Displaying 20 results from an estimated 100 matches similar to: "Apache php and exim"
2011 Jan 17
1
SELinux : semodule_package, magic number does not match
Hello,
I am trying to create a custom policy, but with no succes :
$ cat <<EOF> foo.te
module local 1.0;
require {
type httpd_sys_script_exec_t;
type httpd_sys_script_t;
class lnk_file read;
}
#============= httpd_sys_script_t ==============
allow httpd_sys_script_t httpd_sys_script_exec_t:lnk_file read;
EOF
$ checkmodule -M -m -o foo.mod foo.te
checkmodule:
2017 Sep 22
2
selinux prevents lighttpd from printing
PS: Now I found this:
type=PROCTITLE msg=audit(09/22/2017 12:08:29.911:1023) : proctitle=/usr/lib/sendmail -t -oi -oem -fwawi-genimp
type=SYSCALL msg=audit(09/22/2017 12:08:29.911:1023) : arch=x86_64 syscall=setgroups success=no exit=EPERM(Operation not permitted) a0=0x1 a1=0x7ffc1df3b0d0 a2=0x0 a3=0x7f5d77c3a300 items=0 ppid=19417 pid=19418 auid=unset uid=lighttpd gid=lighttpd euid=root
2017 Sep 22
1
selinux prevents lighttpd from printing
Daniel Walsh wrote:
> On 09/22/2017 06:58 AM, hw wrote:
>>
>> PS: Now I found this:
>>
>>
>> type=PROCTITLE msg=audit(09/22/2017 12:08:29.911:1023) : proctitle=/usr/lib/sendmail -t -oi -oem -fwawi-genimp
>> type=SYSCALL msg=audit(09/22/2017 12:08:29.911:1023) : arch=x86_64 syscall=setgroups success=no exit=EPERM(Operation not permitted) a0=0x1
2012 Jan 11
2
SELinux blocking cgi script from "writing to socket (httpd_t)"
Is this really supposed to get easier over time? :) Now my audit.log
file shows that SELinux is blocking my cgi script, index.cgi (which is
what's actually served when the user visits the front page of one of our
proxy sites like sugarsurfer.com) from having '"read write" to socket
(httpd_t)'. I have no idea what that means, except that I thought that
cgi scripts were
2019 Jan 18
1
SElinux AVC signull
Hi Leon,
I don't have access to a CentOS 6.10 system handy, but it looks like a
policy issue. If I take you're ausearch output and pipe it to
audit2allow on my CentOS 7.6 system, I get the following:
#============= httpd_t ==============
#!!!! This avc is allowed in the current policy
allow httpd_t httpd_sys_script_t:process signull;
Noting that on my 7.6 system with selinux enforcing
2007 Jun 12
1
Selinux custom policy issue - Centos 5
Hi,
I've got a Centos 5 box (recently replaced a Centos4 box of the
same function). The means of applying custom SELinux policy has changed
somewhat from 4->5. I've got it mostly figured out; I have a local.te
file with my custom policy and also which defines a few new file types,
and a local.fc with appropriate defintions of file contexts. When I
run:
# checkmodule -M -m -o
2007 Jul 19
1
semodule - global requirements not met
I'm busy setting up amavisd-new on a CentOS 5.0 box - and believe I've
got it working well enough that I can switch selinux enforcing back on
again.
I've done the usual-
- grab a chunk of the audit.log that is relevant to all the actions
that would be denied.
- do 'cat audit.log | audit2allow -M amavis' to generate the module
- amavis.te looks like:
module amavis 1.0;
2008 Nov 04
1
How to get Bugzilla working on CentOS 5.2 with SELinux turned on?
Hi. Has anyone figured out how to get Bugzilla working on CentOS 5.2
WITHOUT TURNING OFF SELINUX?
I've run
chcon -R --reference=/var/www/html /path/to/bugzilla
and added the following module (generated by audit2allow), but am
still getting errors in my Web browser tryinig to use Bugzilla:
Software error:
Can't connect to the database.
Error: could not connect to server:
2017 Sep 22
0
selinux prevents lighttpd from printing
On 09/22/2017 06:58 AM, hw wrote:
>
> PS: Now I found this:
>
>
> type=PROCTITLE msg=audit(09/22/2017 12:08:29.911:1023) :
> proctitle=/usr/lib/sendmail -t -oi -oem -fwawi-genimp
> type=SYSCALL msg=audit(09/22/2017 12:08:29.911:1023) : arch=x86_64
> syscall=setgroups success=no exit=EPERM(Operation not permitted)
> a0=0x1 a1=0x7ffc1df3b0d0 a2=0x0 a3=0x7f5d77c3a300
2010 Sep 26
1
Bugzilla 3.6.2 + sendmail + SELinux
Hello,
I have deployed Bugzilla 3.6.2 on CentOS 5 (with rpmforge perl-*
packages) and I have a problem with SELinux preventing mail being sent
via sendmail.
(see SELinux reports below, especially the second one)
When SELinux is in permissive mode, mail sending from Bugzilla is
working properly.
Has anybody got recent Bugzilla to work with SELinux on CentOS?
Thanks in advance!
Mathieu
2017 Sep 20
2
selinux prevents lighttpd from printing
On 09/20/2017 07:19 AM, hw wrote:
> hw wrote:
>>
>> Hi,
>>
>> how do I allow CGI programs to print (using 'lpr -P some-printer
>> some-file.pdf') when
>> lighttpd is being used for a web server?
>>
>> When selinux is permissive, the printer prints; when it?s enforcing,
>> the printer
>> does not print, and I?m getting the log
2009 Oct 04
2
deliver stopped working
Hi:
I have been using Dovecot for well over a year now and it has always worked with few
problems. The mail setup is not simple...
Postfix+MailScanner+ClamAV+Docvecot+MySql+postfix.admin... just to mention the major
things. The system is CentOS 5.3 on VMware. The maildir is on an NFS share, index and
control is local.
About a month ago I thought I upgraded from 1.1.x to 1.2.x. by doing an
2008 Dec 06
0
Trying to setting a selinux policy to Nagios 3.0.6 on CentOS 5.2 .
Hello,
I'm trying to run Nagios 3.0.6 on CentOS 5.2 with SELinux in enforcing mode but
it is not working.
I'm using the following packages:
httpd-2.2.3-11.el5_2.centos.4
nagios-3.0.6-1.el5.rf
nagios-plugins-1.4.12-1.el5.rf
I followed the steps bellow to try to create a selinux policy to Nagios but it
is failing.
Any help, please?
# setenforce Permissive
# service nagios start
#
2006 Jul 05
5
cacti on centos
Hi all,
I'm trying to get Cacti installed on my CentOS 4.3 x86_64 box. I've
got all of required packages installed, and created database file, and
followed all the instructions in install manual.
However, when I get login screen and use admin for username/password,
it simply redirects me straight back to login screen. Looking at
user_log table, the authentication was
2019 Jan 17
0
SElinux AVC signull
I have some perl scripts running via CGI to print some monitoring informations out.
# cat /etc/redhat-release
CentOS release 6.10 (Final)
# getenforce
Enforcing
# LANG=C ausearch -m avc --start today
type=SYSCALL msg=audit(1547733474.941:28): arch=c000003e syscall=62 success=no exit=-13 a0=641 a1=0 a2=7f33500079b0 a3=31372f656d6f7268 items=0 ppid=1399 pid=1439 auid=4294967295 uid=48 gid=48
2012 May 28
0
Another odd SELinux message
Does anyone recognize this sort of message or have any idea what might
cause it?
May 28 11:00:06 inet09 setroubleshoot: [avc.ERROR] Plugin Exception
catchall #012Traceback (most recent call last):#012 File
"/usr/lib64/python2.6/site-packages/setroubleshoot/analyze.py", line
191, in analyze_avc#012 report = plugin.analyze(avc)#012 File
2005 Feb 09
1
FW: Drawing maps of UK
Hi Guys
Thanks for this! As I am a beginner, I bet I'm running into some really
basic problems. Using the example from the Map2poly function in
maptools:
try <- read.shape("euadmll.shp")
mappolys <- Map2poly(try)
# this produces 14 warnings() of the type:
# 1: level 2 circularity at 62 in: .mtlbuild(.mtafters(r1), rD) # etc #
14: From next release, default hole handling
2014 Jul 11
0
Wine release 1.7.22
The Wine development release 1.7.22 is now available.
What's new in this release (see below for details):
- Support for Unicode bracketing pairs.
- Improved Internet cookie support.
- OS X CoreAudio driver uses AUHAL instead of AudioQueue.
- Initial support for geographical information.
- Various bug fixes.
The source is available from the following locations:
2007 Jun 22
2
InfiniBand device in Xen
Hello,
I''m trying to get working infiniband device in Xen. I have Xen v3 with 2.6.18
kernel. I export PCI device from Dom0 into DomU. I''ve enabled permisive device
in Dom0.
However, inserting infiniband module results in the following messages (with
little more verbosity which I have added):
pcifront pci-0: Installing PCI frontend
pcifront pci-0: Creating PCI Frontend Bus
2012 Jan 04
1
selinux context for mm-handler?
I've got a Mailman installation running on CentOS 4 that I'd like to
migrate to a CentOS 6 box.
My big obstacle at present is getting Mailman's mm-handler Perl
script to run as a Sendmail local mailer with SELinux enabled.
I've tried changing mm-handler's selinux context type a few times, but
nothing has resulted in success:
context result