Displaying 3 results from an estimated 3 matches for "syslogd_var_run_t".
2015 Mar 10
0
Fail2Ban Centos 7 is there a trick to making it work?
...-firewalld and -systemd modules, and I had to setup some SELinux rules to make it working right. This is the policy I add to the CentOS 7 machines:
module fail2ban-journal-sepol-new 1.0;
require {
type fail2ban_client_exec_t;
type logrotate_t;
type fail2ban_t;
type syslogd_var_run_t;
class dir read;
class file { ioctl read execute execute_no_trans open getattr };
}
#============= fail2ban_t ==============
#!!!! This avc is allowed in the current policy
allow fail2ban_t syslogd_var_run_t:dir read;
#!!!! This avc is allowed in the current policy
allow fail2ban...
2015 Mar 10
2
Fail2Ban Centos 7 is there a trick to making it work?
On Mon, March 9, 2015 13:11, John Plemons wrote:
> Been working on fail2ban, and trying to make it work with plain Jane
> install of Centos 7
>
> Machine is a HP running 2 Quad core Xeons, 16 gig or ram and 1 plus TB
> of disk space. Very generic and vanilla.
>
> Current available epel repo version is fail2ban-0.9.1
>
> Looking at the log file, fail2ban starts and stops
2015 Oct 09
2
CentOS-6 SSHD chroot SELinux problem
...low chroot_user_t cyphesis_port_t:tcp_socket name_connect;
allow chroot_user_t user_home_t:chr_file open;
#============= syslogd_t ==============
#!!!! The source type 'syslogd_t' can write to a 'dir' of the
following types:
# var_log_t, var_run_t, syslogd_tmp_t, syslogd_var_lib_t,
syslogd_var_run_t, innd_log_t, device_t, tmp_t, logfile,
cluster_var_lib_t, cluster_var_run_t, root_t, krb5_host_rcache_t,
cluster_conf_t, tmp_t
allow syslogd_t user_home_t:dir write;
My questions are:
Do SE booleans settings exist that permit chrooted ssh access to
forward https and log the activity? If so the...