Re: [CentOS] An error message I don't recognize
Benjamin Franz wrote: > Bob McConnell wrote: >> I also have a problem with syslogd. I added '-r' to SYSLOGD_OPTIONS in >> /etc/rc.d/init.d/syslog, but after a restart it still won't accept >> network traffic, and that flag doesn't show up in the command line in >> the 'ps ax' dump. What do I have to do to enable traffic into syslogd >> from my firewall and other servers? > > You need to edit /etc/sysconfig/syslog > > That is a general pattern for CentOS5 - look for options to be set in a > file in the /etc/sysconfig directory. > Thank you, I am now getting log records over the network. Bob McConnell N2SPP ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] An error message I don't recognize
Bob McConnell wrote: > I also have a problem with syslogd. I added '-r' to SYSLOGD_OPTIONS in > /etc/rc.d/init.d/syslog, but after a restart it still won't accept > network traffic, and that flag doesn't show up in the command line in > the 'ps ax' dump. What do I have to do to enable traffic into syslogd > from my firewall and other servers? You need to edit /etc/sysconfig/syslog That is a general pattern for CentOS5 - look for options to be set in a file in the /etc/sysconfig directory. -- Benjamin Franz ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] An error message I don't recognize
On Thursday 10 December 2009 17:28:45 Bob McConnell wrote: > I have recently been told I will have to maintain some CentOS servers at > work. Since I have only been using Slackware for the last 16 years, I > decided to install CentOS on one of my servers at home to get an idea of > the differences. I installed CentOS 5.4 from CD with no problems, did a > yum update, set up a couple of samba shares and started to copy over > some files from one of my other servers. > > Everything looks ok, but I keep seeing this message on the active > console. I have no idea where it comes from nor what it means. > > type=1400 audit(1260446462.444:9): avc: denied { getattr } for pid=2200 > comm="smbd" path="/proc/sys/fs/binfmt_misc" dev=binfmt_misc ino=4348 > scontext=root:system_r:smbd_t:s0 > tcontext=system_u:object_r:binfmt_misc_fs_t:s0 tclass=dir > > What is it, what is triggering it and how do I fix it? > It's a selinux denial. Selinux is permissive/enforcing on the system. # sestatus will tell you which. It's got something to do with samba "comm="smbd"" trying to access the file "path="/proc/sys/fs/binfmt_misc"" Don't know why it would want to do that. Try this # sealert -b This will dispaly all the AVC's graphically. Look for one from smbd. This will give you the full AVC and possibly suggest a way to fix it. Tony > Thanks, > > Bob McConnell > N2SPP > ___ > CentOS mailing list > CentOS@centos.org > http://lists.centos.org/mailman/listinfo/centos -- Dept. of Comp. Sci. University of Limerick. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] An error message I don't recognize
Benjamin Franz wrote: > Bob McConnell wrote: >> [...] >> Everything looks ok, but I keep seeing this message on the active >> console. I have no idea where it comes from nor what it means. >> >> type=1400 audit(1260446462.444:9): avc: denied { getattr } for pid=2200 >> comm="smbd" path="/proc/sys/fs/binfmt_misc" dev=binfmt_misc ino=4348 >> scontext=root:system_r:smbd_t:s0 >> tcontext=system_u:object_r:binfmt_misc_fs_t:s0 tclass=dir >> >> > > It's selinux. > Thank you for that link. Looks like I have some reading to do. I do know they have it enabled on the production servers I will be duplicating, so I'll have to figure out whether we need it on the development and test servers or not. I also have a problem with syslogd. I added '-r' to SYSLOGD_OPTIONS in /etc/rc.d/init.d/syslog, but after a restart it still won't accept network traffic, and that flag doesn't show up in the command line in the 'ps ax' dump. What do I have to do to enable traffic into syslogd from my firewall and other servers? This machine will be replacing an older Slackware 7 server once I get the wrinkles worked out. Thank you, Bob McConnell N2SPP ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] An error message I don't recognize
> I have recently been told I will have to maintain some CentOS servers at > work. Since I have only been using Slackware for the last 16 years, I > decided to install CentOS on one of my servers at home to get an idea of > the differences. I installed CentOS 5.4 from CD with no problems, did a > yum update, set up a couple of samba shares and started to copy over > some files from one of my other servers. > > Everything looks ok, but I keep seeing this message on the active > console. I have no idea where it comes from nor what it means. > > type=1400 audit(1260446462.444:9): avc: denied { getattr } for pid=2200 > comm="smbd" path="/proc/sys/fs/binfmt_misc" dev=binfmt_misc ino=4348 > scontext=root:system_r:smbd_t:s0 > tcontext=system_u:object_r:binfmt_misc_fs_t:s0 tclass=dir > > What is it, what is triggering it and how do I fix it? > selinux. For your machine at home, you may want to just turn it off; if you really want to see what might be going on at work, set it to permissive, which will let it all happen, but gripe. setenforce 0 turns it off. Edit /etc/selinux/config to fix it over reboots. Also look at /var/log/audit/audit.log. It will get the error, and tell you to run sealert to see what the error's complaining about. mark ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] An error message I don't recognize
Bob McConnell wrote: > [...] > Everything looks ok, but I keep seeing this message on the active > console. I have no idea where it comes from nor what it means. > > type=1400 audit(1260446462.444:9): avc: denied { getattr } for pid=2200 > comm="smbd" path="/proc/sys/fs/binfmt_misc" dev=binfmt_misc ino=4348 > scontext=root:system_r:smbd_t:s0 > tcontext=system_u:object_r:binfmt_misc_fs_t:s0 tclass=dir > > It's selinux. See http://www.redhat.com/docs/manuals/enterprise/RHEL-5-manual/Deployment_Guide-en-US/ch-selinux.html -- Benjamin Franz -- Benjamin Franz ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] An error message I don't recognize
I have recently been told I will have to maintain some CentOS servers at work. Since I have only been using Slackware for the last 16 years, I decided to install CentOS on one of my servers at home to get an idea of the differences. I installed CentOS 5.4 from CD with no problems, did a yum update, set up a couple of samba shares and started to copy over some files from one of my other servers. Everything looks ok, but I keep seeing this message on the active console. I have no idea where it comes from nor what it means. type=1400 audit(1260446462.444:9): avc: denied { getattr } for pid=2200 comm="smbd" path="/proc/sys/fs/binfmt_misc" dev=binfmt_misc ino=4348 scontext=root:system_r:smbd_t:s0 tcontext=system_u:object_r:binfmt_misc_fs_t:s0 tclass=dir What is it, what is triggering it and how do I fix it? Thanks, Bob McConnell N2SPP ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos