search for: semanag

...ck points out a few things to correct: [root at VIRTCENT04:~]#cobbler check The following are potential configuration items that you may want to fix: 1 : you need to set some SELinux content rules to ensure cobbler serves content correctly in your SELinux environment, run the following: /usr/sbin/semanage fcontext -a -t public_content_t "/tftpboot/.*" && /usr/sbin/semanage fcontext -a -t public_content_t "/var/www/cobbler/images/.*" 2 : you need to set some SELinux rules if you want to use cobbler-web (an optional package), run the following: /usr/sbin/semanage fcontext...

In this wiki article: https://wiki.centos.org/HowTos/SetUpSamba ?there is a command down in section 2 that gives an error here on CentOS 7: $ sudo semanage fcontext ?at samba_share_t /path/to/share ?noise noise noise? semanage: error: unrecognized arguments: samba_share_t /path/to/share That and the following restorecon command can be replaced by a single shorter command, which also fixes the symptom: $ sudo chcon -R -t samba_share_t /...

hi, i want set selinux to usw with ntpd but when i run (as described in wiki) semanage -a -t ntpd_t "/usr/local/samba/var/lib/ntp_signd" i have that error " usage: semanage [-h] {import,export,login,user,port,ibpkey,ibendport,interface,module,node,fcontext,boolean,permissive,dontaudit} ... semanage: error: argument subcommand: inva...

Thanks, I managed to fix /var/lib/mysql # ls -ldZ /var/lib/mysql drwxr-xr-x. mysql mysql system_u:object_r:mysqld_db_t:s0 /var/lib/mysql To fix it, I tried: semanage fcontext -d -e /var/lib/mysql this command returned: KeyError: /var/lib/mysql I tried restorecon anyway: restorecon -Rv /var/lib/mysql But not better: ls -ldZ /var/lib/mysql drwxr-xr-x. mysql mysql system_u:object_r:var_lib_t:s0 /var/lib/mysql So I did the following: semanage fcontext -d -t var...

Warren Young wrote: > On May 8, 2019, at 9:31 AM, mark <m.roth at 5-cent.us> wrote: > >> semanage -fcontext -a -t lib_t "/<elided>/smwa/webagent/bin(/.*).so? > > [snip] > >> What am I doing wrong? >> <snip> > Also, I?m confused by the parens in your file path. Whether your shell > is or not is a different question. I'm following the manpage, se...

Hi, I''m just trying to get an idea about the best way to implement this: I want a type that uses the ''semanage'' binary to manage targeted policy (in this case for files). So for example to create a targeted policy, I might do something like: semanage fcontext -a -f -d -t some_domain_t "/path/to/files(/.*)?" ... which would add a target policy that sets ''some_domain_t'...

Interesting to see the Equivalence. As a first thing, I tried: semanage fcontext -a -e /var/lib/mysql.old /var/lib/mysql then restorecon -R /var/lib/mysql # semanage fcontext -lC SELinux fcontext type Context /home/users(/.*)? all files system_u:object_r:user_home_dir_t:s0 /var/lib/mysql...

On May 4, 2018, at 5:13 PM, Gordon Messmer <gordon.messmer at gmail.com> wrote: > > On 05/04/2018 12:03 PM, Warren Young wrote: >> ?there is a command down in section 2 that gives an error here on CentOS 7: >> >> $ sudo semanage fcontext ?at samba_share_t /path/to/share >> ?noise noise noise? >> semanage: error: unrecognized arguments: samba_share_t /path/to/share > > What is "noise" exactly? I don't get errors from that command: The full message is: usage: semanage [-h]...

We're forced to use Siteminder, by CA, who have no clue what they're doing in *nix. No packages, tarballs... Anyway, I'm trying clean up some stuff, and in /*/smwa/webagent/bin (all their binaries, including .so's, are in there, duh... I'm trying to set the .so's to lib_t. semanage -fcontext -a -t lib_t "/<elided>/smwa/webagent/bin(/.*).so" gives me the completely unexpected response of semanage: error: argument subcommand: invalid choice: 'lib_t' (choose from 'import', 'export', 'login', 'user', 'port', 'i...

Folks, Should semanage be part of the policycoreutils package? At least in 6.x, it's not. mark

I have experienced this myself. It is very upsetting. (Sent from iPhone, so please accept my apologies in advance for any spelling or grammatical errors.) > On Jan 19, 2017, at 2:57 AM, Fabian Arrotin <arrfab at centos.org> wrote: > > log

Hi, I tried to apply a security context on a directory with the following commands: [root@ local]# semanage fcontext -a -t httpd_sys_rw_content_t "netdot(/.*)?" [root@ local]# restorecon -R netdot/ When I list the contexts, it is part of the list.... [root@ local]# semanage fcontext -l | grep netdot ./netdot(/.*)? all files system_u:object_r:httpd_sys_rw_c...

...ct_r:virsh_exec_t:s0 while logwatch.pl runs as system_u:object_r:logwatch_exec_t:s0 As I understand it, selinux does not permit having multiple type settings for a file. Any file can have exactly one type setting. I ran this command hoping it would add another type to the virsh program. semanage fcontext -a -t logwatch_exec_t /usr/bin/virsh semanage fcontext --list /usr/bin/virsh | grep virsh /usr/bin/virsh all files system_u:object_r:logwatch_exec_t:s0 /usr/bin/virsh regular file system_u:object_r:vi...

...e_t /mnt/data > > > > ?in order to match the text above it. > > Warren, > > I was just informed that the chcon command your suggested was > originally there, but it was replaced with the 2 line version > sometime > ago. The reason given was "Replace chcon by semanage/restorecon pair > to survive filesystem relabel". The comment is correct: chcon will not survive a relabel. You need to update the database first (semanage fcontext) and then let a relabel apply the new context. Louis

Hi All, Thanks for the information. But after resetting the semanage User/login, and moving the targeted folder to old one and then install the default target. then also its still showing the Id context as context=*system_u:system_r:unconfined_t:s0-s0:c0.c1023.* *What I observed is after changing the permission using semanage command also, its still showing the sy...

On 23 October 2017 at 19:18, Bernard Fay <bernard.fay at gmail.com> wrote: > Thanks, I managed to fix /var/lib/mysql > > # ls -ldZ /var/lib/mysql > drwxr-xr-x. mysql mysql system_u:object_r:mysqld_db_t:s0 /var/lib/mysql > > To fix it, I tried: > semanage fcontext -d -e /var/lib/mysql > this command returned: > KeyError: /var/lib/mysql > I tried restorecon anyway: > restorecon -Rv /var/lib/mysql > But not better: > ls -ldZ /var/lib/mysql > drwxr-xr-x. mysql mysql system_u:object_r:var_lib_t:s0 /var/lib/mysql > > So I di...

Hello, On Sonntag, 30. April 2017 18:40:23 CEST Gordon Messmer wrote: > On 04/30/2017 07:03 AM, G?nther J. Niederwimmer wrote: > > I write this! > > > > semanage fcontext -a -t httpd_sys_rw_content_t "/var/www/html(/.*)?/ > > typo3conf(/.*)?" > > OK. Did you get an error? I have only Errors ;-). when I like to set this Rule ? semanage fcontext -a -t httpd_sys_rw_content_t "/var/www/html(/.*)?/ typo3conf(/.*)?" This Erro...

.../lib/mysql.old to /var/lib/mysql. But then I got a selinux problem: # ls -ldZ mysql.old/ mysql drwxr-xr-x. mysql mysql system_u:object_r:var_lib_t:s0 mysql drwxr-xr-x. mysql mysql system_u:object_r:mysqld_db_t:s0 mysql.old/ I tried to changed the context on mysql with the following commands: # semanage fcontext -a -t mysqld_db_t "/var/lib/mysql(/.*)?" # restorecon -R -v /var/lib/mysql But the /var/lib/mysql directory didn't take the change as you can see below: # ls -ldZ mysql.old/ mysql drwxr-xr-x. mysql mysql system_u:object_r:var_lib_t:s0 mysql drwxr-xr-x. mysql mysql system_...

Hello, My problem is to add selinux policies can any help to say what is wrong with my policies I write this! semanage fcontext -a -t httpd_sys_rw_content_t "/var/www/html(/.*)?/ typo3conf(/.*)?" I have more instances from typo3 I found this construct in the selinux policies "/var/www/html(/.*)?/uploads(/.*)?" but my is not working ? and I have only errors? neverallow check failed at /etc/s...

...it2allow generates a list of rules that would allow the actions. The initial results seemed a bit overwhelming. To produce something more reasonable I decided to utilise the file contexts defined in the Samba3 policy as a basis and apply them to the Samba4 installation. To list these contexts: # semanage fcontext -l | grep -e samba -e smbd I modified these to suit the Samba4 installation and defined a set of rules to relabel the Samba4 directories acordingly. These are applied as follows: # semanage fcontext -a -t samba_initrc_exec_t "/etc/rc\.d/init\.d/samba4" # semanage fcontext -a -...