search for: rhlcommon

Yesterday I activated SELinux in targeted mode, then I rebooted and started receiving some error messages in the system services initialization: ====================================================================== audit(1156518721.252:2): avc: denied { read } for pid=2223 comm="syslogd" name="libc-2.3.4.so" dev=dm-0 ino=50441 scontext=user_u:system_r:syslogd_t

On 01/26/2017 08:45 AM, Sarah Newman wrote: > On 01/26/2017 08:06 AM, G?nther J. Niederwimmer wrote: >> Hello, >> >> CentOS 7.(3) Xen 4.4, >> >> Can I find any Doc for selinux with XEN, I found many Problems with selinux on >> Dom0 ? >> >> Or have I to disable selinux when I install XEN. >> >> Thank's for a answer. >> >

I need to run Apache on a port other than 80, 81 or 8080. My other servers are using 80 and 81 (RH 9: 80; Windows Apache: 81). If I set the port in httpd.conf to anything other than 80, I get an error that a socket cannot be created for the port. No doubt it has something to do with security (did not have that problem with Win Apache, but Windows is Windows). Any suggestions on where I

I have a NFS mount that I want apache to be able to serve files from. According to this doc: http://www.centos.org/docs/5/html/5.1/Deployment_Guide/rhlcommon-section-0097.html I should be able to mount it with a context that will allow apache to access it. But when I try the command they suggest: [root at vm-37:~] mount -t nfs -o \ context=system_u:object_r:httpd_sys_content_t \ 192.168.1.100:/data/test /mnt/test It mounts, but when I do: [root at...

While downloading almost all the guilds I came across a SELINUX Guide. Whats that for? -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.centos.org/pipermail/centos/attachments/20060407/142d9df5/attachment-0001.html>

Hello, I've read on several howtos that one way to make ssh more secure, or at least reduce the damage if somebody breaks in, is to NOT allow direct ssh login from root, but allow logins from another user. So you have to know two passwords in order to do any real damage. Does this make sense? IF yes, what is the right way to create an user only for this purpose, that is one that can only