On 02/21/2017 11:52 AM, Robert Moskowitz wrote:
>
>
> On 02/21/2017 11:46 AM, Zdenek Sedlak wrote:
>> On 2017-02-21 17:30, Robert Moskowitz wrote:
>>> postfixadmin setup.php is claiming:
>>>
>>> *Error: Smarty template compile directory templates_c is not writable.*
>>> *Please make it writable.*
On 01/19/2017 08:57 AM, Marcin Trendota wrote:
> W dniu 19.01.2017 o 14:54, Johnny Hughes pisze:
>
>>> So, it looks like something with docker-selinux and container-selinux...
>> Right, I wanted to mention that docker-selinux was replaced with
>> container-selinux in the lasest version.
> Shouldn
Best label available I can see is sshd_var_run_t. Not exactly named
well but it would work.
chcon -R -t sshd_var_run_t /var/lib/ssh-x509-auth
On 04/26/2016 11:31 AM, m.r...@5-cent.us wrote:
Hi, folks,
Our system gets/creates /var/lib/ssh-x509-auth/,pem, then
deletes it when the log ou
Can you attach one of the AVC's. Mos likely ssh-x509-auth needs to be
labeled sshd_key_t
or ssh_home_t
On 04/06/2016 02:54 PM, m.r...@5-cent.us wrote:
I'm seeing a lot of noise in the logs, to the effect of:
setroubleshoot: SELinux is preventing /bin/ksh93 from write access on the
directory /va
I have no idea of the current dependency problem. I think your original
problem was caused by mv'ing files from an nfs share to /etc which
maintained the context. And SELinux prevented puppet from accessing
nfs_t type. If you had just run restorecon on the object it would have
set it back to the
On 06/11/2015 05:27 PM, m.r...@5-cent.us wrote:
> Kay Schenk wrote:
>> On 06/11/2015 08:28 AM, m.r...@5-cent.us wrote:
>>> Kay Schenk wrote:
On 06/10/2015 10:06 PM, Gordon Messmer wrote:
> On 06/10/2015 05:25 PM, Kay Schenk wrote:
>> I get /home/ not found when it's there and
>>
On 06/17/2015 04:03 PM, Jonathan Billings wrote:
> On Wed, Jun 17, 2015 at 03:30:51PM -0400, Tim Dunphy wrote:
>> No prob! Thanks for all the help! But in searching my system I don't find
>> anything of the sort.
>>
>> [root@monitor2:~] #updatedb
>> [root@monitor2:~] #locate myzabbix.te
>> [root@
On 06/02/2015 11:30 AM, m.r...@5-cent.us wrote:
> Tried just the selinux list yesterday, no answers, so I'm trying again.
>
> I partitioned GPT, and formatted, as xfs, a large (3TB) drive on a CentOS
> 6 system, which has selinux in permissive mode. I then moved the drive to
> a CentOS 5 system.
On 05/29/2015 09:20 AM, m.r...@5-cent.us wrote:
> Hi, folks,
>
>CentOS 7.1. Selinux policy, and targetted, updated two days ago.
>
> May 28 17:02:41 python: SELinux is preventing /usr/bin/bash
> from execute access on the file /usr/bin/bash.#012#012* <...>
> May 28 17:02:45 python: SELi
You should be able to modify the definition of a port. Or create a new
port type and modify the existing
port to use it.
http_port_t is just a name (type) that we can use to group a number of
ports together. Sadly we do not separate
the port types of incoming and outgoing connections. So if you
On 01/22/2015 05:40 AM, Andrew Holway wrote:
> Hello,
>
> Im trying to find some good info on building RPMs that set the correct
> SELinux contexts for the installed packages.
>
> Any ideas?
>
> Thanks,
>
> Andrew
> ___
> CentOS mailing list
> CentOS@cen
On 01/23/2015 06:01 PM, Stephen Harris wrote:
> At work I'm used to tools like eTrust Access Control (aka SEOS). eTrust
> takes away the ability to manage the eTrust config from root and puts it
> in the hands of "security admin". So there's a good separation of duties;
> security admin control
On 01/19/2015 01:59 PM, James B. Byrne wrote:
> On Mon, January 19, 2015 11:50, James B. Byrne wrote:
>> I am seeing these in the log of one of our off-site NX hosts running
>> CentOS-6.6.
>>
>> type=AVC msg=audit(1421683972.786:4372): avc: denied { create } for
>> pid=22788 comm="iptables" scon
On 01/21/2015 04:11 AM, Emmanuel Noobadmin wrote:
> Just to follow up to myself and leave a record, the problem is SELinux
> blocking the driver from creating/reading/writing temporary files
> under CUPS.
> ___
> CentOS mailing list
> CentOS@centos.org
>
On 01/13/2015 05:09 AM, Patrick Bervoets wrote:
> Hi,
>
> does anyone know if aide should have access to this socket?
>
> SELinux is preventing /usr/sbin/aide from write access on the
> sock_file /var/run/winbindd/pipe.
>
> Thanks
> Patrick
>
Looks like it is doing some call to getpw* which is usi
On 12/09/2014 02:39 PM, James B. Byrne wrote:
> On Mon, December 8, 2014 21:12, David McGuffey wrote:
>> I've installed CentOS 6.6 on a workstation at a local non-profit as a
>> kiosk machine. I used xguest. Works great, except now the customer
>> wants the Firefox homepage to be one pointing to
This is actually an old problem with pulseaudio processes no dying
properly on exit.
I think if you remove the exclusive flag from
/etc/security/sepermit.conf
This will work in all situations. The exclussive flag is there to make
sure two different users can not login at the same time.
On 12/
On 12/17/2014 05:07 AM, Patrick Bervoets wrote:
> Hi,
>
> On an internal webserver (latest C6) I want smb-access to /var/www/html/
> In april I did
> chcon -R -t public_content_rw_t /var/www/html/
> setsebool -P allow_smbd_anon_write 1
> setsebool -P allow_httpd_anon_write 1
> echo
On 12/05/2014 01:24 PM, James B. Byrne wrote:
> On Fri, December 5, 2014 04:53, Daniel J Walsh wrote:
>> On 12/04/2014 03:22 PM, James B. Byrne wrote:
>>> On Thu, December 4, 2014 12:29, James B. Byrne wrote:
>>>> Re: SELinux. Do I just build a local policy or is t
On 12/04/2014 03:22 PM, James B. Byrne wrote:
> On Thu, December 4, 2014 12:29, James B. Byrne wrote:
>> Re: SELinux. Do I just build a local policy or is there some boolean setting
>> needed to handle this? I could not find one if there is but. . .
>>
> Anyone see any problem with generating a c
unt of AVCs we were
> getting.
>
> John
>
> On 3 December 2014 at 10:01, Daniel J Walsh wrote:
>
>> Looks like turning on three booleans will solve most of the problem.
>>
>> httpd_execmem, httpd_run_stickshift, allow_httpd_anon_write
>>
>>
>>
/bin/ps
>
> dr-xr-xr-x. root root system_u:object_r:proc_t:s0 /proc
>
> I'll send the audit log on to Dan.
>
> Cheers,
>
> John
>
> On 2 December 2014 at 16:10, Daniel J Walsh wrote:
>
>> Could you send me a copy of your audit.log.
&g
-18c4040be03c
> Dec 2 10:04:06 server setroubleshoot: last message repeated 2 times
> Dec 2 10:04:06 server sedispatch: AVC Message for setroubleshoot, dropping
> message
> Dec 2 10:04:06 server sedispatch: last message repeated 3 times
>
> Cheers,
>
> John
>
> O
And see if there
was something in the database that was causing it problems.
Make sure there is no setroubleshootd running and
>/var/lib/setroubleshoot/setroubleshoot_database.xml
> -Original Message-
> From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On Behalf
ewer version released that will fix it.
>
> -Original Message-
> From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On Behalf
> Of Daniel J Walsh
> Sent: 01 December 2014 14:58
> To: CentOS mailing list
> Subject: Re: [CentOS] SEtroubleshootd Crashing
&g
This seems to be a problem with an updated version of libxml.
On 11/28/2014 09:04 AM, Gary Smithson wrote:
> When running Node.js through Phusion Passenger on Centos 6.5 ( Linux
> 2.6.32-431.23.3.el6.x86_64 #1 SMP Thu Jul 31 17:20:51 UTC 2014 x86_64 x86_64
> x86_64 GNU/Linux), with SELinux enable
On 11/12/2014 10:54 PM, Peter wrote:
> On 11/13/2014 12:10 PM, Negative wrote:
>> I have a Brother MFC 7360N, and it is refusing to print.
> I have a DCP-540CN which is a similar but I think older network printer.
> I haven't tried it on CentOS 7 yet, but got it to work with Fedora 18
> and 19 wh
On 11/11/2014 02:17 PM, Jim Perrin wrote:
>
> On 11/11/2014 12:45 PM, Daniel J Walsh wrote:
>
>> We need to get systemd-container into the default centos image.
>> We are working on this for RHEL7 also. That way these problems
>> can be prevented and we can make
On 11/11/2014 12:11 PM, Jim Perrin wrote:
>
> On 11/11/2014 04:51 AM, Wander Costa wrote:
>> Hi,
>>
>> I have been trying to build a docker image to run unit tests for the B2G
>> project [1]. However when I try to install Xorg I get this error [2].
>> I have been searching on web but is still not
On 11/05/2014 09:41 PM, Philip Gardner, Jr. wrote:
> Has anyone attempted to make SFTP on ProFTPD with SELinux work? I'd
> like to keep SELinux enabled on this particular system, but I prefer
> ProFTPD's SFTP solution over OpenSSH. The aureport tool reports the
> following:
>
> 28. 11/05/2014 12:5
On 11/02/2014 02:45 PM, John R Pierce wrote:
> On 11/2/2014 11:37 AM, Barry Brimer wrote:
>>> I just installed 6.5 and am trying to bring up DHCP.
>>>
>>> service dhcpd start fails with "Can't chown new lease file:
>>> Operation not
>>> permitted" in /var/log/messages
>>
>> Check the permissions
On 11/01/2014 12:12 AM, Chris wrote:
> On 10/31/2014 08:12 PM, Jonathan Billings wrote:
>> Is there an AVC entry in
>> the audit logs for when you try to load the module?
> I cannot say for sure if those entries were created when starting the vm
> or when rebooting the physical host.
>
These avc's
On 10/31/2014 06:06 AM, Chris wrote:
> On 10/31/2014 10:47 AM, Karanbir Singh wrote:
>> can you post the relevant selinux audit.log entries that were preventing
>> kvm's ko to be loaded ?
> Sure.
>
> type=VIRT_CONTROL msg=audit(1414739214.851:62): user pid=2911 uid=0
> auid=4294967295 ses=42949672
I see nothing about tape_device_t in bacula policy in Fedora, so I
please create a local policy and then send it to us, so it can get
merged into the upstream and back ported for RHEL/Centos.
On 10/30/2014 03:01 PM, Paul Heinlein wrote:
> I updated my backup server to CentOS 6.6 this morning. As us
On 10/26/2014 12:10 AM, admin wrote:
> I've just recreated the module and enabled it, yet I can't seem to
> allow fping to be used by the httpd process. It seems that the last
> error was just a byproduct of a bad module I had not properly removed.
> Are there any additional troubleshooting steps
On 09/16/2014 10:50 AM, Markus Steinborn wrote:
> Hi Daniel,
>
> Daniel J Walsh wrote:
>> What AVC's is SELinux giving you?
> Policy has been "enforcing" - and I see the folloqwing AVCs at the end
> of my audit log - but those repeated several times:
>
What AVC's is SELinux giving you?
On 09/15/2014 02:48 AM, Markus Steinborn wrote:
> Hi Miguel,
>
> Miguel Medalha wrote:
Anyway, Sernet also provides a source rpm. Why not build up from
that base?
> CentOS 7 is using systemd - that would cause problems.
>
>
> And anyway, I've used t
What AVC messages are you seeing? What does the setroubleshoot alert
message show?
On 09/10/2014 07:04 PM, Sven Kieske wrote:
> On 10.09.2014 10:40, dE wrote:
>
> > I bet this has to do with troubleshootd (is it there in CentOS? I'm
> > not sure but in Fedora 19 it was there).
>
> I bet this has
On 08/23/2014 10:45 AM, Bill Gee wrote:
> On Friday, August 22, 2014 08:50:26 Daniel J Walsh wrote:
>> On 08/21/2014 10:03 AM, Bill Gee wrote:
>>> On Thursday, August 21, 2014 12:00:03 centos-requ...@centos.org wrote:
>>>> Re: [CentOS] SELinux vs. logwatch and v
On 08/21/2014 10:03 AM, Bill Gee wrote:
> On Thursday, August 21, 2014 12:00:03 centos-requ...@centos.org wrote:
>> Re: [CentOS] SELinux vs. logwatch and virsh
>> From: Daniel J Walsh
>> To: CentOS mailing list
>>
>> On 08/18/2014 02:13 PM, Bill Gee wrote:
>
On 08/21/2014 05:00 PM, m.r...@5-cent.us wrote:
> Matt wrote:
>>> Hate to change the conversation here but that's why I hate hardware
>>> RAID.
>>> If it was software RAID, Linux would always tell you what's going on.
>>> Besides, Linux knows much more about what is going on on the disk and
>>> wh
On 08/21/2014 02:09 PM, Les Mikesell wrote:
> On Thu, Aug 21, 2014 at 12:23 PM, wrote:
>> Les Mikesell wrote:
>>> A machine I set up to run OpenNMS stopped working last night - no
>>> hardware alarm lights, but keyboard/monitor/network unresponsive.
>>> After a reboot I see a large stack of mess
e user cron jobs are needed.
>
> Thanks - Bill Gee
>
>
> =
>> ___
>> CentOS mailing list
>> CentOS@centos.org
>> http://lists.centos.org/mailman/listinfo/centos
> What AVC messages
On 08/14/2014 11:02 AM, Bill Gee wrote:
> Hello everyone -
>
> I am stumped ... Does anyone have suggestions on how to proceed? Is there a
> way
> to get what I want?
>
> The environment: CentOS 7.0 with latest patches.
>
> The goal: I want logwatch to include a report on the status of kvm
On 08/14/2014 11:02 AM, Bill Gee wrote:
> Hello everyone -
>
> I am stumped ... Does anyone have suggestions on how to proceed? Is there a
> way
> to get what I want?
>
> The environment: CentOS 7.0 with latest patches.
>
> The goal: I want logwatch to include a report on the status of kvm
We are working on an update to docker within RHEL7. First we are
releasing it to our High Touch Beta process. If you are on HTB you
should see a release in the next week.
On 08/12/2014 08:54 AM, Jim Perrin wrote:
>
> On 08/11/2014 07:02 PM, Dennis Jacobfeuerborn wrote:
>
>> Looks like docker-io
On 08/07/2014 05:48 AM, Arun Khan wrote:
> SOLVED
>
> On Wed, Aug 6, 2014 at 10:28 PM, James A. Peltier wrote:
>> - Original Message -
>> | On Wed, Aug 06, 2014 at 04:50:41PM +, Tony Mountifield wrote:
>> | >
>> | > Probably rsyslog is being started before /var/log is mounted, and
>>
On 06/27/2014 11:47 AM, James B. Byrne wrote:
> CentOS-6.5
>
> We deploy web applications written with the Ruby on Rails framework using
> Capistrano (2.x). Each 'family' of web applications are 'owned' by a
> dedicated user id. The present httpd service is Apache 2.2.15 and we use
> Passenger 3
On 06/20/2014 03:15 PM, Chuck Campbell wrote:
> I've built a new mail system with Centos 6.5, and I'm running fetchmail -
> sendmail - procmail to maildir. I have all of this working at the moment.(I
> know, postfix was the default, but for lots of other reasons, I switched, and
> that isn't an is
On 06/16/2014 11:13 AM, m.r...@5-cent.us wrote:
> Chuck Campbell wrote:
>> I've recently built a new mail server with centos6.5, and decided to bite
>> the bullet and leave SELinux running. I've stumbled through making
> things work
>> and am mostly there.
>>
>> I've got my own spam and ham corpus
On 05/28/2014 12:55 PM, James B. Byrne wrote:
> I did a yum update to my desktop machine as root this morning and now my
> regular logon account sees this whenever I press the enter key:
>
> etc/audisp/audispd.conf: Permission denied
> etc/audisp/plugins.d/af_unix.conf: Permission denied
> etc/aud
Was the system running out of memory.
semodule is very memory intensive.
On 05/20/2014 01:57 PM, Zynda, Bradley V. (GSFC-423.0)[ADNET SYSTEMS
INC] wrote:
> Hi all,
>
> Note: selinux was in permissive prior to error
>
> Got this with a yum update:
>
> abrt_version: 2.0.8
> cgroup:
> cmdline:
On 05/20/2014 12:50 PM, Michael McNulty wrote:
> I read about this bug in the Centos 6.2 faq and the link showing it fixed in
> https://bugzilla.redhat.com/show_bug.cgi?id=769859
> but I am still getting it updating on a Centos 6.5 server that had selinux
> disabled. I want to run selinux as per
On 05/13/2014 09:56 AM, James B. Byrne wrote:
> On Mon, May 12, 2014 14:05, Daniel J Walsh wrote:
>
>>> dac_read_search and dac_override are usually bad to add. They typically
>>> mean the permission flags on the file in question is two tight for a
>>> root proces
On 05/12/2014 01:26 PM, Daniel J Walsh wrote:
> On 05/12/2014 09:17 AM, James B. Byrne wrote:
>> Following the most recent kernel updates I restarted our outgoing SMTP MTA
>> which was recently reconfigured to DKIM sign messages using OpenDKIM. This
>> morning I discov
On 05/12/2014 09:17 AM, James B. Byrne wrote:
> Following the most recent kernel updates I restarted our outgoing SMTP MTA
> which was recently reconfigured to DKIM sign messages using OpenDKIM. This
> morning I discovered that Postfix had stopped on that server. Whether it is
> related to the P
On 05/05/2014 11:22 AM, James B. Byrne wrote:
> CentOS-6.5
> OpenDKIM-2.9.0 (epel)
> Postfix-2.6.6 (updates)
>
> I am trying to get opendkim working with our mailing lists. In the course of
> that endeavour I note that these messages are appearing in our syslog:
>
>
> May 4 20:50:02 inet08 setr
On 04/25/2014 10:52 AM, James B. Byrne wrote:
> On Wed, April 23, 2014 16:44, Daniel J Walsh wrote:
>> Looks like this is allowed in rhel6.5 policy. You could try
>>
>> selinux-policy-3.7.19-235.el6
>> on people.redhat.com/dwalsh/SELinux/RHEL6
>>
> yum -
Looks like this is allowed in rhel6.5 policy. You could try
selinux-policy-3.7.19-235.el6
on people.redhat.com/dwalsh/SELinux/RHEL6
On 04/23/2014 01:51 PM, James B. Byrne wrote:
> Installed Packages
> Name: postfix
> Arch: x86_64
> Epoch : 2
> Version : 2.6.6
> Release
On 04/19/2014 05:03 PM, Derrik Walker v2.0 wrote:
> On 04/19/2014 04:47 PM, Les Mikesell wrote:
>> On Sat, Apr 19, 2014 at 10:40 AM, Derrik Walker v2.0
>> wrote:
>>> I've installed backuppc from the EPEL repository. It does backups just
>>> fine, BUT, when the backups are done, the status on th
Do you actually want the data to be available to both domains at the
same time? Or could you setup different directories?
If you want them to be both available you could label it
postgresql_db_t, and then turn on the samba_export_all_ro_boolean or
samba_export_all_rw_boolean. If this was to loo
On 03/28/2014 03:19 PM, Mauricio Tavares wrote:
> On Mon, Nov 4, 2013 at 5:08 PM, Mauricio Tavares wrote:
>> On Mon, Nov 4, 2013 at 9:59 AM, Stephen Harris wrote:
>>> On Mon, Nov 04, 2013 at 09:49:37AM -0500, Mauricio Tavares wrote:
I really have nobody else but rsyslog.conf here:
>>>
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 03/14/2014 05:24 PM, Eero Volotinen wrote:
> Please provide complete kickstart, not just a snippet of it. 14.3.2014
> 22.47 kirjoitti "EljiUdia" :
>
>> Hi,
>>
>> I have make a kickstart file to automate the installation from cdrom and
>> another
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 03/12/2014 04:52 PM, m.r...@5-cent.us wrote:
> Peter Brady wrote:
>> On 13/03/14 5:02 AM, m.r...@5-cent.us wrote:
>>> (Besides Paul, who's busy?)
>>>
>>> I just need one question answered: I keep reading the docs, and given
>>> the old traditional
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 03/06/2014 07:07 PM, SilverTip257 wrote:
> On Wed, Mar 5, 2014 at 10:19 AM, Daniel J Walsh wrote:
>
>>
>> man zebra_selinux
>>
>
> Thank you for the quick reply.
>
> ~]# man zebra_selinux No manual en
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 03/06/2014 01:15 PM, Les Mikesell wrote:
> On Thu, Mar 6, 2014 at 11:03 AM, Daniel J Walsh wrote:
>>>
>>> All in the world, or all that have been created for currently
>>> installed packages? Is this as bad
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 03/06/2014 10:39 AM, Les Mikesell wrote:
> On Thu, Mar 6, 2014 at 8:02 AM, Daniel J Walsh wrote:
>>>>>
>>>> setsebool -P zebra_write_config 1
>>>
>>> Is there some global registration facility f
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 03/05/2014 02:11 PM, Les Mikesell wrote:
> On Wed, Mar 5, 2014 at 9:19 AM, Daniel J Walsh wrote:
>>
>> man zebra_selinux ... If you want to allow zebra daemon to write it
>> configuration files, you must turn on the zebra
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 03/04/2014 07:56 PM, SilverTip257 wrote:
> Hello All,
>
> Does anyone happen to be running Quagga on CentOS 5 with SELinux in
> enforcing mode? Have you had to create SELinux policies or did it "just
> work" out of the box?
>
> (I'll get around t
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 03/04/2014 07:56 PM, SilverTip257 wrote:
> Hello All,
>
> Does anyone happen to be running Quagga on CentOS 5 with SELinux in
> enforcing mode? Have you had to create SELinux policies or did it "just
> work" out of the box?
>
> (I'll get around t
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 02/17/2014 09:08 AM, John R Pierce wrote:
> On 2/17/2014 5:36 AM, Styma, Robert E (Robert) wrote:
>> Researching showed that there are a number of little selinux flags to set
>> to get samba to work. I went into /etc/selinux/config and turned off
>
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 02/08/2014 11:05 PM, Markus Falb wrote:
> # ipsec verify ... If you encounter network related SElinux errors,
> especially when using KLIPS, try disabling SElinux ...
>
> Well, it is not running KLIPS but netkey, anyways I feel not comfortable
> ab
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 12/20/2013 03:23 PM, EljiUdia wrote:
> With semanage it works.
>
> The new rule will be included in next release?
>
Miroslav can you back port this role to RHEL 6.6.
>
>
>
> On Friday, December 20, 2013 7:29 PM,
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 12/19/2013 02:31 PM, EljiUdia wrote:
> Hi,
>
>
> I'm facing a challenge with selinux and because I don't got an explanation
> elsewhere, I'm trying to explain here. I have decided to mount
> /var/spool/cron on a separate partition and apply quota
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 12/12/2013 03:26 PM, Peter wrote:
> On 12/13/2013 08:20 AM, Daniel J Walsh wrote:
>> On 12/12/2013 01:49 PM, Peter wrote:
>>> On 12/13/2013 02:45 AM, Daniel J Walsh wrote:
>
>>>> What SELInux issue did you have?
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 12/12/2013 01:49 PM, Peter wrote:
> On 12/13/2013 02:45 AM, Daniel J Walsh wrote:
>
>> What SELInux issue did you have? What policy did you need to add?
>
> Unfortunately I've misplaced the audit logs and report of the pro
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 12/12/2013 06:03 AM, Peter wrote:
> On 12/12/2013 11:05 PM, Karanbir Singh wrote:
>>
>> The overall aim is to have as many people as possible test the rhel7 beta
>> and file bugs at bugzilla.redhat.com; that way everyone is testing anf
>> doing fee
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 11/25/2013 09:03 AM, ? wrote:
>> The message I'm now seeing in /var/log/audit/audit.log :
>>
>> type=AVC msg=audit(1385112688.399:67769): avc: denied { write } for
>> pid=8218 comm="xauth" name="caw" dev=md1 ino=262145
>> scont
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 11/25/2013 07:26 AM, Johan Vermeulen wrote:
> Hello All,
>
> I set up ltsp regulary, on Centos6 machines.
>
> This morning I have a Selinux problem that usualy does not occur: after
> setting everything up, the thinclients boot, but nobody can log
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 11/25/2013 08:50 AM, James B. Byrne wrote:
>
> On Sun, November 24, 2013 20:08, Timothy Murphy wrote:
>> I'd like to run SELinux on my CentOS server in enforcing mode, but I get
>> the above message when I run sealert. I assume this is because I am
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 11/18/2013 08:20 AM, Tris Hoar wrote:
>
> On 16/11/2013 21:46, Andrew Holway wrote:
>> [root@ipa tftpboot]# semanage fcontext -l | grep tftp /tftpboot
>> directory system_u:object_r:tftpdir_t:s0 /tftpboot/.*
>> all files system_u:object_r:tftpdir_t
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 11/06/2013 12:55 PM, Les Mikesell wrote:
> On Wed, Nov 6, 2013 at 11:01 AM, Daniel J Walsh wrote:
>
>>>> SELinux blocks "confined" processes, but usually does not block the
>>>> administrator who is runni
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 11/06/2013 11:55 AM, Les Mikesell wrote:
> On Wed, Nov 6, 2013 at 9:23 AM, Daniel J Walsh wrote:
>>
>> SELinux blocks "confined" processes, but usually does not block the
>> administrator who is running as unc
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 11/05/2013 05:13 PM, Wes James wrote:
> When does echo 0 > /selinux/inforce need to be used? I.e., where is
> selinux enforcing itself on the system to protect it? When I do yum
> install of some package, it seems to work (not being blocked). W
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 11/05/2013 05:13 PM, Wes James wrote:
First you should use setenforce 0/setenforce 1.
Theoretically never. It should really be discouraged. It is like the
Enterprise bringing it "Shields" down.
SELinux in permissive mode will continue to do acc
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 11/01/2013 06:55 PM, Mark LaPierre wrote:
> On 11/01/2013 06:36 PM, Wes James wrote:
>> I have installed emacs with yum and now I'm trying to create a .emacs
>> file and put some commands in it, but I can't type anything in the emacs
>> buffer. It
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 09/25/2013 12:35 PM, James A. Peltier wrote:
> Hi All,
>
> I'm looking for input as to how I may restrict some post commit hooks by
> way of SELinux or some other mechanism. Here's a description of the
> problem that I need to solve.
>
> I have a
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 08/09/2013 05:47 PM, Ljubomir Ljubojevic wrote:
> On 08/09/2013 04:06 PM, m.r...@5-cent.us wrote:
>> Robert Moskowitz wrote:
>>>
>>> On 08/09/2013 08:48 AM, Mike Burger wrote:
Simply put, it's likely not in RHEL, either. CentOS is, essentially
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 07/23/2013 07:15 AM, Ken Smith wrote:
>
> James Hogarth wrote:
>> On 23 Jul 2013 07:42, "Ken Smith" wrote:
>>
>>> For some reason auditd wasn't running or enabled. I'm now seeing the
>>> messages I needed in /var/log/messages. I'm running
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 07/22/2013 10:55 AM, Paul Norton wrote:
> Hello Ken Try this " site:danwalsh.livejournal.com" in your
> searches. Also this is a good book
> http://www.amazon.com/SELinux-Example-Using-Security-Enhanced/dp/0131963694/ref=sr_1_2?ie=UTF8&qid=1374504
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 06/11/2013 03:28 PM, Michael Hennebry wrote:
> On Tue, 11 Jun 2013, Daniel J Walsh wrote:
>
>> -BEGIN PGP SIGNED MESSAGE- Hash: SHA1
>>
>> On 06/10/2013 03:31 PM, Michael Hennebry wrote:
>>> On Mon, 10
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 06/10/2013 03:31 PM, Michael Hennebry wrote:
> On Mon, 10 Jun 2013, m.r...@5-cent.us wrote:
>
>> Michael Hennebry wrote:
>>> On Mon, 10 Jun 2013, Michael Hennebry wrote:
On Mon, 10 Jun 2013, m.r...@5-cent.us wrote:
> Michael Hennebry wrote
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 05/28/2013 10:06 AM, m.r...@5-cent.us wrote:
> Johan Vermeulen wrote:
>>
>> Op 25-04-13 19:41, m.r...@5-cent.us schreef:
>>> John R Pierce wrote:
On 4/25/2013 5:01 AM, mark wrote:
> Two things: unless this is a laptop, shut down NetworkMan
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 04/25/2013 04:54 AM, Johan Vermeulen wrote:
>
>
>
>
> Op 24-04-13 22:53, m.r...@5-cent.us schreef:
>> John R. Dennison wrote:
>>> On Wed, Apr 24, 2013 at 03:06:11PM -0400, Daniel J Walsh wrote:
>>>>
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 04/24/2013 02:57 PM, Johan Vermeulen wrote:
> Dear All,
>
> thanks for the responses.
>
> Indeed, on machine A, Selinux is disabled.
>
> -bash-4.1# selinuxenabled && echo enabled || echo disabled disabled
>
> and on machine B, it's enabled.
>
>
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 03/27/2013 10:01 AM, Paul Norton wrote:
> On 27 March 2013 13:09, ign...@vault13.lt wrote:
>
>> Hello,
>>
>> how do people cope with constant SELinux errors like this from Fusion
>> Passenger:
>>
>> 36886. 03/27/2013 14:20:05 ps unconfined_u:sy
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 03/22/2013 04:25 PM, Robert Heller wrote:
> At Thu, 21 Mar 2013 20:54:04 -0400 Robert Heller
> wrote:
>
>>
>> At Thu, 21 Mar 2013 16:04:22 -0700 CentOS mailing list
>> wrote:
>>
>>>
>>> On 3/21/2013 3:42 PM, Robert Heller wrote:
Is it bec
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 03/14/2013 01:03 AM, Kahlil Hodgson wrote:
> On 14/03/13 06:23, Gordon Messmer wrote:
>> On 03/12/2013 04:07 PM, Kahlil Hodgson wrote:
>>> If you are upgrading from 6.3 to 6.4 and you use shorewall, you will
>>> want to run
>>>
>>> restorecon -Rv
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 03/13/2013 05:52 PM, Nux! wrote:
> On 12.03.2013 20:41, Emmett Culley wrote:
>> After successfully updating three CentOS 6.3 VM guests to 6.4 I decided
>> to update the host as well. And it failed to boot.
>>
>> Kernel panic - Not syncing: Attempt
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 03/11/2013 01:10 PM, Ilyas -- wrote:
> In which package/version?
>
> I've updated my home NAS to CentOS6.4 but it still has problem with access
> drives which passed to virtual machines.
>
> On Mon, Mar 11, 2013 at 6:31 PM
1 - 100 of 217 matches
Mail list logo
