Displaying 11 results from an estimated 11 matches for "system_conf_t".
2018 Sep 09
3
Type enforcement / mechanism not clear
...9.09.2018 um 14:49 schrieb Daniel Walsh <dwalsh at redhat.com>:
>
> On 09/08/2018 09:50 PM, Leon Fauster via CentOS wrote:
>> Any SElinux expert here - briefly:
>>
>> # getenforce
>> Enforcing
>>
>> # sesearch -ACR -s httpd_t -c file -p read |grep system_conf_t
>> <no output>
>>
>> # sesearch -ACR -s httpd_t -c file -p read |grep syslog_conf_t
>> <no output>
>>
>> # ls -laZ /etc/sysctl.conf /etc/rsyslog.conf
>> -rw-r--r--. root root system_u:object_r:syslog_conf_t:s0 /etc/rsyslog.conf
>> -rw-r...
2018 Sep 10
1
Type enforcement / mechanism not clear
...at redhat.com>:
>>> On 09/08/2018 09:50 PM, Leon Fauster via CentOS wrote:
>>>> Any SElinux expert here - briefly:
>>>>
>>>> # getenforce
>>>> Enforcing
>>>>
>>>> # sesearch -ACR -s httpd_t -c file -p read |grep system_conf_t
>>>> <no output>
>>>>
>>>> # sesearch -ACR -s httpd_t -c file -p read |grep syslog_conf_t
>>>> <no output>
>>>>
>>>> # ls -laZ /etc/sysctl.conf /etc/rsyslog.conf
>>>> -rw-r--r--. root root system_u:ob...
2018 Sep 09
2
Type enforcement / mechanism not clear
Any SElinux expert here - briefly:
# getenforce
Enforcing
# sesearch -ACR -s httpd_t -c file -p read |grep system_conf_t
<no output>
# sesearch -ACR -s httpd_t -c file -p read |grep syslog_conf_t
<no output>
# ls -laZ /etc/sysctl.conf /etc/rsyslog.conf
-rw-r--r--. root root system_u:object_r:syslog_conf_t:s0 /etc/rsyslog.conf
-rw-r--r--. root root system_u:object_r:system_conf_t:s0 /etc/sysctl.conf
#...
2018 Sep 09
0
Type enforcement / mechanism not clear
...chrieb Daniel Walsh <dwalsh at redhat.com>:
>> On 09/08/2018 09:50 PM, Leon Fauster via CentOS wrote:
>>> Any SElinux expert here - briefly:
>>>
>>> # getenforce
>>> Enforcing
>>>
>>> # sesearch -ACR -s httpd_t -c file -p read |grep system_conf_t
>>> <no output>
>>>
>>> # sesearch -ACR -s httpd_t -c file -p read |grep syslog_conf_t
>>> <no output>
>>>
>>> # ls -laZ /etc/sysctl.conf /etc/rsyslog.conf
>>> -rw-r--r--. root root system_u:object_r:syslog_conf_t:s0 /etc/r...
2015 Dec 24
2
systemd-sysctl not running on boot
On 12/23/2015 11:12 PM, Ofer Hasson wrote:
> [root at web-devel-local-1 ~]# /usr/lib/systemd/systemd-sysctl
> [root at web-devel-local-1 ~]# cat /proc/sys/vm/swappiness
> 10
So... you know that it works when you run it from a root shell, but not
during boot. Is the file labeled properly? Anything in audit.log?
2018 Sep 09
0
Type enforcement / mechanism not clear
On 09/08/2018 09:50 PM, Leon Fauster via CentOS wrote:
> Any SElinux expert here - briefly:
>
>
> # getenforce
> Enforcing
>
> # sesearch -ACR -s httpd_t -c file -p read |grep system_conf_t
> <no output>
>
> # sesearch -ACR -s httpd_t -c file -p read |grep syslog_conf_t
> <no output>
>
> # ls -laZ /etc/sysctl.conf /etc/rsyslog.conf
> -rw-r--r--. root root system_u:object_r:syslog_conf_t:s0 /etc/rsyslog.conf
> -rw-r--r--. root root system_u:object_r...
2015 Dec 28
2
systemd-sysctl not running on boot
...et: Re: [CentOS] systemd-sysctl not running on boot
> [root at web-devel-local-1 ~]# ll -Z /etc/ | grep sysctl
> drwxr-xr-x. root root system_u:object_r:etc_t:s0 sysctl.d
>
> [root at web-devel-local-1 ~]# ll -Z /etc/sysctl.d/
> -rw-r--r--. root root unconfined_u:object_r:system_conf_t:s0 sysctl.conf
>
Is there a relationship with the new symlink created by the upgrade in my servers ?
# ls -l /etc/sysctl.d/
total 0
lrwxrwxrwx. 1 root root 14 23 d?c. 18:11 99-sysctl.conf -> ../sysctl.conf
# yum provides /etc/sysctl.d/99-sysctl.conf
initscripts-9.49.30-1.el7.x86_64 : T...
2018 Sep 09
1
Type enforcement / mechanism not clear
On 09/09/2018 07:19 AM, Daniel Walsh wrote:
> sesearch -A -s httpd_t -t system_conf_t -p read
>
> If you feel that these files should not be part of the base_ro_files
> then we should open that for discussion.
I think the question was how users would know that the policy allowed
access, as he was printing rules affecting httpd_t's file read access,
and looking for...
2015 Dec 24
0
systemd-sysctl not running on boot
...nything related in the audit log (I'm using audit2why).
As for labeling:
[root at web-devel-local-1 ~]# ll -Z /etc/ | grep sysctl
drwxr-xr-x. root root system_u:object_r:etc_t:s0 sysctl.d
[root at web-devel-local-1 ~]# ll -Z /etc/sysctl.d/
-rw-r--r--. root root unconfined_u:object_r:system_conf_t:s0 sysctl.conf
On Thu, Dec 24, 2015 at 10:51 AM, Gordon Messmer <gordon.messmer at gmail.com>
wrote:
> On 12/23/2015 11:12 PM, Ofer Hasson wrote:
>
>> [root at web-devel-local-1 ~]# /usr/lib/systemd/systemd-sysctl
>> [root at web-devel-local-1 ~]# cat /proc/sys/vm/swappine...
2015 Dec 28
0
systemd-sysctl not running on boot
...ctl not running on boot
>
> > [root at web-devel-local-1 ~]# ll -Z /etc/ | grep sysctl
> > drwxr-xr-x. root root system_u:object_r:etc_t:s0 sysctl.d
> >
> > [root at web-devel-local-1 ~]# ll -Z /etc/sysctl.d/
> > -rw-r--r--. root root unconfined_u:object_r:system_conf_t:s0 sysctl.conf
> >
> Is there a relationship with the new symlink created by the upgrade in my
> servers ?
>
> # ls -l /etc/sysctl.d/
> total 0
> lrwxrwxrwx. 1 root root 14 23 d?c. 18:11 99-sysctl.conf ->
> ../sysctl.conf
>
> # yum provides /etc/sysctl.d/99-s...
2016 Feb 17
1
New glibc for CentOS-6 and CentOS-7 and CVE-2015-7547
> The easy answer is yes .. glibc requires so many things to be restarted,
> that is the best bet. Or certainly the easiest.
>
> Note: in CentOS 7, there is also a kernel update which is rated as
> Important .. so you should boot to that anyway:
> https://lists.centos.org/pipermail/centos-announce/2016-February/021705.html
>
> Here is a good link to figure out what to