Displaying 20 results from an estimated 5254 matches for "enforcing".
2020 Sep 24
3
Re: [common PATCH 3/3] mlcustomize: do not relabel if not enforcing (RHBZ#1828952)
On Wed, Sep 23, 2020 at 05:57:50PM +0200, Pino Toscano wrote:
> Do not attempt to relabel a guest in case its SELinux enforcing mode is
> not "enforcing", as it is either pointless, or it may fail because of an
> invalid policy configured.
> ---
> mlcustomize/SELinux_relabel.ml | 26 +++++++++++++++++++++++++-
> 1 file changed, 25 insertions(+), 1 deletion(-)
>
> diff --git a/mlcustomize/SEL...
2014 Apr 23
1
SELInux and POSTFIX
Installed Packages
Name : postfix
Arch : x86_64
Epoch : 2
Version : 2.6.6
Release : 6.el6_5
Size : 9.7 M
Repo : installed
>From repo : updates
I am seeing several of these in our maillog file after a restart of the
Postfix service:
Apr 23 12:48:27 inet08 setroubleshoot: SELinux is preventing
/usr/libexec/postfix/smtp from 'read, write'
2019 Mar 19
8
[GitHub] RFC: Enforcing no merge commit policy
Hi,
I would like to follow up on the previous thread[1], where there was a consensus
to disallow merge commits in the llvm github repository, and start a discussion
about how we should enforce this policy.
Unfortunately, GitHub does not provide a convenient way to fully enforce this policy.
We can enforce it for pull requests, but not for direct pushes to the master branch,
so we will have to
2020 Sep 24
0
Re: [common PATCH 3/3] mlcustomize: do not relabel if not enforcing (RHBZ#1828952)
On Thursday, 24 September 2020 12:15:29 CEST Richard W.M. Jones wrote:
> On Wed, Sep 23, 2020 at 05:57:50PM +0200, Pino Toscano wrote:
> > Do not attempt to relabel a guest in case its SELinux enforcing mode is
> > not "enforcing", as it is either pointless, or it may fail because of an
> > invalid policy configured.
> > ---
> > mlcustomize/SELinux_relabel.ml | 26 +++++++++++++++++++++++++-
> > 1 file changed, 25 insertions(+), 1 deletion(-)
> >
>...
2020 Sep 23
0
[common PATCH 3/3] mlcustomize: do not relabel if not enforcing (RHBZ#1828952)
Do not attempt to relabel a guest in case its SELinux enforcing mode is
not "enforcing", as it is either pointless, or it may fail because of an
invalid policy configured.
---
mlcustomize/SELinux_relabel.ml | 26 +++++++++++++++++++++++++-
1 file changed, 25 insertions(+), 1 deletion(-)
diff --git a/mlcustomize/SELinux_relabel.ml b/mlcustomize/SELin...
2020 Sep 23
6
[common PATCH 0/3] SELinux_relabel: relabel only if enforcing (RHBZ#1828952)
...nuation/rework of:
https://www.redhat.com/archives/libguestfs/2020-May/msg00020.html
This is my approach, as I explained here:
https://bugzilla.redhat.com/show_bug.cgi?id=1828952#c4
https://www.redhat.com/archives/libguestfs/2020-May/msg00035.html
IOW: do not attempt to relabel if the guest is not enforcing, as it is
either useless or may fail; few words more are in the comments of patch
#3.
Pino Toscano (2):
mlcustomize: refactor reading from /etc/selinux/config
mlcustomize: do not relabel if not enforcing (RHBZ#1828952)
Richard W.M. Jones (1):
mlcustomize: Refactor SELinux_relabel code.
ml...
2016 Aug 20
3
running CGI scripts with SELinux=ENFORCING with priviledged commands ...
Hello,
how could it be achieved to run
e.g.
shutdown -h now
from a CGI script on a system where SELinux is set to ENFORCING?
Thanks
Walter
2014 Dec 30
3
can't enable selinux CentOS 6.5
Hey guys,
For some reason I can't seem to enable SELinux on this one host.
Here's my SELinux config file:
[root at beta-new:~] #cat /etc/sysconfig/selinux
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
SELINUX=enforcing
# SELINUXTYPE= can take one of these two values:
# targeted - Targeted processes are protected,
# mls - Multi Level Securit...
2016 Jul 12
2
Enforcing password history policy on password resets
Hi there,
We are using Samba as a user directory for our application. Passwords are
stored in unicodePwd attribute, and our application resets passwords
through LDAP (without the knowledge of the previous password, because it's
an email-based reset).
Unfortunately resetting it like this prevents the "password history" policy
enforcement. This is a security problem that will come up
2009 Aug 12
1
[PATCH] Allow selinux=? and enforcing=? kernel flags to be controlled
This is a pretty uncontroversial patch which just allows the
selinux=? and enforcing=? flags on the kernel command line
to be controlled.
Currently libguestfs unconditionally passes selinux=0. By default
this patch does the same thing, but allows programs to enable SELinux
in the kernel and/or set it to enforcing mode.
Rich.
--
Richard Jones, Emerging Technologies, Red Hat ht...
2020 Aug 27
3
accessing foreign AD users to NT domain
...some users have to access these data to control and elaborate
results... any way thank you for the hint, I'll think about it...
> The longer you wait with changing these setups, the more problems you will hit in the future.
> Not because im saying this.. Because
>
> Microsoft is enforcing more securitybut it's Microsoft that develop NetBIOS and LLMNR and if it's enforcing
security should enforce these protocols or remove them from their OS
isn't it?
Any way I'll think about it.
Thank you very much
Piviul
2019 Mar 20
3
[lldb-dev] [GitHub] RFC: Enforcing no merge commit policy
On 03/20/2019 10:41 AM, Zachary Turner wrote:
>
>
> On Tue, Mar 19, 2019 at 12:00 PM Tom Stellard via lldb-dev <lldb-dev at lists.llvm.org <mailto:lldb-dev at lists.llvm.org>> wrote:
>
> Hi,
>
> I would like to follow up on the previous thread[1], where there was a consensus
> to disallow merge commits in the llvm github repository, and start a
2019 Aug 21
2
Password Settings Objects - Maximum password age not enforced?
Hey All,
I am testing PSO password policies and am having trouble getting the Maximum password age to be enforced. I have a test policy applied to a group and it does enforce complexity and Minimum password length but not the Maximum password age. Anyone using this setting for PSO's?
Samba version 4.10.0-Ubuntu
Password information for PSO 'TESTpolicy'
Precedence (lowest is
2012 May 08
1
Enforcing Dovecot Quotas
Hello,
I have been looking at enforcing quotas for users of my mail system (postfix
and Dovecot v1.2). Have tried to follow a few tuts on the web but its not
having the desired effect. Essentially I can still send and receive mail on
an account that I believe has had its quota exceeded.
In my main.cf, I have:
userdb sql {
args...
2007 Dec 19
0
"force create mode" not enforced from linux client
My Samba v3.0.25b (in CentOS v5.1) has the smb.conf shown below. What
I'm seeing is that "force create mode" is not enforced when accessed by
a Linux CIFS client (Fedora 7).
On the server, user steve has a home directory of /home/steve, and the public
directory is /home/samba/public.
The shares are mounted from the client fstab like this:
//nemesis/steve /mnt/cifs/myhome cifs
2019 Jan 31
6
[cfe-dev] [Github] RFC: linear history vs merge commits
On Wed, Jan 30, 2019 at 1:19 PM Eric Christopher via cfe-dev <
cfe-dev at lists.llvm.org> wrote:
> On Wed, Jan 30, 2019 at 12:42 PM David Greene via cfe-dev
> <cfe-dev at lists.llvm.org> wrote:
> >
> > Bruce Hoult via llvm-dev <llvm-dev at lists.llvm.org> writes:
> >
> > > How about:
> > >
> > > Require a rebase, followed by git
2004 Jul 28
3
Solaris password requirements not enforced
Hi,
The Solaris password requirements like
a. no empty password
b. minimum 6 chars
etc for a regualr user are not enforced when a password expired user is
changing password at the SSH login prompt.
The version of openSSH I am using is 3.8.1 and Solaris 8 is where the
sshd is running.
Is anybody aware of this problem?
Is there some configuration option I can use to enforce these password
2019 May 21
1
Fw: Btrfs Samba and Quotas
...And the result is that quota management will essentially be undefined. It doesn't crash things, or corrupt them, but you can't rely on the quota enforcement being accurate/consistent. Is that also correct?
So, in btrfs [and perhaps ZFS] if you're _*not* using subvolumes_ and you _are enforcing quotas in Samba_, this isn't going to cause an issues.
Or you could be using subvolumes, but not enforcing quotas. And this will work fine.
The only problem set is where you're both enforcing quota in samba, and are using a sub-volume.
Again, do I have that right? [Probably I'm missing...
2009 Jan 06
3
Enforcing TLS
Hello all,
I've happily been using Dovecot for a couple of years now, but only a
couple of days ago I configured it to speak both TLS and SSL for both
POP3 and IMAP. Ideally I want users to use TLS, but I've enabled SSL,
because some mailers (at least Apple Mail on OS X Tiger) don't support
TLS.
Right now I'm in sort of a transitional phase, where I'm asking users to
enable
2019 Mar 19
3
[cfe-dev] [GitHub] RFC: Enforcing no merge commit policy
I think we definitely will want to support github PRs, at the very least as
an _option_, even if we continue running/preferring phabricator.
Github PRs are how everyone who is not already super-involved in the llvm
project is going to want to contribute changes, and we ought to be as
welcoming as possible to such users.
On Tue, Mar 19, 2019 at 3:15 PM Roman Lebedev via cfe-dev <
cfe-dev at