subject:"\[CentOS\] Type enforcement \/ mechanism not clear"

Re: [CentOS] Type enforcement / mechanism not clear

2018-09-22 Thread Gordon Messmer

On 9/9/18 9:23 AM, Gordon Messmer wrote: I don't see sesearch mentioned in the SELinux FAQ hosted by Fedora, and the mention in CentOS's FAQ appears to be the invocation that Leon used, which was less than helpful. I think both would be improved if they started from an AVC log entry (which doe

Re: [CentOS] Type enforcement / mechanism not clear

2018-09-10 Thread Daniel Walsh

On 09/10/2018 09:41 AM, Leon Fauster via CentOS wrote: Am 09.09.2018 um 16:19 schrieb Daniel Walsh : On 09/09/2018 09:43 AM, Leon Fauster via CentOS wrote: Am 09.09.2018 um 14:49 schrieb Daniel Walsh : On 09/08/2018 09:50 PM, Leon Fauster via CentOS wrote: Any SElinux expert here - briefly:

Re: [CentOS] Type enforcement / mechanism not clear

2018-09-10 Thread Leon Fauster via CentOS

Am 09.09.2018 um 16:19 schrieb Daniel Walsh : > > On 09/09/2018 09:43 AM, Leon Fauster via CentOS wrote: >> Am 09.09.2018 um 14:49 schrieb Daniel Walsh : >>> On 09/08/2018 09:50 PM, Leon Fauster via CentOS wrote: Any SElinux expert here - briefly: # getenforce Enforcing

Re: [CentOS] Type enforcement / mechanism not clear

2018-09-09 Thread Gordon Messmer

On 09/09/2018 07:19 AM, Daniel Walsh wrote: sesearch -A -s httpd_t -t system_conf_t -p read If you feel that these files should not be part of the base_ro_files then we should open that for discussion. I think the question was how users would know that the policy allowed access, as he was p

Re: [CentOS] Type enforcement / mechanism not clear

2018-09-09 Thread Daniel Walsh

On 09/09/2018 09:43 AM, Leon Fauster via CentOS wrote: Am 09.09.2018 um 14:49 schrieb Daniel Walsh : On 09/08/2018 09:50 PM, Leon Fauster via CentOS wrote: Any SElinux expert here - briefly: # getenforce Enforcing # sesearch -ACR -s httpd_t -c file -p read |grep system_conf_t # sesearch -A

Re: [CentOS] Type enforcement / mechanism not clear

2018-09-09 Thread Leon Fauster via CentOS

Am 09.09.2018 um 14:49 schrieb Daniel Walsh : > > On 09/08/2018 09:50 PM, Leon Fauster via CentOS wrote: >> Any SElinux expert here - briefly: >> >> # getenforce >> Enforcing >> >> # sesearch -ACR -s httpd_t -c file -p read |grep system_conf_t >> >> >> # sesearch -ACR -s httpd_t -c file -p r

Re: [CentOS] Type enforcement / mechanism not clear

2018-09-09 Thread Daniel Walsh

On 09/08/2018 09:50 PM, Leon Fauster via CentOS wrote: Any SElinux expert here - briefly: # getenforce Enforcing # sesearch -ACR -s httpd_t -c file -p read |grep system_conf_t # sesearch -ACR -s httpd_t -c file -p read |grep syslog_conf_t # ls -laZ /etc/sysctl.conf /etc/rsyslog.conf -rw-

[CentOS] Type enforcement / mechanism not clear

2018-09-08 Thread Leon Fauster via CentOS

Any SElinux expert here - briefly: # getenforce Enforcing # sesearch -ACR -s httpd_t -c file -p read |grep system_conf_t # sesearch -ACR -s httpd_t -c file -p read |grep syslog_conf_t # ls -laZ /etc/sysctl.conf /etc/rsyslog.conf -rw-r--r--. root root system_u:object_r:syslog_conf_t:s0 /e

Re: [CentOS] Type enforcement / mechanism not clear

Re: [CentOS] Type enforcement / mechanism not clear

Re: [CentOS] Type enforcement / mechanism not clear

Re: [CentOS] Type enforcement / mechanism not clear

Re: [CentOS] Type enforcement / mechanism not clear

Re: [CentOS] Type enforcement / mechanism not clear

Re: [CentOS] Type enforcement / mechanism not clear

[CentOS] Type enforcement / mechanism not clear

8 matches

Site Navigation

Mail list logo

Footer information