search for: selinuxproject

...ng someone that they should be using SFTP instead of FTP is the only appropriate thing to be saying here, not this dead-horse-beating. So to actually address the stated problem... I don't know about proftpd, but there's a page here that discusses getting it working with selinux: http://selinuxproject.org/page/FTPRecipes and I'm sure that clicking this link will lead you to other helpful documents: https://www.google.com/search?q=proftpd+selinux+centos+7 It does require that you have an understanding of selinux, and are not just looking for a magic incantation to make it work. You can...

I didn't see what are the main differences in http://libguestfs.org/guestfs.3.html#backend Specifically, I'm interested in what is faster (direct sounds faster to me), and if there are any major restrictions (networking?) Here's an example command we are running (sorry, Python'ish, but you'll get it): ['virt-sysprep', '--connect', 'qemu:///system',

On Mon, Mar 2, 2015 at 4:43 PM, Tim Dunphy <bluethundr at gmail.com> wrote: >> >> errr, I meant, sftp, not rscp > > > Heh.. yeah. But the client isn't gonna go for that. LOL. Any way to allow > regular ol' FTP using SELinux? Or does that just defeat the purpose of > having a secure SELlinux server entirely? What is the context here? The big problem

????????? ???????? ????? 2016-07-05 19:58: >> I need to have the tftpdir_rw_t and samba_share_t SELinux context >> on >> the same directory. >> >> How can we do this? Is it feasible to have more than one SELinux >> context? > > I don't think it's possible/feasible. > You'd probably need to add a new type and necessary rules to your

...and if there are any major restrictions (networking?) You would think that direct is faster, but I benchmarked this a while back and there's essentially no measurable difference. There are however big differences, and restrictions. Off the top of my head: - libvirt implements sVirt (http://selinuxproject.org/page/SVirt) so it's considerably more secure for examining untrusted disk images - libvirt allows hotplugging of drives, ie. you can call guestfs_add_drive_opts after launching the handle - there are some differences in how networking is done, although they are rather obscure (...

hi Just wondering if there is any statiscs report of selinxu usages in production environment? I know some still turn it off. thanks. min

Hi, total newbie on CentOS. Just firing up an install of 5.5 on a development webserver. Installed Webmin, Awstats, PHPMyAdmin and Drupal successfully. Yet to work on Sendmail and Samba. SELinux in enforcing mode, reporting "SELinux preventing ifconfig (ifconfig_t) "read write" to /var/webminsessiondb.pag (var_t)". Googled the error message without real success in finding fix

This patch set adds XSM security labels to useful debugging output locations, and fixes some assumptions that all interrupts behaved like GSI interrupts (which had useful non-dynamic IDs). It also cleans up the policy build process and adds an example of how to use the user field in the security context. Debug output: [PATCH 01/10] xsm: Add security labels to event-channel dump [PATCH 02/10] xsm:

From: Roberto Sassu <roberto.sassu at huawei.com> One of the major goals of LSM stacking is to run multiple LSMs side by side without interfering with each other. The ultimate decision will depend on individual LSM decision. Several changes need to be made to the LSM infrastructure to be able to support that. This patch set tackles one of them: gives to each LSM the ability to specify one