/httpd

16827 /usr/sbin/httpd

16828 /usr/sbin/httpd

16829 /usr/sbin/httpd

drwxr-xr-x 3 root root 4.0K Sep 23 11:03 conf/

drwxr-xr-x 2 root root 4.0K Sep 23 11:08 conf.d/

lrwxrwxrwx 1 root root 19 Sep 22 22:30 logs -> ../../var/log/httpd/

drwxr-xr-x 3 root root 4.0K Sep 22 22:28 modsecurity.d/

lrwxrwxrwx 1 root root 27 Sep 22 22:30 modules -> ../../usr/lib/httpd/modules/

lrwxrwxrwx 1 root root 13 Sep 22 22:30 run -> ../../var/run/

access_log error_log.2 ssl_access_log.1 ssl_error_log.3

access_log.1 error_log.3 ssl_access_log.2 ssl_error_log.4

access_log.2 error_log.4 ssl_access_log.3 ssl_request_log

access_log.3 modsec_audit.log ssl_error_log ssl_request_log.1

error_log modsec_debug.log ssl_error_log.1 ssl_request_log.2

error_log.1 ssl_access_log ssl_error_log.2 ssl_request_log.3

fimap v.09 (For the Swarm)

:: Automatic LFI/RFI scanner and exploiter

:: by Iman Karim (fimap.dev@gmail.com)

Requesting list of plugins...

##################################################################################################################

#LIST OF TRUSTED PLUGINS #

##################################################################################################################

#[1] Weevils injector by Darren "Infodox" Martyn <infodox@insecurety.net> - At version 2 not installed. #

#[2] AES HTTP reverse shell by Darren "Infodox" Martyn <infodox@insecurety.net> - At version 1 not installed. #

#[q] Cancel and Quit. #

##################################################################################################################

Choose a plugin to install: 1

Downloading plugin 'weevils' (http://85.214.72.67/fimap_plugins/weevils-0.2.tar.gz)...

Unpacking plugin...

Plugin 'Upload Weevely' installed successfully!

fimap v.09 (For the Swarm)

:: Automatic LFI/RFI scanner and exploiter

:: by Iman Karim (fimap.dev@gmail.com)

Requesting list of plugins...

##################################################################################################################

#LIST OF TRUSTED PLUGINS #

##################################################################################################################

#[1] Weevils injector by Darren "Infodox" Martyn <infodox@insecurety.net> - At version 2 has an UPDATE. #

#[2] AES HTTP reverse shell by Darren "Infodox" Martyn <infodox@insecurety.net> - At version 1 not installed. #

#[q] Cancel and Quit. #

##################################################################################################################

Choose a plugin to install: 2

Downloading plugin 'aeshttp' (http://85.214.72.67/fimap_plugins/aeshttp-0.1.tar.gz)...

Unpacking plugin...

Plugin 'AES HTTP Reverse Shell Injector' installed successfully!

fimap v.09 (For the Swarm)

:: Automatic LFI/RFI scanner and exploiter

:: by Iman Karim (fimap.dev@gmail.com)

Usage: ./fimap.py [options]

## Operating Modes:

-s , --single Mode to scan a single URL for FI errors.

Needs URL (-u). This mode is the default.

-m , --mass Mode for mass scanning. Will check every URL

from a given list (-l) for FI errors.

-g , --google Mode to use Google to aquire URLs.

Needs a query (-q) as google search query.

-H , --harvest Mode to harvest a URL recursivly for new URLs.

Needs a root url (-u) to start crawling there.

Also needs (-w) to write a URL list for mass mode.

-4 , --autoawesome With the AutoAwesome mode fimap will fetch all

forms and headers found on the site you defined

and tries to find file inclusion bugs thru them. Needs an

URL (-u).

## Techniques:

-b , --enable-blind Enables blind FI-Bug testing when no error messages are printed.

Note that this mode will cause lots of requests compared to the

default method. Can be used with -s, -m or -g.

-D , --dot-truncation Enables dot truncation technique to get rid of the suffix if

the default mode (nullbyte poison) failed. This mode can cause

tons of requests depending how you configure it.

By default this mode only tests windows servers.

Can be used with -s, -m or -g. Experimental.

-M , --multiply-term=X Multiply terminal symbols like '.' and '/' in the path by X.

## Variables:

-u , --url=URL The URL you want to test.

Needed in single mode (-s).

-l , --list=LIST The URL-LIST you want to test.

Needed in mass mode (-m).

-q , --query=QUERY The Google Search QUERY.

Example: 'inurl:include.php'

Needed in Google Mode (-g)

--skip-pages=X Skip the first X pages from the Googlescanner.

-p , --pages=COUNT Define the COUNT of pages to search (-g).

Default is 10.

--results=COUNT The count of results the Googlescanner should get per page.

Possible values: 10, 25, 50 or 100(default).

--googlesleep=TIME The time in seconds the Googlescanner should wait befor each

request to google. fimap will count the time between two requests

and will sleep if it's needed to reach your cooldown. Default is 5.

-w , --write=LIST The LIST which will be written if you have choosen

harvest mode (-H). This file will be opened in APPEND mode.

-d , --depth=CRAWLDEPTH The CRAWLDEPTH (recurse level) you want to crawl your target site

in harvest mode (-H). Default is 1.

-P , --post=POSTDATA The POSTDATA you want to send. All variables inside

will also be scanned for file inclusion bugs.

--cookie=COOKIES Define the cookie which should be send with each request.

Also the cookies will be scanned for file inclusion bugs.

Concatenate multiple cookies with the ';' character.

--ttl=SECONDS Define the TTL (in seconds) for requests. Default is 30 seconds.

--no-auto-detect Use this switch if you don't want to let fimap automaticly detect

the target language in blind-mode. In that case you will get some

options you can choose if fimap isn't sure which lang it is.

--bmin=BLIND_MIN Define here the minimum count of directories fimap should walk thru

in blind mode. The default number is defined in the generic.xml

--bmax=BLIND_MAX Define here the maximum count of directories fimap should walk thru.

--dot-trunc-min=700 The count of dots to begin with in dot-truncation mode.

--dot-trunc-max=2000 The count of dots to end with in dot-truncation mode.

--dot-trunc-step=50 The step size for each round in dot-truncation mode.

--dot-trunc-ratio=0.095 The maximum ratio to detect if dot truncation was successfull.

--dot-trunc-also-unix Use this if dot-truncation should also be tested on unix servers.

--force-os=OS Forces fimap to test only files for the OS.

OS can be 'unix' or 'windows'

## Attack Kit:

-x , --exploit Starts an interactive session where you can

select a target and do some action.

-T , --tab-complete Enables TAB-Completation in exploit mode. Needs readline module.

Use this if you want to be able to tab-complete thru remote

files\dirs. Eats an extra request for every 'cd' command.

## Disguise Kit:

-A , --user-agent=UA The User-Agent which should be sent.

--http-proxy=PROXY Setup your proxy with this option. But read this facts:

* The googlescanner will ignore the proxy to get the URLs,

but the pentest\attack itself will go thru proxy.

* PROXY should be in format like this: 127.0.0.1:8080

* It's experimental

--show-my-ip Shows your internet IP, current country and user-agent.

Useful if you want to test your vpn\proxy config.

## Plugins:

--plugins List all loaded plugins and quit after that.

-I , --install-plugins Shows some official exploit-mode plugins you can install

and\or upgrade.

## Other:

--update-def Checks and updates your definition files found in the

config directory.

--test-rfi A quick test to see if you have configured RFI nicely.

--merge-xml=XMLFILE Use this if you have another fimap XMLFILE you want to

include to your own fimap_result.xml.

-C , --enable-color Enables a colorful output. Works only in linux!

--force-run Ignore the instance check and just run fimap even if a lockfile

exists. WARNING: This may erase your fimap_results.xml file!

-v , --verbose=LEVEL Verbose level you want to receive.

LEVEL=3 -> Debug

LEVEL=2 -> Info(Default)

LEVEL=1 -> Messages

LEVEL=0 -> High-Level

--credits Shows some credits.

--greetings Some greetings ;)

-h , --help Shows this cruft.

## Examples:

1. Scan a single URL for FI errors:

./fimap.py -u 'http://localhost/test.php?file=bang&id=23'

2. Scan a list of URLS for FI errors:

./fimap.py -m -l '/tmp/urllist.txt'

3. Scan Google search results for FI errors:

./fimap.py -g -q 'inurl:include.php'

4. Harvest all links of a webpage with recurse level of 3 and

write the URLs to /tmp/urllist

./fimap.py -H -u 'http://localhost' -d 3 -w /tmp/urllist

fimap v.09 (For the Swarm)

:: Automatic LFI/RFI scanner and exploiter

:: by Iman Karim (fimap.dev@gmail.com)

SingleScan is testing URL: 'http://192.168.20.200/test.php?file=bang&id=23'

[08:37:31] [OUT] Inspecting URL 'http://192.168.20.200/test.php?file=bang&id=23'...

[08:37:31] [INFO] Fiddling around with URL...

[08:37:31] [WARN] HTTP Error 400: Bad Request

[08:37:31] [WARN] HTTP Error 400: Bad Request

Target URL isn't affected by any file inclusion bug :(

192.168.20.50 - - [12/Dec/2014:17:31:30 +0900] "GET /test.php?file=bang&id=LOmISkC5 HTTP/1.1" 400 302 "-" "fimap.googlecode.com/v09 (For the Swarm)"

192.168.20.50 - - [12/Dec/2014:17:31:30 +0900] "GET /test.php?file=W9YWiyO6&id=23 HTTP/1.1" 400 302 "-" "fimap.googlecode.com/v09 (For the Swarm)"