Displaying 8 results from an estimated 8 matches for "seboolean".
Did you mean:
selboolean
2011 Jun 02
2
How to set selinux policy "allow httpd_t unconfined_t:shm { unix_read unix_write }; " using an seboolean? (How to get a new seboolean?)
Hi. I'm trying to get OTRS running on CentOS 5.5 with SELinux enabled,
and audit.log / audit2allow tell me I need to add the local policy:
#============= httpd_t ==============
allow httpd_t unconfined_t:shm { unix_read unix_write };
which I think will allow the httpd access to read and write from shared memory?
Is that right? What are the risks involved in opening this? I notice it is
2010 Mar 19
0
How to disable selinux protection interfering with pppd? I tried audit2allow, but policy does not load. Is there an seboolean?
...other policy:
# semodule -i fixdialinserver.pp
libsepol.check_assertion_helper: assertion on line 0 violated by allow
pppd_t shadow_t:file { read };
libsepol.check_assertions: 1 assertion violations occured
libsemanage.semanage_expand_sandbox: Expand module failed
semodule: Failed!
#
Is there an seboolean I can tweak to allow me to load this policy?
Thanks,
Aleksey
2016 Dec 27
2
Help with httpd userdir recovery
I lost my harddrive on my little personal webserver that only serves
some private files from my userdir.
So I am trying to build this from notes on a new Centos7.3 installation
(well really Centos7.3-arm, but supposedly same sources).
Right now the server is running on a test subnet, not the production,
but I have set up the hostname and my standard httpd edits. I have
enabled userdir and
2016 Dec 27
0
Help with httpd userdir recovery
...I try to display the files in a subdir with ipaddr/~rgm/mydir
>
> I get
>
> You don't have permission to access /~rgm/mydir/ on this server.
The fact that you see the index page makes me assume SELinux is not the
problem. If you do have it enabled you might want to check out the
sebooleans that affect apache.
$ getsebool -a | grep http
httpd_enable_homedirs is one of those.
Remember that file access is based on file permissions in combination
with file ownership. This means that if apache is neither owner nor
group owner of a file world must have read access for apache to access...
2010 May 05
0
pppd does not work if SELinux is turned on.
...erver.pp
> libsepol.check_assertion_helper: assertion on line 0 violated by allow
> pppd_t shadow_t:file { read };
> libsepol.check_assertions: 1 assertion violations occured
> libsemanage.semanage_expand_sandbox: Expand module failed
> semodule: ?Failed!
> #
>
> Is there an seboolean I can tweak to allow me to load this policy?
I used "getsebool -a |grep ppp" to find and enable the following three
selinux booleans:
pppd_can_insmod --> on
pppd_disable_trans --> on
pppd_for_user --> on
However pppd still does not work and policy still fails to load.
Any sug...
2016 Dec 27
4
Help with httpd userdir recovery
...in a subdir with ipaddr/~rgm/mydir
>>
>> I get
>>
>> You don't have permission to access /~rgm/mydir/ on this server.
> The fact that you see the index page makes me assume SELinux is not the
> problem. If you do have it enabled you might want to check out the
> sebooleans that affect apache.
>
> $ getsebool -a | grep http
>
> httpd_enable_homedirs is one of those.
I ran
setsebool -P httpd_enable_homedirs on
restorecon -Rv /home
And I see:
httpd_enable_homedirs --> on
> Remember that file access is based on file permissions in combination
>...
2012 Feb 16
3
Baffled by selinux
Apache DocumentRoot on an NFS directory:
[root at localhost ~]# service httpd start
Starting httpd: Warning: DocumentRoot [/home/www/html] does not exist
Syntax error on line 292 of /etc/httpd/conf/httpd.conf:
DocumentRoot must be a directory
[FAILED]
[root at localhost ~]#
After some research, I found this (dated) link
2012 Jun 29
5
puppetmaster init script - bug ?
I''ve configured puppet to use storedconfigs and puppetDB,
If I start the puppet master using the init script puppetmaster I get a permission denied error when a node connects:
Master:
[root@puppet ~]# service puppetmaster start
Starting puppetmaster: [ OK ]
Node:
[root@puppet-slave ~]# puppet agent --test
err: Could not retrieve catalog from remote