search for: enforces

On Wed, Sep 23, 2020 at 05:57:50PM +0200, Pino Toscano wrote: > Do not attempt to relabel a guest in case its SELinux enforcing mode is > not "enforcing", as it is either pointless, or it may fail because of an > invalid policy configured. > --- > mlcustomize/SELinux_relabel.ml | 26 +++++++++++++++++++++++++- > 1 file changed, 25 insertions(+), 1 deletion(-) >

Installed Packages Name : postfix Arch : x86_64 Epoch : 2 Version : 2.6.6 Release : 6.el6_5 Size : 9.7 M Repo : installed >From repo : updates I am seeing several of these in our maillog file after a restart of the Postfix service: Apr 23 12:48:27 inet08 setroubleshoot: SELinux is preventing /usr/libexec/postfix/smtp from 'read, write'

Hi, I would like to follow up on the previous thread[1], where there was a consensus to disallow merge commits in the llvm github repository, and start a discussion about how we should enforce this policy. Unfortunately, GitHub does not provide a convenient way to fully enforce this policy. We can enforce it for pull requests, but not for direct pushes to the master branch, so we will have to

On Thursday, 24 September 2020 12:15:29 CEST Richard W.M. Jones wrote: > On Wed, Sep 23, 2020 at 05:57:50PM +0200, Pino Toscano wrote: > > Do not attempt to relabel a guest in case its SELinux enforcing mode is > > not "enforcing", as it is either pointless, or it may fail because of an > > invalid policy configured. > > --- > >

Do not attempt to relabel a guest in case its SELinux enforcing mode is not "enforcing", as it is either pointless, or it may fail because of an invalid policy configured. --- mlcustomize/SELinux_relabel.ml | 26 +++++++++++++++++++++++++- 1 file changed, 25 insertions(+), 1 deletion(-) diff --git a/mlcustomize/SELinux_relabel.ml b/mlcustomize/SELinux_relabel.ml index 647aeda..db00e59

Continuation/rework of: https://www.redhat.com/archives/libguestfs/2020-May/msg00020.html This is my approach, as I explained here: https://bugzilla.redhat.com/show_bug.cgi?id=1828952#c4 https://www.redhat.com/archives/libguestfs/2020-May/msg00035.html IOW: do not attempt to relabel if the guest is not enforcing, as it is either useless or may fail; few words more are in the comments of patch #3.

Hello, how could it be achieved to run e.g. shutdown -h now from a CGI script on a system where SELinux is set to ENFORCING? Thanks Walter

Hey guys, For some reason I can't seem to enable SELinux on this one host. Here's my SELinux config file: [root at beta-new:~] #cat /etc/sysconfig/selinux # This file controls the state of SELinux on the system. # SELINUX= can take one of these three values: # enforcing - SELinux security policy is enforced. # permissive - SELinux prints warnings instead of enforcing. #

Hi there, We are using Samba as a user directory for our application. Passwords are stored in unicodePwd attribute, and our application resets passwords through LDAP (without the knowledge of the previous password, because it's an email-based reset). Unfortunately resetting it like this prevents the "password history" policy enforcement. This is a security problem that will come up

This is a pretty uncontroversial patch which just allows the selinux=? and enforcing=? flags on the kernel command line to be controlled. Currently libguestfs unconditionally passes selinux=0. By default this patch does the same thing, but allows programs to enable SELinux in the kernel and/or set it to enforcing mode. Rich. -- Richard Jones, Emerging Technologies, Red Hat

L.P.H. van Belle via samba ha scritto il 26/08/20 alle 15:41: > [...] > Thats exacly what i see. > This: net use g: \\IP\share /persistent:yes > > Used COMPUTERNAME\username at REALM Or DOM\USER at COMPUTERNAME > And not not DOM\user at REALM > Thats what i mean, and if you look good in your logs you see this also. yes I've seen it but if you say "Your not sending

On 03/20/2019 10:41 AM, Zachary Turner wrote: > > > On Tue, Mar 19, 2019 at 12:00 PM Tom Stellard via lldb-dev <lldb-dev at lists.llvm.org <mailto:lldb-dev at lists.llvm.org>> wrote: > > Hi, > > I would like to follow up on the previous thread[1], where there was a consensus > to disallow merge commits in the llvm github repository, and start a

Hey All, I am testing PSO password policies and am having trouble getting the Maximum password age to be enforced. I have a test policy applied to a group and it does enforce complexity and Minimum password length but not the Maximum password age. Anyone using this setting for PSO's? Samba version 4.10.0-Ubuntu Password information for PSO 'TESTpolicy' Precedence (lowest is

Hello, I have been looking at enforcing quotas for users of my mail system (postfix and Dovecot v1.2). Have tried to follow a few tuts on the web but its not having the desired effect. Essentially I can still send and receive mail on an account that I believe has had its quota exceeded. In my main.cf, I have: userdb sql { args = /etc/dovecot/mysql/dovecot-mysql.conf } passdb sql {

My Samba v3.0.25b (in CentOS v5.1) has the smb.conf shown below. What I'm seeing is that "force create mode" is not enforced when accessed by a Linux CIFS client (Fedora 7). On the server, user steve has a home directory of /home/steve, and the public directory is /home/samba/public. The shares are mounted from the client fstab like this: //nemesis/steve /mnt/cifs/myhome cifs

On Wed, Jan 30, 2019 at 1:19 PM Eric Christopher via cfe-dev < cfe-dev at lists.llvm.org> wrote: > On Wed, Jan 30, 2019 at 12:42 PM David Greene via cfe-dev > <cfe-dev at lists.llvm.org> wrote: > > > > Bruce Hoult via llvm-dev <llvm-dev at lists.llvm.org> writes: > > > > > How about: > > > > > > Require a rebase, followed by git

Hi, The Solaris password requirements like a. no empty password b. minimum 6 chars etc for a regualr user are not enforced when a password expired user is changing password at the SSH login prompt. The version of openSSH I am using is 3.8.1 and Solaris 8 is where the sshd is running. Is anybody aware of this problem? Is there some configuration option I can use to enforce these password

HFvs> Hello, >>> In my impression: Yes. Also, this problem seems to affect also zfs HFvs> and >> I'm mostly interested in the claim that ZFS is affected. >> I haven't followed this thread carefully, but what exactly is the problem we're >> talking about, and how do we know it impacts ZFS? >> [Something more than a single one-liner in that

Hello all, I've happily been using Dovecot for a couple of years now, but only a couple of days ago I configured it to speak both TLS and SSL for both POP3 and IMAP. Ideally I want users to use TLS, but I've enabled SSL, because some mailers (at least Apple Mail on OS X Tiger) don't support TLS. Right now I'm in sort of a transitional phase, where I'm asking users to enable

I think we definitely will want to support github PRs, at the very least as an _option_, even if we continue running/preferring phabricator. Github PRs are how everyone who is not already super-involved in the llvm project is going to want to contribute changes, and we ought to be as welcoming as possible to such users. On Tue, Mar 19, 2019 at 3:15 PM Roman Lebedev via cfe-dev < cfe-dev at