Re: [CentOS] LUKS question

[John R Pierce]

On 12/12/2017 3:42 PM, Robert Nichols wrote:

On 12/12/2017 08:41 AM, Wells, Roger K. wrote:

I have existing systems with un-encrypted disks.
I have tried unsuccessfully to encrypt them using LUKS.
Has anyone out there been able to encrypt an existing system (after 
the fact, so to speak)?


You can do that with cryptsetup-reencrypt, but it needs to be able to 
make space for the ~2MB LUKS header ahead of the filesystem in the 
partition. That's a fairly risky operation -- shrinking the filesystem 
slightly and shifting it over.



the whole reencrypt process is subject to complete failure if the system 
reboots partly through as there's no way to deal with partially 
encrypted and partially cleartext.



An alternative is LUKS with a detached header, but maintaining that 
relationship is an administrative headache with a severe penalty for 
error. 



I'd say disk encryption in general is an admin headache with severe 
penalty for error.



--
john r pierce, recycling bits in santa cruz

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] LUKS question

[Robert Nichols]

On 12/12/2017 08:41 AM, Wells, Roger K. wrote:

I have existing systems with un-encrypted disks.
I have tried unsuccessfully to encrypt them using LUKS.
Has anyone out there been able to encrypt an existing system (after the fact, 
so to speak)?


You can do that with cryptsetup-reencrypt, but it needs to be able to make 
space for the ~2MB LUKS header ahead of the filesystem in the partition. That's 
a fairly risky operation -- shrinking the filesystem slightly and shifting it 
over. An alternative is LUKS with a detached header, but maintaining that 
relationship is an administrative headache with a severe penalty for error.

--
Bob Nichols "NOSPAM" is really part of my email address.
Do NOT delete it.

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Spamassassin vs. SELinux trouble

[Gordon Messmer]

On 12/12/2017 04:37 AM, Nicolas Kovacs wrote:

Spamassassin has been working nicely on my main server running CentOS 7
and Postfix. SELinux is activated (Enforcing).
...
SELinux is preventing /usr/bin/perl from 'read, write' accesses on the
file /var/log/spamassassin/.spamassassin/bayes_toks.
...
Source Contextsystem_u:system_r:spamd_t:s0
Target Contextsystem_u:object_r:var_log_t:s0


You may have had a custom context set on /var/log/spamassassin or a 
sub-path in the past, overwritten by a recent update.  That's a normal 
occurrence if you set context using chcon rather than "semanage 
fcontext".  The latter is persistent; the former is not.


Spamassassin can write to /var/lib/spamassassin, which makes that a more 
suitable location for bayes_toks than /var/log.  However, if you'd 
prefer to keep your bayes_toks file where it is, use:


  semanage fcontext -a -t spamd_var_lib_t 
/var/log/spamassassin/.spamassassin

  restorecon -Rv /var/log/spamassassin/.spamassassin

That should set a new context for the path in your local policy, and 
then apply that context.  Afterward, spamd should be able to write to 
that path.

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Spamassassin vs. SELinux trouble

[Kenneth Porter]

On 12/12/2017 4:37 AM, Nicolas Kovacs wrote:

SELinux is preventing /usr/bin/perl from 'read, write' accesses on the
file/var/log/spamassassin/.spamassassin/bayes_toks.


What user is this running as? Who has /var/log/spamassassin as the home 
directory?


___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS-docs] wiki.centos.org .. what's next ?

[Johnny Hughes]

On 12/12/2017 10:29 AM, Fabian Arrotin wrote:
> On 12/12/17 17:25, Akemi Yagi wrote:
>> On Mon, Dec 11, 2017 at 1:00 AM, Fabian Arrotin > > wrote:
>>
>> it's all in the title : what's next for wiki.centos.org
>>  ?
>>
>> As a reminder, current wiki.centos.org 
>> instance is powered by moinmoin
>> (https://moinmo.in/) but quite an old version (moin-1.5.8-3.el6.noarch)
>>
>> Recently I had a quick look at trying to update/upgrade that version to
>> something newer/supported, but it's a nightmare : the data conversion
>> just kill the target server (oom) and no way to know why. When trying to
>> get help from moin people in their irc server, I was answered that such
>> old version wasn't supported, and that those upgrade scripts themselves
>> aren't supported either, so nobody would help finding why they'd be
>> buggy without having access to the full data.
>>
>> Of course exposing the whole wiki instance (including user/pass) isn't
>> an option, so except if somebody has really a clue about what can go
>> wrong with the update script from 1.5 to 1.6 (and then it has to be done
>> for each major.minor upgrade, so all that in a chained operation), the
>> migration will be impossible.
>>
>> That's why I'd like to discuss a possibility to move wiki to something
>> else, and that's even why we should discuss the need for a wiki itself.
>>
>> If we want to continue to have community written/maintained content,
>> should be still use a wiki or something else ? Moin was selected ~10y
>> ago for its simplicity and online editing, but in 2017, most people (dev
>> and ops) are probably using other workflows, like git/pull-requests/etc.
>>
>> So what about exploring other possibilities ?
>>
>> I don't have a real proposal (even if mkdocs.org 
>> , simple solution with
>> Markdown, combined with git would be perfect for me) but just wanted to
>> start a dedicated thread so that we can think about the future of
>> wiki.centos.org 
>>
>> Opinions ? Proposals ? anything else ? Fee free to comment :-)
>>
>>
>> ​I personally would like to see an update to the current wiki​. However
>> if this is not plausible, maybe an alternative like mediawiki can be
>> considered?
>>
>> One note I want to make is that use of git may not be suitable/best for
>> docs and certainly will be frowned upon by some notable contributors to
>> the current wiki.
>>
>> Akemi
>>
> 
> *ack*
> 
> So maybe we should try to reach out the moinmoin people to see if they'd
> like to see us continuing using moin or switch to something else.
> 
> Mediawiki can be investigated, as that's also Fedora switched to in the
> past.
> So we already know that :
> - openid auth works (against FAS, so that will work with ACO)
> - they probably had some migration scripts somewhere that we can test if
> needed)

I don't really have any preferences .. other than, not github, unless it
is the ONLY thing that would work.  I have an issue using non open
source solution unless it is a last resort,




signature.asc
Description: OpenPGP digital signature
___
CentOS-docs mailing list
CentOS-docs@centos.org
https://lists.centos.org/mailman/listinfo/centos-docs

Re: [CentOS-docs] wiki.centos.org .. what's next ?

[Fabian Arrotin]

On 12/12/17 17:25, Akemi Yagi wrote:
> On Mon, Dec 11, 2017 at 1:00 AM, Fabian Arrotin  > wrote:
> 
> it's all in the title : what's next for wiki.centos.org
>  ?
> 
> As a reminder, current wiki.centos.org 
> instance is powered by moinmoin
> (https://moinmo.in/) but quite an old version (moin-1.5.8-3.el6.noarch)
> 
> Recently I had a quick look at trying to update/upgrade that version to
> something newer/supported, but it's a nightmare : the data conversion
> just kill the target server (oom) and no way to know why. When trying to
> get help from moin people in their irc server, I was answered that such
> old version wasn't supported, and that those upgrade scripts themselves
> aren't supported either, so nobody would help finding why they'd be
> buggy without having access to the full data.
> 
> Of course exposing the whole wiki instance (including user/pass) isn't
> an option, so except if somebody has really a clue about what can go
> wrong with the update script from 1.5 to 1.6 (and then it has to be done
> for each major.minor upgrade, so all that in a chained operation), the
> migration will be impossible.
> 
> That's why I'd like to discuss a possibility to move wiki to something
> else, and that's even why we should discuss the need for a wiki itself.
> 
> If we want to continue to have community written/maintained content,
> should be still use a wiki or something else ? Moin was selected ~10y
> ago for its simplicity and online editing, but in 2017, most people (dev
> and ops) are probably using other workflows, like git/pull-requests/etc.
> 
> So what about exploring other possibilities ?
> 
> I don't have a real proposal (even if mkdocs.org 
> , simple solution with
> Markdown, combined with git would be perfect for me) but just wanted to
> start a dedicated thread so that we can think about the future of
> wiki.centos.org 
> 
> Opinions ? Proposals ? anything else ? Fee free to comment :-)
> 
> 
> ​I personally would like to see an update to the current wiki​. However
> if this is not plausible, maybe an alternative like mediawiki can be
> considered?
> 
> One note I want to make is that use of git may not be suitable/best for
> docs and certainly will be frowned upon by some notable contributors to
> the current wiki.
> 
> Akemi
> 

*ack*

So maybe we should try to reach out the moinmoin people to see if they'd
like to see us continuing using moin or switch to something else.

Mediawiki can be investigated, as that's also Fedora switched to in the
past.
So we already know that :
- openid auth works (against FAS, so that will work with ACO)
- they probably had some migration scripts somewhere that we can test if
needed)

-- 
Fabian Arrotin
The CentOS Project | https://www.centos.org
gpg key: 56BEC54E | twitter: @arrfab



signature.asc
Description: OpenPGP digital signature
___
CentOS-docs mailing list
CentOS-docs@centos.org
https://lists.centos.org/mailman/listinfo/centos-docs

Re: [CentOS-docs] wiki.centos.org .. what's next ?

[Akemi Yagi]

On Mon, Dec 11, 2017 at 1:00 AM, Fabian Arrotin  wrote:

> it's all in the title : what's next for wiki.centos.org ?
>
> As a reminder, current wiki.centos.org instance is powered by moinmoin
> (https://moinmo.in/) but quite an old version (moin-1.5.8-3.el6.noarch)
>
> Recently I had a quick look at trying to update/upgrade that version to
> something newer/supported, but it's a nightmare : the data conversion
> just kill the target server (oom) and no way to know why. When trying to
> get help from moin people in their irc server, I was answered that such
> old version wasn't supported, and that those upgrade scripts themselves
> aren't supported either, so nobody would help finding why they'd be
> buggy without having access to the full data.
>
> Of course exposing the whole wiki instance (including user/pass) isn't
> an option, so except if somebody has really a clue about what can go
> wrong with the update script from 1.5 to 1.6 (and then it has to be done
> for each major.minor upgrade, so all that in a chained operation), the
> migration will be impossible.
>
> That's why I'd like to discuss a possibility to move wiki to something
> else, and that's even why we should discuss the need for a wiki itself.
>
> If we want to continue to have community written/maintained content,
> should be still use a wiki or something else ? Moin was selected ~10y
> ago for its simplicity and online editing, but in 2017, most people (dev
> and ops) are probably using other workflows, like git/pull-requests/etc.
>
> So what about exploring other possibilities ?
>
> I don't have a real proposal (even if mkdocs.org , simple solution with
> Markdown, combined with git would be perfect for me) but just wanted to
> start a dedicated thread so that we can think about the future of
> wiki.centos.org
>
> Opinions ? Proposals ? anything else ? Fee free to comment :-)


​I personally would like to see an update to the current wiki​. However if
this is not plausible, maybe an alternative like mediawiki can be
considered?

One note I want to make is that use of git may not be suitable/best for
docs and certainly will be frowned upon by some notable contributors to the
current wiki.

Akemi
___
CentOS-docs mailing list
CentOS-docs@centos.org
https://lists.centos.org/mailman/listinfo/centos-docs

[CentOS] Mate desktop configuration question

[me]

Hi,

I am using Mate Desktop from EPEL on a C7.4 system with multiple desktops
enabled.

Does anyone know how to force alt tab to only switch between applications
on the current desktop?

Currently it seems that it picks some random app from another desktop that
I was on previously (most time the browser).

I only want it to chose from apps on the current desktop. It used to work
they way that I want but when I upgraded to 7.4 it broke.

I seem to remember when I built this machine there was a check box somewhere
to control that behavior but I cannot find it.

Regards,

--
Tom m...@tdiehl.org
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] LUKS question

[Valeri Galtsev]

On Tue, December 12, 2017 9:06 am, Christian, Mark wrote:
> On Tue, 2017-12-12 at 09:41 -0500, Wells, Roger K. wrote:
>> I have existing systems with un-encrypted disks.
>> I have tried unsuccessfully to encrypt them using LUKS.
>> Has anyone out there been able to encrypt an existing system (after the
>> fact, so to speak)?
> Using cryptsetup to create a LUKS encrypted disk will wipe all the data on
> an
> existing disk.

This is easy to understand if one considers them as layers: and you can
not sneak anything underneath existing layer, you can only put next layer
on top of existing (first is without second is with encryption):

physical or virtual disk --> filesystem

physical or virtual disk --> encryption layer --> filesystem

I hope, this helps.

Valeri

>
> Mark
>
>>
>> TIA
>>
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos
>



Valeri Galtsev
Sr System Administrator
Department of Astronomy and Astrophysics
Kavli Institute for Cosmological Physics
University of Chicago
Phone: 773-702-4247

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] LUKS question

[Christian, Mark]

On Tue, 2017-12-12 at 09:41 -0500, Wells, Roger K. wrote:
> I have existing systems with un-encrypted disks.
> I have tried unsuccessfully to encrypt them using LUKS.
> Has anyone out there been able to encrypt an existing system (after the 
> fact, so to speak)?
Using cryptsetup to create a LUKS encrypted disk will wipe all the data on an
existing disk.

Mark

> 
> TIA
> 
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

[CentOS] LUKS question

[Wells, Roger K.]

I have existing systems with un-encrypted disks.
I have tried unsuccessfully to encrypt them using LUKS.
Has anyone out there been able to encrypt an existing system (after the 
fact, so to speak)?


TIA

--
Roger Wells, P.E.
leidos
221 Third St
Newport, RI 02840
401-847-4210 (voice)
401-849-1585 (fax)
roger.k.we...@leidos.com

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] upgrading python

[Larry Martell]

On Tue, Dec 12, 2017 at 9:11 AM,   wrote:
> Larry Martell wrote:
>> On Mon, Dec 11, 2017 at 4:32 PM, Larry Martell 
>> wrote:
>>> On Mon, Dec 11, 2017 at 4:25 PM, Clint Dilks 
>>> wrote:
 On Tue, Dec 12, 2017 at 10:09 AM, Larry Martell
 
 wrote:
> On Tue, Dec 5, 2017 at 8:22 AM, Pete Biggs  wrote:
> > On Tue, 2017-12-05 at 14:16 +0100, Kai Grunau wrote:
> >> On 05.12.2017 14:05, Larry Martell wrote:
> >> > I am running CentOS 7 and I have python version:
> >> > Python 2.7.5 (default, Sep 15 2016, 22:37:39)
> >> > I need a newer version of 2.7 to pick up a bug fix. How can I do
> >> that (without breaking anything in CentOS)?
> 
> > Or use Software Collections, the Python27 package from there has
> > 2.7.13
> >  https://www.softwarecollections.org/en/scls/rhscl/python27/
> >  https://wiki.centos.org/AdditionalResources/Repositories/SCL
>
> I followed the instructions at the first link and I still only seem to
> have 2.7.5. How can I specify a newer version?
>>>
 Hi, perhaps reading https://www.softwarecollections.org/en/ and
 https://www.softwarecollections.org/en/scls/rhscl/python27/ will help.

 Have you done scl enable python27 bash in your current shell?
>>>
>>> Thanks. Missed that. Now I do get 7.5.13 but it seems I have to type
>>> that command in each new shell. Can I make that the default python? I
>>> want django and uWSGI to use that version.
> 
> I guess my very brief suggestion  wasn't understood: in whatever shell
> script you use to start the tools you want to use, insert, at the top,
> right under the #!/bin/bash, the line
>  . /opt//enable
> so that the paths are set for that shell script, and all its children.
> This will not result in you going into python's command line, nor will it
> affect anything else, including yum.

Sorry, missed your previous post. Ended up that I had to reinstall
uWSGI using the 2.5.13 pip, and then link
/opt/rh/python27/root/usr/bin/uwsgi to /usr/bin/uwsgi. Now that I have
it running, hopefull it will resolve the issue I had (which was a bug
in the 2.7.5 zlib).
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] upgrading python

[m . roth]

Larry Martell wrote:
> On Mon, Dec 11, 2017 at 4:32 PM, Larry Martell 
> wrote:
>> On Mon, Dec 11, 2017 at 4:25 PM, Clint Dilks 
>> wrote:
>>> On Tue, Dec 12, 2017 at 10:09 AM, Larry Martell
>>> 
>>> wrote:
 On Tue, Dec 5, 2017 at 8:22 AM, Pete Biggs  wrote:
 > On Tue, 2017-12-05 at 14:16 +0100, Kai Grunau wrote:
 >> On 05.12.2017 14:05, Larry Martell wrote:
 >> > I am running CentOS 7 and I have python version:
 >> > Python 2.7.5 (default, Sep 15 2016, 22:37:39)
 >> > I need a newer version of 2.7 to pick up a bug fix. How can I do
 >> that (without breaking anything in CentOS)?

 > Or use Software Collections, the Python27 package from there has
 > 2.7.13
 >  https://www.softwarecollections.org/en/scls/rhscl/python27/
 >  https://wiki.centos.org/AdditionalResources/Repositories/SCL

 I followed the instructions at the first link and I still only seem to
 have 2.7.5. How can I specify a newer version?
>>
>>> Hi, perhaps reading https://www.softwarecollections.org/en/ and
>>> https://www.softwarecollections.org/en/scls/rhscl/python27/ will help.
>>>
>>> Have you done scl enable python27 bash in your current shell?
>>
>> Thanks. Missed that. Now I do get 7.5.13 but it seems I have to type
>> that command in each new shell. Can I make that the default python? I
>> want django and uWSGI to use that version.

I guess my very brief suggestion  wasn't understood: in whatever shell
script you use to start the tools you want to use, insert, at the top,
right under the #!/bin/bash, the line
 . /opt//enable
so that the paths are set for that shell script, and all its children.
This will not result in you going into python's command line, nor will it
affect anything else, including yum.

   mark


___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

[CentOS-virt] ANNOUNCE: Upstream libvirt{, -python} releases built for CentOS

[Jiri Denemark]

Hi all,

Apparently some folks use CentOS for developing and/or testing software
on top of libvirt (e.g., oVirt), which may be a bit troublesome since
the version of libvirt released with CentOS is usually quite old
compared to upstream. Using the downstream releases of libvirt for
developing new features can introduce several months of delay, which may
not be acceptable.

So to make the development easier for folks who want to stick with
CentOS I started to built upstream libvirt releases for Virt-SIG. The
builds are not just a result of "make rpm", they are proper rebased
versions of the released CentOS builds. In other words, all required
downstream changes are ported to the new libvirt release. Regular CentOS
builds essentially use one of these rebased builds as a base.

You can expect both libvirt and libvirt-python CentOS builds within a
few days after they are released upstream, unless I'm on vacation or CBS
is not cooperating.

The official repository for these build is

http://mirror.centos.org/centos-7/7/virt/x86_64/libvirt-latest/

If you want packages for other architectures (there's no virt directory
in http://mirror.centos.org/altarch/7/), you can use

https://buildlogs.centos.org/centos/7/virt/$basearch/libvirt-latest/

or specifically

https://buildlogs.centos.org/centos/7/virt/ppc64le/libvirt-latest/
https://buildlogs.centos.org/centos/7/virt/aarch64/libvirt-latest/
https://buildlogs.centos.org/centos/7/virt/x86_64/libvirt-latest/

Happy hacking.

Jirka
___
CentOS-virt mailing list
CentOS-virt@centos.org
https://lists.centos.org/mailman/listinfo/centos-virt

Re: [CentOS] upgrading python

[Larry Martell]

On Mon, Dec 11, 2017 at 4:32 PM, Larry Martell  wrote:
> On Mon, Dec 11, 2017 at 4:25 PM, Clint Dilks  
> wrote:
>> On Tue, Dec 12, 2017 at 10:09 AM, Larry Martell 
>> wrote:
>>
>>> On Tue, Dec 5, 2017 at 8:22 AM, Pete Biggs  wrote:
>>> > On Tue, 2017-12-05 at 14:16 +0100, Kai Grunau wrote:
>>> >> On 05.12.2017 14:05, Larry Martell wrote:
>>> >> > I am running CentOS 7 and I have python version:
>>> >> >
>>> >> > Python 2.7.5 (default, Sep 15 2016, 22:37:39)
>>> >> >
>>> >> > I need a newer version of 2.7 to pick up a bug fix. How can I do that
>>> >> > (without breaking anything in CentOS)?
>>> >>
>>> >> you could use the anaconda software, it is independent of the OS
>>> >> regards
>>> >>
>>> >>
>>> >
>>> > Or use Software Collections, the Python27 package from there has 2.7.13
>>> >
>>> >  https://www.softwarecollections.org/en/scls/rhscl/python27/
>>> >
>>> >  https://wiki.centos.org/AdditionalResources/Repositories/SCL
>>>
>>> I followed the instructions at the first link and I still only seem to
>>> have 2.7.5. How can I specify a newer version?
>
>> Hi, perhaps reading https://www.softwarecollections.org/en/ and
>> https://www.softwarecollections.org/en/scls/rhscl/python27/ will help.
>>
>> Have you done scl enable python27 bash in your current shell?
>
> Thanks. Missed that. Now I do get 7.5.13 but it seems I have to type
> that command in each new shell. Can I make that the default python? I
> want django and uWSGI to use that version.

After I issue the command scl enable python27 bash, and my python is
then 2.7.13, when I run pip will it use 2.17.13 to build what I am
downloading?
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Spamassassin vs. SELinux trouble

[Peter Kjellström]

On Tue, 12 Dec 2017 13:37:30 +0100
Nicolas Kovacs  wrote:

> Hi,
> 
> Spamassassin has been working nicely on my main server running CentOS
> 7 and Postfix. SELinux is activated (Enforcing).
> 
> Since the most recent update (don't know if it's related to it though)
> I'm getting the following SELinux error.
> 
> --8<-
> SELinux is preventing /usr/bin/perl from 'read, write' accesses on the
> file /var/log/spamassassin/.spamassassin/bayes_toks.
...
> Additional Information:
> Source Contextsystem_u:system_r:spamd_t:s0
> Target Contextsystem_u:object_r:var_log_t:s0

This seems like it should have been denied. You probably don't want
system_r:spamd_t to write to var_log_t.

I don't have access to a c7 with spamassasin right now but would guess
that /var/log/spamassassin/.spamassassin/bayes_toks should have been a
different context (something like spam_log_t).

You can use "ls -Z" on /var/log/spamassassin to find out what context
the top level dir has. Then use restorcon (if the policy has the
correct data but the real world file/dir is wrong). chcon can be used
to test a change but for a permanent fix you'll have to add it to the
policy (file context listing).

/Peter K
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

[CentOS] Spamassassin vs. SELinux trouble

[Nicolas Kovacs]

Hi,

Spamassassin has been working nicely on my main server running CentOS 7
and Postfix. SELinux is activated (Enforcing).

Since the most recent update (don't know if it's related to it though)
I'm getting the following SELinux error.

--8<-
SELinux is preventing /usr/bin/perl from 'read, write' accesses on the
file /var/log/spamassassin/.spamassassin/bayes_toks.

*  Plugin catchall (100. confidence) suggests
**

If you believe that perl should be allowed read write access on the
bayes_toks file by default.
Then you should report this as a bug.
You can generate a local policy module to allow this access.
Do
allow this access for now by executing:
# ausearch -c '7370616D64206368696C64' --raw | audit2allow -M
my-7370616D64206368696C64
# semodule -i my-7370616D64206368696C64.pp


Additional Information:
Source Contextsystem_u:system_r:spamd_t:s0
Target Contextsystem_u:object_r:var_log_t:s0
Target Objects
/var/log/spamassassin/.spamassassin/bayes_toks [
  file ]
Source7370616D64206368696C64
Source Path   /usr/bin/perl
Port  
Host  
Source RPM Packages   perl-5.16.3-292.el7.x86_64
Target RPM Packages
Policy RPMselinux-policy-3.13.1-166.el7_4.7.noarch
Selinux Enabled   True
Policy Type   targeted
Enforcing ModeEnforcing
...

--8<-

Unfortunately the suggested solution does not work, e. g. the following
command returns nothing:

# ausearch -c '7370616D64206368696C64' --raw

Now I'm clueless. Any suggestions?

Cheers,

Niki
-- 
Microlinux - Solutions informatiques durables
7, place de l'église - 30730 Montpezat
Site : https://www.microlinux.fr
Blog : https://blog.microlinux.fr
Mail : i...@microlinux.fr
Tél. : 04 66 63 10 32
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS-virt] [ovirt-users] qemu-kvm-ev-2.9.0-16.el7_4.11.1 now available for testing

[Sandro Bonazzola]

2017-12-11 18:11 GMT+01:00 Markus Stockhausen :

> Hi Sandro,
>
> I'm wondering if BZ1513362 (AIO stuck fixed in qemu-kvm-rhev-2.9.0-16.el7_
> 4.12)
> will be worth to give the newer version a try.
>

Above version is not yet released, can't see it on
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/7Server/en/RHEV/SRPMS/



>
> Best regards.
>
> Markus
>
> -
> *Von:* users-boun...@ovirt.org [users-boun...@ovirt.org]" im Auftrag von
> "Sandro Bonazzola [sbona...@redhat.com]
> *Gesendet:* Montag, 11. Dezember 2017 17:43
> *An:* Discussion about the virtualization on CentOS; devel; users
> *Betreff:* [ovirt-users] qemu-kvm-ev-2.9.0-16.el7_4.11.1 now available
> for testing
>
> Hi, qemu-kvm-ev-2.9.0-16.el7_4.11.1
>  is now available
> for testing.
> If no negative feedback will be reported, I'm going to push to release on
> Thursday, December 14th.
>
> Here's the changelog:
>
> * Mon Dec 11 2017 Sandro Bonazzola  -
> ev-2.9.0-16.el7_4.11.1 - Removing RH branding from package name * Mon Nov
> 13 2017 Miroslav Rezanina  - rhev-2.9.0-16.el7_4.11
> - kvm-exec-use-qemu_ram_ptr_length-to-access-guest-ram.patch [bz#1472185]
> - kvm-multiboot-validate-multiboot-header-address-values.patch
> [bz#1501123] - Resolves: bz#1472185 (CVE-2017-11334 qemu-kvm-rhev: Qemu:
> exec: oob access during dma operation [rhel-7.4.z]) - Resolves: bz#1501123
> (CVE-2017-14167 qemu-kvm-rhev: Qemu: i386: multiboot OOB access while
> loading kernel image [rhel-7.4.z]) * Mon Oct 23 2017 Miroslav Rezanina <
> mreza...@redhat.com> - rhev-2.9.0-16.el7_4.10 -
> kvm-vga-stop-passing-pointers-to-vga_draw_line-functions.patch
> [bz#1501300] - kvm-vga-drop-line_offset-variable.patch [bz#1501300] -
> kvm-vga-handle-cirrus-vbe-mode-wraparounds.patch [bz#1501300] -
> kvm-cirrus-fix-oob-access-in-mode4and5-write-functions.patch [bz#1501300]
> - Resolves: bz#1501300 (CVE-2017-15289 qemu-kvm-rhev: Qemu: cirrus: OOB
> access issue in mode4and5 write functions [rhel-7.4.z]) * Mon Oct 09 2017
> Miroslav Rezanina  - rhev-2.9.0-16.el7_4.9 -
> kvm-nbd-client-Fix-regression-when-server-sends-garbage.patch
> [bz#1495474] - kvm-fix-build-failure-in-nbd_read_reply_entry.patch
> [bz#1495474] - kvm-nbd-client-avoid-spurious-qio_channel_yield-re-entry.patch
> [bz#1495474] - kvm-nbd-client-avoid-read_reply_co-entry-if-send-failed.patch
> [bz#1495474] - kvm-qemu-iotests-improve-nbd-fault-injector.py-startup-p.patch
> [bz#1495474] - kvm-qemu-iotests-test-NBD-over-UNIX-domain-sockets-in-08.patch
> [bz#1495474] - kvm-block-nbd-client-nbd_co_send_request-fix-return-code.patch
> [bz#1495474] - Resolves: bz#1495474 (Fail to quit source qemu when do live
> migration after mirroring guest to NBD server [rhel-7.4.z])
>
> --
>
> SANDRO BONAZZOLA
>
> ASSOCIATE MANAGER, SOFTWARE ENGINEERING, EMEA ENG VIRTUALIZATION R
>
> Red Hat EMEA 
> 
> TRIED. TESTED. TRUSTED. 
>
>


-- 

SANDRO BONAZZOLA

ASSOCIATE MANAGER, SOFTWARE ENGINEERING, EMEA ENG VIRTUALIZATION R

Red Hat EMEA 

TRIED. TESTED. TRUSTED. 
___
CentOS-virt mailing list
CentOS-virt@centos.org
https://lists.centos.org/mailman/listinfo/centos-virt

[CentOS-docs] [Gitblit] arrfab pushed 1 commits => websites/centos.org.git

[Gitblit]

https://git.centos.org/summary/websites!centos.org.git

>---
 master branch updated (1 commits)
>---

 Fabian Arrotin 
 Tuesday, December 12, 2017 10:01 +

 Removed sponsor

 
https://git.centos.org/commit/websites!centos.org.git/f0f77b3f5a7de057cedca05bcc7d2215a395f319
___
CentOS-docs mailing list
CentOS-docs@centos.org
https://lists.centos.org/mailman/listinfo/centos-docs