On 01/06/2010 09:29 PM, John Poelstra wrote:
> I'm running sshd on a high (>1024) port number and cannot find a clear
> step by step guide for configuring this correctly on Fedora 12 on
> google I've come across lots of random bugs and forum questions, but
> nothing that starts at the beginning
On 01/04/2010 12:52 PM, Paolo Galtieri wrote:
> I've started seeing this selinux alert
>
> SELinux is preventing /usr/sbin/cupsd "ipc_lock" access.
>
> [cupsd has a permissive type (cupsd_t). This access was not denied.]SELinux
> denied access requested by cupsd. It is not expected that this acce
On 12/19/2009 02:06 PM, vinny wrote:
> Hello,
> I installed F12 in 2 desktop no problem both working perfectly.
> lately one has developed this security problem, it suggest to rename a
> file as a possible cure, I do not understand how can a file change name
> by it self. So before I make a mess of
On 12/14/2009 06:01 AM, Bob Goodwin wrote:
>
> I keep seeing a star icon in the F-12 box which produces the message
> below. I wonder if it has anything to do with my ssh problems?
>
> What does it mean? What must I do to satisfy it?
>
> Bob
>
> #
>
> Summary:
>
> SELinux is preventing /usr/l
On 12/01/2009 11:47 PM, Tim wrote:
> On Tue, 2009-12-01 at 12:04 -0500, Daniel J Walsh wrote:
>> You need to fix the context to match that in public_html
>>
>> chcon -R -t httpd_user_content_t foo
>>
>> Would do it.
>
> If that's the problem (just
On 11/29/2009 09:51 AM, Neal Becker wrote:
> Updating : selinux-policy-targeted-3.6.32-46.fc12.noarch
> 94/302
> libsepol.scope_copy_callback: audioentropy: Duplicate declaration in
> module: type/attribute entropyd_var_run_t (No such file or directory).
> libsemanage.semanag
On 11/26/2009 03:54 AM, Justin Jereza wrote:
>> Have you configured Apache to follow symlinks?
>> http://localhost/manual/mod/core.html#options
>
> Yes, Apache follows symlinks. That's why http://localhost/~user/foo/
> is accessible.
>
>> You also need appropriate file and directory permissions (
On 11/20/2009 04:05 PM, Phil Savoie wrote:
> Hi All,
>
> Is there a command to list all selinux context types. semanage fcontext
> -l only lists those currently in the database but not say ...
> public_content_rw_t which is used for the ftpd and is listed in the man
> pages for it.
>
> How do I
On 11/17/2009 05:27 PM, Wolfgang S. Rupprecht wrote:
>
> How do I add a second /home tree to selinux so that both /home and
> /home2 have the same policies and restorecon correctly? There seems to
> be quite a bit of logic in
> /etc/selinux/targeted/contexts/files/file_contexts.homedirs to treat
On 11/17/2009 03:05 AM, Ian Malone wrote:
> 2009/11/16 Tim :
>> On Mon, 2009-11-16 at 13:56 +0800, Mr. Teo En Ming (Zhang Enming) wrote:
>>> Well, for home or personal use systems, you don't really need SELinux.
>>> SELinux is for mission critical servers.
>>
>> Until you do something that SELinux
On 11/16/2009 12:09 AM, Paul Allen Newell wrote:
> Hello:
>
> I just upgraded two of my systems to latest yum update
> (2.6.30.9-96.fc11.i686.PAE) with the hopes that the CD and DVD issues
> have been resolved (they have, almost, but thats a separate bugzilla
> report).
>
> What I am querying abo
Don't worry about it, you are not alone... :^(
--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
On 11/12/2009 02:29 PM, Henrique Koesjan wrote:
> too many thanks Daniel,
>
> 3 seconds for solving troubles!. Sincerely this mailing list (the
> people in it) helps a lot less experienced users and all users I
> believe.
>
> henri, many thanks again.
>
Henri,
Can you please go back and read t
On 11/12/2009 01:24 PM, Henrique Koesjan wrote:
> Hi Daniel,
>
> Find attached the message. Thanks in advance.
>
> henri
>
> On Wed, Nov 11, 2009 at 12:41 PM, Daniel J Walsh wrote:
>> On 11/11/2009 09:08 AM, Henrique Koesjan wrote:
>>> Does anyone knows how
On 11/11/2009 09:08 AM, Henrique Koesjan wrote:
> Does anyone knows how to make cups-pdf works with selinux? I've tried
> "#setsebool -P cupsd_disable_trans 1" but it does not seem work.
>
> Sumário
> SELinux is preventing gs (cups_pdf_t) "search" to / (mount_tmp_t).
>
> Descrição detalhada
> SEL
On 10/21/2009 02:10 PM, Jim wrote:
> FC11/KDE
>
> Samsung has a very good printer in the CLX3175FN Lazer , I picked up for
> $250.00 at OfficeMax, a $400.00 printer.
>
> Anyhow You can get the printer drivers for Linux on their Support Site.
> When installing the print drivers you have to do it f
On 10/07/2009 01:51 PM, Mike Cloaked wrote:
>
>
> Daniel J Walsh wrote:
>>
>> On 10/07/2009 08:42 AM, Julian Aloofi wrote:
>>> Am Dienstag, den 06.10.2009, 12:57 -0700 schrieb Mike Cloaked:
>>>> Does anyone know if it is still current practice to set SE
On 10/07/2009 08:42 AM, Julian Aloofi wrote:
> Am Dienstag, den 06.10.2009, 12:57 -0700 schrieb Mike Cloaked:
>> Does anyone know if it is still current practice to set SELinux to permissive
>> before doing a spin re-build in mock/pungi in F11?
>>
>> Or has selinux policy now reached the point of r
On 10/05/2009 05:27 PM, Paolo Galtieri wrote:
> On Mon, Oct 5, 2009 at 2:13 PM, Daniel J Walsh wrote:
>
>> On 10/05/2009 03:22 PM, Paolo Galtieri wrote:
>>> On Mon, Oct 5, 2009 at 11:11 AM, Daniel J Walsh
>> wrote:
>>>
>>>> On 10/05/2009 02:08 PM,
On 10/05/2009 03:22 PM, Paolo Galtieri wrote:
> On Mon, Oct 5, 2009 at 11:11 AM, Daniel J Walsh wrote:
>
>> On 10/05/2009 02:08 PM, Jim wrote:
>>> FC11/Kde
>>>
>>> Trying to print on a Samsung CLX-3175FN.
>>> Selinux is playing havoc with printer
On 10/05/2009 02:08 PM, Jim wrote:
> FC11/Kde
>
> Trying to print on a Samsung CLX-3175FN.
> Selinux is playing havoc with printer drivers, these drivers are from
> Samsung and I'm getting many Selinux Alerts, to many to keep running
> Restorecon.
> The printing is coming out with double columns w
Mark Haney wrote:
Is anyone else seeing these types of failures with the latest selinux
updates?
libsemanage.semanage_direct_remove: Module dpkg was not found.
semodule: Failed on dpkg!
error: %trigger(selinux-policy-strict-2.6.4-21.fc7.noarch) scriptlet
failed, exit status 1
libsemanage.semana
On 09/19/2009 02:10 PM, Les wrote:
> I have upgraded to F11 using the upgrade from the update process. And
> it went smoothly. However, I am now getting a lot of SElinux messages
> (I had to set it to permissive to get anything done at all.) I have
> submitted bugs on two of them, and will submi
On 09/10/2009 11:19 AM, Stephen Smalley wrote:
> On Thu, 2009-09-10 at 10:58 -0400, Daniel J Walsh wrote:
>> On 09/10/2009 01:58 AM, Sean Carlos wrote:
>>>
>>> At one point I performed a new Fedora install and restored my personal
>>> files before disabling SELi
On 09/10/2009 01:58 AM, Sean Carlos wrote:
>
> At one point I performed a new Fedora install and restored my personal
> files before disabling SELinux which I don't need.
>
> As a result many files have permissions which include a dot at the end,
> e.g.:
>
> -rw-rw-r--.
>
> This causes havoc wi
On 09/07/2009 04:34 AM, Didar Hossain wrote:
> On Sat, Sep 5, 2009 at 9:45 PM, Frank Chiulli wrote:
>> On F11 when exim attempts to retrieve mail from my ISP, I get the following:
>
> How are you pulling the mail from your ISP?
>
>
>> Summary:
>> SELinux is preventing exim (exim_t) "getattr" boo
On 08/04/2009 11:11 AM, Steve wrote:
> Daniel,
>
> ---- Daniel J Walsh wrote:
>> On 08/03/2009 10:50 AM, Steve Blackwell wrote:
>>> Ever since I upgraded from F9 to F10 when F9 went EOL I've been having
>>> lots of SElinux warnings. Here's one. I get a
On 08/03/2009 10:50 AM, Steve Blackwell wrote:
> Ever since I upgraded from F9 to F10 when F9 went EOL I've been having
> lots of SElinux warnings. Here's one. I get at seemingly random times,
> ie not when I log in.
>
> Aug 3 09:06:50 steve setroubleshoot: SELinux is preventing
> polkit-read-aut
On 07/26/2009 05:45 PM, Frank Chiulli wrote:
> Sorry for the delay in responding. I've been on the road and unable
> to access my Fedora box. So after a little grief with SELinux and
> permissions I have a log file of exim. I'd post it here but it's 724
> lines long. I looked for boot in the fi
3 sgid=93 fsgid=93 tty=(none) ses=1 comm="exim"
exe="/usr/sbin/exim" subj=unconfined_u:system_r:exim_t:s0 key=(null)
Frank
On Mon, Jul 13, 2009 at 8:02 AM, Daniel J Walsh wrote:
On 07/13/2009 08:24 AM, Frank Chiulli wrote:
I realized that just before I received your email and d
On 07/13/2009 08:24 AM, Frank Chiulli wrote:
> I realized that just before I received your email and did post to
> fedora-list. My mistake and thanks for the heads up.
>
> Frank
>
> On Mon, Jul 13, 2009 at 5:22 AM, David JM Emmett
> wrote:
>> Don't mean to be completely rude but doesn't this be
On 07/12/2009 07:04 AM, Jurgen Kramer wrote:
> I've just upgraded my server to Fedora 11 (clean install) and I am
> trying to get everything working again. I have some problems with my
> mrtg scripts, they seem not allowed to run. I guess this has something
> to do with selinux.
>
> I see the foll
On 07/11/2009 07:06 PM, Steven F. LeBrun wrote:
> After doing a clean install of Fedora 11, the Apache webserver, httpd
> 2.2.11, is failing. The error log [see below] shows that all the httpd
> children are killing themselves with Segmentation faults.
>
> Httpd was working fine in Fedora 10, sam
On 07/10/2009 06:09 PM, Andras Simon wrote:
> Sometimes I see the warning:
>
> SELinux is preventing the sendmail from using potentially mislabeled files
> (/root).
>
> sendmail is not installed, but according to sealert, this warning is
> really about ssmtp.
> Of course I'm not trying to mail an
On 07/07/2009 09:33 AM, Marko Vojinovic wrote:
On Tue, Jul 7, 2009 at 1:58 PM, Stephen Smalley wrote:
You can ignore, and I think they are silenced by a policy update.
A libselinux constructor probes for /selinux/mls to initialize internal
state used later by the library functions, and unfortun
On 07/06/2009 10:08 PM, Amadeus W.M. wrote:
[r...@alm ~]# semanage fcontext -a -t mysqld_db_t "/data/mysql(/.*)?"
[r...@alm ~]# restorecon -R -v /data/mysql
Try
# semanage fcontext -a -t mysqld_db_t "/data(/.*)?"
# restorecon -R -v /data
--
fedora-list mailing list
fedora-list@redhat.com
T
On 07/05/2009 11:57 PM, Amadeus W.M. wrote:
Trying to run mysqld with datadir=/data/mysql (i.e. different than the
default datadir=/var/lib/mysql). When I start mysqld for the first time it
fails:
[r...@alm ~]# /etc/rc.d/init.d/mysqld start
Initializing MySQL database: Installing MySQL system t
On 06/26/2009 11:20 AM, Paolo Galtieri wrote:
I keep getting the following SELinux alert.
SELinux is preventing hostname (hostname_t) "read" security_t
The alert data is shown below. I'm not sure what I might have changed to
cause this.
Paolo
Summary:
SELinux is preventing hostname (hostname_
On 06/23/2009 08:09 PM, Richard Shaw wrote:
On Mon, Jun 22, 2009 at 3:48 PM, Daniel J Walsh wrote:
On 06/20/2009 01:50 PM, Steven Stern wrote:
On 06/20/2009 06:12 AM, Daniel J Walsh wrote:
On 06/19/2009 07:10 PM, Steven Stern wrote:
After installing hplip-gui, I got selinux errors when
On 06/23/2009 01:37 AM, Mark Panen wrote:
Hi
It is impossible for me to reach a web page that uses port 2082
through squid as SELinux keeps blocking it. If i bypass squid i can
reach the web page.
How do i configure SELinux to allow port 2082 ?
Mark
One of two ways, you can either allow squ
On 06/20/2009 01:50 PM, Steven Stern wrote:
On 06/20/2009 06:12 AM, Daniel J Walsh wrote:
On 06/19/2009 07:10 PM, Steven Stern wrote:
After installing hplip-gui, I got selinux errors when checking on the
printer status.
audit2allow generated the following policy
module cups20090619 1.0
On 06/19/2009 07:10 PM, Steven Stern wrote:
After installing hplip-gui, I got selinux errors when checking on the
printer status.
audit2allow generated the following policy
module cups20090619 1.0;
require {
type hwdata_t;
type xdm_t;
class dir search;
class file { read getattr open };
}
#===
On 06/17/2009 08:17 AM, Steven Stern wrote:
My screen no longer shuts off after 30 minutes.
It had been fine, but on SYSTEM -> PREFERENCES -> POWER MANAGEMENT, I
clicked the "Make Default" button. After entering the root password, the
were several selinux errors regarding the labeling of %gconf.
On 06/15/2009 10:46 AM, Wander Boessenkool wrote:
On Mon, Jun 15, 2009 at 10:34:32AM -0400, Daniel J Walsh wrote:
On 06/13/2009 07:52 PM, NMONNET wrote:
ype=AVC msg=audit(1244936277.370:81): avc: denied { search } for
pid=2394 comm="dbus-daemon" name="3998" dev=pro
On 06/13/2009 07:52 PM, NMONNET wrote:
ype=AVC msg=audit(1244936277.370:81): avc: denied { search } for
pid=2394 comm="dbus-daemon" name="3998" dev=proc ino=337975
scontext=system_u:system_r:system_dbusd_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_execmem_t:s0 tclass=dir
type
policycoreutils-2.0.62-12.5.fc11 Currently in Updates testing or
policycoreutils-2.0.62-12.6.fc11 in Koji should fix this problem.
I have asked for -5 to be pushed into F11 final. Please grab one of
these packages to see if it fixes your problem.
--
fedora-list mailing list
fedora-list@redha
On 05/21/2009 03:26 PM, Mike Fleetwood wrote:
Daniel J Walsh:
What file system are you using?
Try
# restorecon -R -v / 2> /dev/null
You will get lots of errors.
Ext3 file system.
[r...@mfleetwo3 ~]# mount | egrep '/ |/boot'
/dev/mapper/VolGroup00-LogVol00 on / type ext3 (rw)
On 05/21/2009 11:27 AM, Mike Fleetwood wrote:
Daniel J Walsh wrote:
Your message bus is running as initrc_t which indicates that you have a
labeling problem.
fixfiles restore
Reboot and you should be all set.
Your message bus should be running as system_dbusd_t. It is also running as
On 05/21/2009 09:42 AM, Mike Fleetwood wrote:
Daniel J Walsh wrote:
Are you seeing any avc's in /var/log/audit/audit.log?
With SELinux in permissive mode ...
[r...@mfleetwo3 ~]# id
uid=0(root) gid=0(root)
groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel)
co
On 05/20/2009 05:33 PM, Mike Fleetwood wrote:
Daniel J Walsh wrote:
On 05/20/2009 04:23 AM, Mike Fleetwood wrote:
I have identified that my issues are caused by SELinux. I have
rebooted with enforcing=0 to switch SELinux into permissive mode and
ConsoleKit and Pulseaudio start correctly and
On 05/20/2009 04:23 AM, Mike Fleetwood wrote:
I wrote:
I can see that on my functioning desktops that before login, gdm has
been granted read-write access, via ACLs, to the sound device files in
/dev/snd/. After GDM login my user is granted read-write instead.
On my broken desktop there are no
On 05/05/2009 08:17 PM, David wrote:
On Wed, May 6, 2009 at 8:58 AM, Eamon Walsh wrote:
David wrote:
I'm attempting to mount a loop device (a ro file) at boot using fstab.
My fstab entry works fine from the command line, but it fails at boot
time due to a selinux avc error. I assume this is du
On 05/04/2009 08:02 PM, David wrote:
On Tue, May 5, 2009 at 1:20 AM, Daniel J Walsh wrote:
What OS Are you running?
What policy version?
Hi Daniel
Thanks for responding. Just in case you didnt notice the beginning of
this thread is http://article.gmane.org/gmane.linux.redhat.fedora.general
On 05/04/2009 05:19 AM, David wrote:
[da...@kablamm ~]$ cat
/etc/selinux/targeted/contexts/files/file_contexts | grep mount
/etc/rc.d/init.d/autofs -- system_u:object_r:automount_script_exec_t:s0
/bin/mount.*-- system_u:object_r:mount_exec_t:s0
/bin/umount.* -- system_u:objec
On 04/29/2009 11:20 AM, Daniel B. Thurman wrote:
Daniel J Walsh wrote:
On 04/28/2009 10:07 PM, Daniel B. Thurman wrote:
I am trying to get my CVS repository setup. Apparently,
it appears that the repository must be in the root directory,
otherwise I get selinux permission denials.
What I
On 04/28/2009 10:07 PM, Daniel B. Thurman wrote:
I am trying to get my CVS repository setup. Apparently,
it appears that the repository must be in the root directory,
otherwise I get selinux permission denials.
What I tried to do initially was to locate the repository
on a NTFS filesystem for
On 03/30/2009 12:54 PM, Steven Stern wrote:
Daniel J Walsh wrote:
On 03/29/2009 11:29 AM, Steven Stern wrote:
Running named in a chroot, I've been getting these messages for about a
week. Running restorecon, as suggested by the troubleshooter, doesn't
help.
Mar 26 05:08:5
On 03/29/2009 11:29 AM, Steven Stern wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Running named in a chroot, I've been getting these messages for about a
week. Running restorecon, as suggested by the troubleshooter, doesn't help.
Mar 26 05:08:55 sds-desk setroubleshoot: SELinux is preve
On 03/24/2009 04:14 PM, Andras Simon wrote:
I see this
Updating : selinux-policy-targeted 4/8
libsepol.policydb_write: Warning! Policy version 22 cannot support
permissive types, but some were defined
This is on F9. Something to be worried about?
Andra
On 03/24/2009 10:53 AM, Mike Cloaked wrote:
Daniel J Walsh wrote:
What avc messages are you seeing?
That is the problem - I am not seeing avc's, or log messages or anything -
the programs just won't run! The gnome desktop seems normal other than that
these few programs won&#x
On 03/24/2009 08:40 AM, Mike Cloaked wrote:
Mike Cloaked wrote:
I just tried to run Okular in F10 (first time since recent selinux policy
update) and nothing happens - used to work fine!
Also Crossover no longer executes programmes -
I wonder if anyone else is seeing this change of behaviour
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
dexter wrote:
> 2009/3/9 Daniel J Walsh :
>> All this for arguable value.
>
> You forgot to add in your opinion!
> Because I happen to like the option of selecting which kernel I boot
> from next before I restart.
>
> .
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Marko Vojinovic wrote:
> On Sunday 08 March 2009 23:39, Kevin Kofler wrote:
>> Marko Vojinovic wrote:
>>> I don't understand the last point. What is the feature of KDM that you
>>> talk about? I don't remember enabling any specific feature of KDM other
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Mike Cloaked wrote:
>
>
> Daniel J Walsh wrote:
>>
>> This is very strange, I have no idea why SELinux update would do this,
>> and suspect that something else might have gone wrong. Were there other
>> packages i
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Mike Cloaked wrote:
> I have just updated some f10 boxes a few minutes ago. On logging on again
> after rebooting to the new kernel this evening, the main user directories
> have had their contexts changed to usr_t so I presume some kind of
> relabelli
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Antonio Olivares wrote:
>
>
> --- On Tue, 2/17/09, Antonio Olivares wrote:
>
>> From: Antonio Olivares
>> Subject: network-scripts problem
>> To: fedora-list@redhat.com
>> Cc: fedora-selinux-l...@redhat.com
>> Date: Tuesday, February 17, 2009, 7:4
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Antonio Olivares wrote:
> Dear fellow testers,
>
> I encountered network functions/network-scripts problem :(
>
> [r...@localhost ~]# dhclient eth0
> Missing /etc/sysconfig/network-scripts/network-functions, exiting.
> Missing /etc/sysconfig/network
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Les wrote:
> I upgraded from F8 to F10. It appeared to go smoothly, but then I
> received the following SELinux errors:
>
> //
> /** first
>
> Summary:
>
> SELinu
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Thierry Sayegh De Bellis wrote:
> John Aldrich wrote:
>> I thought that by setting selinux to "disabled" in the config file, I
>> wouldn't be bothered by it's alerts any more. How do I stop SELinux
>> from running, period? I don't want any alerts from
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Mark Haney wrote:
> Mark Haney wrote:
>> I've got a server that we use to do speed testing of our upstreams (and
>> customers links) using FTP. This is a fresh F10 install and I'm getting
>> what seems to be a very common selinux ftp error (226 Failed
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Daniel J Walsh wrote:
> Christopher A. Williams wrote:
>> I had promised to do this and post my results a week ago and got
>> thoroughly tied up over the holidays - sorry about that. It was a good
>> Christmas for us though! :)
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Christopher A. Williams wrote:
> I had promised to do this and post my results a week ago and got
> thoroughly tied up over the holidays - sorry about that. It was a good
> Christmas for us though! :)
>
> So - I did get around to loading up a server w
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Tim wrote:
> On Sun, 2009-01-04 at 12:36 -0800, Mike Cloaked wrote:
>> Fairly regularly there are selinux updates that come in during yum
>> updates - I presume that nothing gets changed unless a relabel is
>> done? Or am I wrong?
>
> A policy can se
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
William Case wrote:
> Hi;
>
> This probably more of a frustration question than an eventually solving
> it myself question.
>
> I couldn't get any sound -- I originally thought it was an Adobe Flash
> problem -- until I changed SELinux from enforcing
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Steven Stern wrote:
> Ran a yum update today that picked up these pages
>
> selinux-policy noarch 3.5.13-34.fc10updates 613 k
> selinux-policy-targeted noarch 3.5.13-34.fc10 updates 2.0 M
>
> and saw this:
>
> Updating :
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Christopher A. Williams wrote:
> On Sun, 2008-12-14 at 21:27 -0500, Claude Jones wrote:
>> On Sunday 14 December 2008 18:21:44 Christopher A. Williams wrote:
>>> As to how long this has gone on, it has since F8 and VMware Server
>>> 1.0.x. The only kno
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Christopher A. Williams wrote:
> I'm just curious - Has anyone made any progress on figuring out why
> VMware Server 2.0 does NOT run on F10 unless selinux is disabled? Even
> running selinux in permissive mode causes VMware Server fits.
>
> This has
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Matthew Saltzman wrote:
> On Sun, 2008-12-07 at 20:44 -0600, Mikkel L. Ellertson wrote:
>> Jim wrote:
>>> stan wrote:
I don't run KDE and SELinux is Greek to me, but what is the error
message, and does SETroubleshooter (the yellow star) recom
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
gab_v wrote:
> Dear all,
> I have a Fedora 9 distr.
>
> I've lot of problem with SELinux, so I want to know how to get rid of it. In
> particular I am interested NOT in make SELinux status "Disabled" but to
> uninstall it.
>
> I am not sure how to
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Zoltan Kota wrote:
> Hi,
>
> In my F10 installation selinux seems to prevent working openvpn. After
> connection openvpn wants to modify /etc/resolv.conf that is not
> allowed I think.
>
> I start openvpn by the command
>
> [EMAIL PROTECTED] /etc/in
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Marcelo Magno T. Sales wrote:
> Em Dom 30 Nov 2008, Rex Dieter escreveu:
>> Marcelo Magno T. Sales wrote:
>>> Em Dom 30 Nov 2008, Marcelo Magno T. Sales escreveu:
People,
I've just installed F10 and have fully updated the system.
Wh
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
insidepowe wrote:
> I have the java applet not initialized problem also and have solved it.
>
> I think there is a conflict between jre java-plugin and IcedTea plugin. so I
> removed IcedTea and java applet is now working.
>
> 1. Download jre-6u1-l
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Mike Cloaked wrote:
> I am running an F9 system with SELinux enabled on a laptop.
> I recently installed kismet (yum install kismet) to check local wireless
> channels so I can ensure my AP does not conflict with other boxes nearby.
>
> I made the usu
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Vandaman wrote:
> My Fedora 9 box cannot boot without selinux=0. It was a nightmare
> doing a http install only to find it was referring to non-existent
> selinux policy files. I booted by selinux=0 and then a yum update
> solved some of the proble
eventing dbus-daemon (xguest_dbusd_t) "read write" to socket
> (xguest_t).
>
>
>
> On Tue, Nov 4, 2008 at 2:03 PM, Matt Nicholson <[EMAIL PROTECTED]> wrote:
>
>> yes, all upto date. a new build from my kickstart is finishing updating
>> right now (had
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Matt Nicholson wrote:
> Right, that did it (after i started the oddjobd service, that is).
>
> Now, the original reason i turned selinux back on was to use
> xguestsaddly, this isn't working still...
>
Why not? Are you fully up2date?
xguest sho
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Matt Nicholson wrote:
> So, I have an environment, where we pull user data/auth from ldap/kerberos
> for a bunch of fedora workstations. I would love to have selinux turned on
> on these, but, right now it jsut doesn't work with our setup.
>
> See, yo
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
William John Murray wrote:
> Hello all,
> I am trying to persuade an F9 box to export an filesystem
> with nfs. It seems to be unwilling:
>
> Oct 27 10:49:41 RAL-161-1-14 rpcbind: rpcbind terminating on signal.
> Restart with "rpcbind
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Pavel Lisy wrote:
> On Thu, 2008-10-23 at 10:20 -0400, Daniel J Walsh wrote:
>> Pavel Lisy wrote:
>>> Hello
>>>
>>> I've just installed F10beta and it seams to be step forward.
>>>
>>> Bu
Pavel Lisy wrote:
> Hello
>
> I've just installed F10beta and it seams to be step forward.
>
> But I have problem with firefox and flash content in some web sites.
>
> there are these errors (Summary only):
>
> 2x
> SELinux is preventing npviewer.bin (nsplugin_t) "read" to ./profiles.ini
> (
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Tom Horsley wrote:
> I was just trying to remove as many selinux related packages as possible
> (a fedora 9 system) to avoid having to download their updates when I have
> selinux turned off anyway.
>
> Several of the rpms I tried to erase want to dra
Mike wrote:
> Daniel J Walsh redhat.com> writes:
>
>> If you mount with a "context=" flag no context will get placed on the disk.
>>
>> You may/probably do not want the files on this backup to have the
>> labels, and often are better off calling restor
Mike wrote:
> Daniel J Walsh redhat.com> writes:
>
>> If you are going to be moving this disk back and forth between selinux
>> enabled and disabled machines, and the files back and forth on the disk,
>> you really should use a context mount on the SELinux platform
Mike wrote:
> Daniel J Walsh redhat.com> writes:
>
>> You can easily lay context down by running restorecon on the USB drive
>> at the mountpoint. Or just set it up to mount the disk with a countext.
>> Something like system_u:object_r:removable_t:s0.
>
> Tha
Henk Breimer wrote:
> On Fri, 03 Oct 2008 09:17:32 -0400
> Daniel J Walsh <[EMAIL PROTECTED]> wrote:
>
>> Henk Breimer wrote:
>>> For quite some time now start of NetworkManager provokes the
>>> following selinux avc's. restorecon and autorelabal di
Henk Breimer wrote:
> For quite some time now start of NetworkManager provokes the following
> selinux avc's. restorecon and autorelabal did not help.
> I need some help to get this resolved.
>
> Raw Audit Messages :
> host=pietro.localdomain type=AVC
> msg=audit(1223033504.299:176): avc: denied
Mike wrote:
> I have a question related to something I had not thought about before...
>
> I have an external USB drive that has been used for quite some time as a
> backup drive attached to a machine that has SELinux disabled. Other machines
> in the LAN are backed up to the same external drive
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Claude Jones wrote:
> I'm getting lots of these alerts. I can't figure out what ./services is, and
> the suggested fix produces the following:
> *
> restorecon -v './services'
> restorecon: stat
William John Murray wrote:
> Hello all,
>I am using rsync -e ssh as a backup from a laptop to a
> desktop. This seems to work, but generates selinux denials. These
> need the following addition in local.te:
>
> module local 1.0;
>
> require {
> type sshd_t;
> type crond
Stephen Croll wrote:
> Daniel J Walsh wrote:
>> So KDE+Konsole seems to be leaking a file descriptor.
>>
>>
> Yes, that seems to be the case. With KDE 4.1, the fd is now 23 (if
> that's somehow useful):
>
> [EMAIL PROTECTED] ~]# ls -lZ
1 - 100 of 130 matches
Mail list logo
