search for: fcontext

Thanks, I managed to fix /var/lib/mysql # ls -ldZ /var/lib/mysql drwxr-xr-x. mysql mysql system_u:object_r:mysqld_db_t:s0 /var/lib/mysql To fix it, I tried: semanage fcontext -d -e /var/lib/mysql this command returned: KeyError: /var/lib/mysql I tried restorecon anyway: restorecon -Rv /var/lib/mysql But not better: ls -ldZ /var/lib/mysql drwxr-xr-x. mysql mysql system_u:object_r:var_lib_t:s0 /var/lib/mysql So I did the following: semanage fcontext -d -t var_lib_t /va...

Interesting to see the Equivalence. As a first thing, I tried: semanage fcontext -a -e /var/lib/mysql.old /var/lib/mysql then restorecon -R /var/lib/mysql # semanage fcontext -lC SELinux fcontext type Context /home/users(/.*)? all files system_u:object_r:user_home_dir_t:s0 /var/lib/mysql...

...forced to use Siteminder, by CA, who have no clue what they're doing in *nix. No packages, tarballs... Anyway, I'm trying clean up some stuff, and in /*/smwa/webagent/bin (all their binaries, including .so's, are in there, duh... I'm trying to set the .so's to lib_t. semanage -fcontext -a -t lib_t "/<elided>/smwa/webagent/bin(/.*).so" gives me the completely unexpected response of semanage: error: argument subcommand: invalid choice: 'lib_t' (choose from 'import', 'export', 'login', 'user', 'port', 'ibpkey',...

Warren Young wrote: > On May 8, 2019, at 9:31 AM, mark <m.roth at 5-cent.us> wrote: > >> semanage -fcontext -a -t lib_t "/<elided>/smwa/webagent/bin(/.*).so? > > [snip] > >> What am I doing wrong? >> <snip> > Also, I?m confused by the parens in your file path. Whether your shell > is or not is a different question. I'm following the manpage, semanage-fcon...

hi, i want set selinux to usw with ntpd but when i run (as described in wiki) semanage -a -t ntpd_t "/usr/local/samba/var/lib/ntp_signd" i have that error " usage: semanage [-h] {import,export,login,user,port,ibpkey,ibendport,interface,module,node,fcontext,boolean,permissive,dontaudit} ... semanage: error: argument subcommand: invalid choice: 'ntpd_t' (choose from 'import', 'export', 'login', 'user', 'port', 'ibpkey', 'ibendport', 'interface', 'module', &...

Hi, I tried to apply a security context on a directory with the following commands: [root@ local]# semanage fcontext -a -t httpd_sys_rw_content_t "netdot(/.*)?" [root@ local]# restorecon -R netdot/ When I list the contexts, it is part of the list.... [root@ local]# semanage fcontext -l | grep netdot ./netdot(/.*)? all files system_u:object_r:httpd_sys_rw_content_t:s...

...l.old to /var/lib/mysql. But then I got a selinux problem: # ls -ldZ mysql.old/ mysql drwxr-xr-x. mysql mysql system_u:object_r:var_lib_t:s0 mysql drwxr-xr-x. mysql mysql system_u:object_r:mysqld_db_t:s0 mysql.old/ I tried to changed the context on mysql with the following commands: # semanage fcontext -a -t mysqld_db_t "/var/lib/mysql(/.*)?" # restorecon -R -v /var/lib/mysql But the /var/lib/mysql directory didn't take the change as you can see below: # ls -ldZ mysql.old/ mysql drwxr-xr-x. mysql mysql system_u:object_r:var_lib_t:s0 mysql drwxr-xr-x. mysql mysql system_u:object_r...

...out a few things to correct: [root at VIRTCENT04:~]#cobbler check The following are potential configuration items that you may want to fix: 1 : you need to set some SELinux content rules to ensure cobbler serves content correctly in your SELinux environment, run the following: /usr/sbin/semanage fcontext -a -t public_content_t "/tftpboot/.*" && /usr/sbin/semanage fcontext -a -t public_content_t "/var/www/cobbler/images/.*" 2 : you need to set some SELinux rules if you want to use cobbler-web (an optional package), run the following: /usr/sbin/semanage fcontext -a -t http...

On 23 Oct 2017 5:26 pm, "Bernard Fay" <bernard.fay at gmail.com> wrote: Interesting to see the Equivalence. As a first thing, I tried: semanage fcontext -a -e /var/lib/mysql.old /var/lib/mysql then restorecon -R /var/lib/mysql # semanage fcontext -lC SELinux fcontext type Context /home/users(/.*)? all files system_u:object_r:user_home_dir_t:s0 /var/lib/mysql...

In this wiki article: https://wiki.centos.org/HowTos/SetUpSamba ?there is a command down in section 2 that gives an error here on CentOS 7: $ sudo semanage fcontext ?at samba_share_t /path/to/share ?noise noise noise? semanage: error: unrecognized arguments: samba_share_t /path/to/share That and the following restorecon command can be replaced by a single shorter command, which also fixes the symptom: $ sudo chcon -R -t samba_share_t /path/to/sh...

On 23 October 2017 at 19:18, Bernard Fay <bernard.fay at gmail.com> wrote: > Thanks, I managed to fix /var/lib/mysql > > # ls -ldZ /var/lib/mysql > drwxr-xr-x. mysql mysql system_u:object_r:mysqld_db_t:s0 /var/lib/mysql > > To fix it, I tried: > semanage fcontext -d -e /var/lib/mysql > this command returned: > KeyError: /var/lib/mysql > I tried restorecon anyway: > restorecon -Rv /var/lib/mysql > But not better: > ls -ldZ /var/lib/mysql > drwxr-xr-x. mysql mysql system_u:object_r:var_lib_t:s0 /var/lib/mysql > > So I did the foll...

...generates a list of rules that would allow the actions. The initial results seemed a bit overwhelming. To produce something more reasonable I decided to utilise the file contexts defined in the Samba3 policy as a basis and apply them to the Samba4 installation. To list these contexts: # semanage fcontext -l | grep -e samba -e smbd I modified these to suit the Samba4 installation and defined a set of rules to relabel the Samba4 directories acordingly. These are applied as follows: # semanage fcontext -a -t samba_initrc_exec_t "/etc/rc\.d/init\.d/samba4" # semanage fcontext -a -t samba_et...

Hello, On Sonntag, 30. April 2017 18:40:23 CEST Gordon Messmer wrote: > On 04/30/2017 07:03 AM, G?nther J. Niederwimmer wrote: > > I write this! > > > > semanage fcontext -a -t httpd_sys_rw_content_t "/var/www/html(/.*)?/ > > typo3conf(/.*)?" > > OK. Did you get an error? I have only Errors ;-). when I like to set this Rule ? semanage fcontext -a -t httpd_sys_rw_content_t "/var/www/html(/.*)?/ typo3conf(/.*)?" This Errors are dis...

...inally there, but it was replaced with the 2 line version > sometime > ago. The reason given was "Replace chcon by semanage/restorecon pair > to survive filesystem relabel". The comment is correct: chcon will not survive a relabel. You need to update the database first (semanage fcontext) and then let a relabel apply the new context. Louis

...h_exec_t:s0 while logwatch.pl runs as system_u:object_r:logwatch_exec_t:s0 As I understand it, selinux does not permit having multiple type settings for a file. Any file can have exactly one type setting. I ran this command hoping it would add another type to the virsh program. semanage fcontext -a -t logwatch_exec_t /usr/bin/virsh semanage fcontext --list /usr/bin/virsh | grep virsh /usr/bin/virsh all files system_u:object_r:logwatch_exec_t:s0 /usr/bin/virsh regular file system_u:object_r:virsh_exec_t...

...c users 4096 Aug 15 19:53 facilities drwxrwxr-x 2 public users 4096 Aug 15 19:53 maintenance drwxrwxr-x 2 public users 4096 Aug 15 19:53 operations drwxrwxr-x 2 public users 4096 Aug 15 19:48 public 2) I ran the following command from the manual above and got the following error. # semanage fcontext -a -t samba_share_t "/export(/.*)?" libsemanage.dbase_llist_query: could not query record value (No such file or directory). FileNotFoundError: [Errno 2] No such file or directory What do they mean "No such file or directory"? What am I doing wrong? Many thanks, -T -- ~~~~...

I was wondering if someone could help with selinux context for the portable openntpd library on centos7. I compiled openntpd-6.0p1 and it runs great on centos7, but have not had much luck with selinux contexts for it. This is what I tried- semanage fcontext -a -t ntp_conf_t /usr/local/etc/ntpd.conf # seems to work semanage fcontext -a -t ntpd_exec_t /usr/local/sbin/ntpd # gets reset on reboot to bin_t and/or stops ntpd from working semanage fcontext -a -t ntpd_exec_t /usr/local/sbin/ntpctl # stops ntpd from working semanage fcontext -a -t ntp_d...

On May 4, 2018, at 5:13 PM, Gordon Messmer <gordon.messmer at gmail.com> wrote: > > On 05/04/2018 12:03 PM, Warren Young wrote: >> ?there is a command down in section 2 that gives an error here on CentOS 7: >> >> $ sudo semanage fcontext ?at samba_share_t /path/to/share >> ?noise noise noise? >> semanage: error: unrecognized arguments: samba_share_t /path/to/share > > What is "noise" exactly? I don't get errors from that command: The full message is: usage: semanage [-h]...

Thanks for the pointer, will take a look down that route. Could you confirm the below is expected behaviour on Centos ? # semanage fcontext -a -t my_postfixauth_private_t "/var/spool/postfix/private(/.*)?" ValueError: Type my_postfixauth_private_t is invalid, must be a file or device type On 23 January 2017 at 19:06, Lukas Zapletal <lukas at zapletalovi.com> wrote: > Hello, > > restorecon works only for existi...

Hi, Spamassassin has been working nicely on my main server running CentOS 7 and Postfix. SELinux is activated (Enforcing). Since the most recent update (don't know if it's related to it though) I'm getting the following SELinux error. --8<----------------------------------------------------------------- SELinux is preventing /usr/bin/perl from 'read, write' accesses on