search for: seboolean

Hi. I'm trying to get OTRS running on CentOS 5.5 with SELinux enabled, and audit.log / audit2allow tell me I need to add the local policy: #============= httpd_t ============== allow httpd_t unconfined_t:shm { unix_read unix_write }; which I think will allow the httpd access to read and write from shared memory? Is that right? What are the risks involved in opening this? I notice it is

...other policy: # semodule -i fixdialinserver.pp libsepol.check_assertion_helper: assertion on line 0 violated by allow pppd_t shadow_t:file { read }; libsepol.check_assertions: 1 assertion violations occured libsemanage.semanage_expand_sandbox: Expand module failed semodule: Failed! # Is there an seboolean I can tweak to allow me to load this policy? Thanks, Aleksey

I lost my harddrive on my little personal webserver that only serves some private files from my userdir. So I am trying to build this from notes on a new Centos7.3 installation (well really Centos7.3-arm, but supposedly same sources). Right now the server is running on a test subnet, not the production, but I have set up the hostname and my standard httpd edits. I have enabled userdir and

...I try to display the files in a subdir with ipaddr/~rgm/mydir > > I get > > You don't have permission to access /~rgm/mydir/ on this server. The fact that you see the index page makes me assume SELinux is not the problem. If you do have it enabled you might want to check out the sebooleans that affect apache. $ getsebool -a | grep http httpd_enable_homedirs is one of those. Remember that file access is based on file permissions in combination with file ownership. This means that if apache is neither owner nor group owner of a file world must have read access for apache to access...

...erver.pp > libsepol.check_assertion_helper: assertion on line 0 violated by allow > pppd_t shadow_t:file { read }; > libsepol.check_assertions: 1 assertion violations occured > libsemanage.semanage_expand_sandbox: Expand module failed > semodule: ?Failed! > # > > Is there an seboolean I can tweak to allow me to load this policy? I used "getsebool -a |grep ppp" to find and enable the following three selinux booleans: pppd_can_insmod --> on pppd_disable_trans --> on pppd_for_user --> on However pppd still does not work and policy still fails to load. Any sug...

...in a subdir with ipaddr/~rgm/mydir >> >> I get >> >> You don't have permission to access /~rgm/mydir/ on this server. > The fact that you see the index page makes me assume SELinux is not the > problem. If you do have it enabled you might want to check out the > sebooleans that affect apache. > > $ getsebool -a | grep http > > httpd_enable_homedirs is one of those. I ran setsebool -P httpd_enable_homedirs on restorecon -Rv /home And I see: httpd_enable_homedirs --> on > Remember that file access is based on file permissions in combination &gt...

Apache DocumentRoot on an NFS directory: [root at localhost ~]# service httpd start Starting httpd: Warning: DocumentRoot [/home/www/html] does not exist Syntax error on line 292 of /etc/httpd/conf/httpd.conf: DocumentRoot must be a directory [FAILED] [root at localhost ~]# After some research, I found this (dated) link

I''ve configured puppet to use storedconfigs and puppetDB, If I start the puppet master using the init script puppetmaster I get a permission denied error when a node connects: Master: [root@puppet ~]# service puppetmaster start Starting puppetmaster: [ OK ] Node: [root@puppet-slave ~]# puppet agent --test err: Could not retrieve catalog from remote