similar to: SELinux policy change in new update?

Displaying 20 results from an estimated 3000 matches similar to: "SELinux policy change in new update?"

2008 Aug 23
2
CentOS 5.2 + SELinux + Apache/PHP + Postfix
Hi All, I'm running CentOS 5.2 with SELinux in enforcing mode (default targeted policy). The server hosts a PHP web app that sends mail. I'm getting the following errors (see end of message) in my selinux audit.log file every time the app sends an email. The email always seems to get sent successfully, despite the log messages. However, they do concern me and I would like to understand
2018 Nov 11
0
CentOS 6: Logrotate / selinux problem
Ever since a recent power failure I have been getting a Logrotate error. My machine is on a UPS -- it shutdown cleanly, but I suspect that its BIOS/RTC battery is dead, since the machine came up thinking it was 1982 :-(. I reset the clock and everything is fine, *except* I had to delete Logrotate's state files (which had bad dates). But now Logrotate is raising the error: error: error
2020 Apr 09
2
fail2ban firewalld problems with current CentOS 7
Hi! I have a server running CentOS 7.7 (1908) with all current patches installed. I think this server should be a quite standard installation with no specialities On this server I have fail2ban with an apache and openvpn configuration. I'm using firewalld to manage the firewall rules. Fail2an is configured to use firewalld: [root at server ~]# ll /etc/fail2ban/jail.d/ insgesamt 12
2016 Dec 28
4
Help with httpd userdir recovery
On 12/28/2016 05:11 AM, Todor Petkov wrote: > On Wed, Dec 28, 2016 at 5:18 AM, Robert Moskowitz <rgm at htt-consult.com> wrote: >> Which is why I wonder if there is some different config for the C7.3 version >> of apache. >> >> Or something with the C7-arm build... > Can you check for SELinux warnings/errors in /var/log/audit/audit.log? Good advice. As I
2016 Dec 28
0
Help with httpd userdir recovery
Robert Moskowitz wrote: > On 12/28/2016 05:11 AM, Todor Petkov wrote: >> On Wed, Dec 28, 2016 at 5:18 AM, Robert Moskowitz <rgm at htt-consult.com> >> wrote: >>> Which is why I wonder if there is some different config for the C7.3 >>> version >>> of apache. >>> >>> Or something with the C7-arm build... >> Can you check for
2016 Dec 28
0
Help with httpd userdir recovery
On 28/12/16 20:11, Robert Moskowitz wrote: > > > On 12/28/2016 01:53 PM, m.roth at 5-cent.us wrote: >> Robert Moskowitz wrote: >>> On 12/28/2016 05:11 AM, Todor Petkov wrote: >>>> On Wed, Dec 28, 2016 at 5:18 AM, Robert Moskowitz <rgm at htt-consult.com> >>>> wrote: >>>>> Which is why I wonder if there is some different config
2016 Dec 28
0
Help with httpd userdir recovery
Robert Moskowitz wrote: > > > On 12/28/2016 03:32 PM, J Martin Rushton wrote: >> >> On 28/12/16 20:11, Robert Moskowitz wrote: >>> >>> On 12/28/2016 01:53 PM, m.roth at 5-cent.us wrote: >>>> Robert Moskowitz wrote: >>>>> On 12/28/2016 05:11 AM, Todor Petkov wrote: >>>>>> On Wed, Dec 28, 2016 at 5:18 AM, Robert
2016 Dec 28
3
Help with httpd userdir recovery
On 12/28/2016 01:53 PM, m.roth at 5-cent.us wrote: > Robert Moskowitz wrote: >> On 12/28/2016 05:11 AM, Todor Petkov wrote: >>> On Wed, Dec 28, 2016 at 5:18 AM, Robert Moskowitz <rgm at htt-consult.com> >>> wrote: >>>> Which is why I wonder if there is some different config for the C7.3 >>>> version >>>> of apache.
2017 Sep 04
5
selinux denial of cgi script with httpd using ssl
Thanks for your help. I did pick up an additional entry in the audit file : type=AVC msg=audit(1504561395.709:10196): avc: denied { execute } for pid=19163 comm="/usr/sbin/httpd" name="s.check.cgi" dev="dm-0" ino=537182029 scontext=system_u:system_r:httpd_t:s0 tcontext=unconfined_u:object_r:httpd_sys_content_t:s0 tclass=file Unfortunately, I am not sure how the
2016 Dec 28
0
Help with httpd userdir recovery
On 12/28/2016 06:05 PM, J Martin Rushton wrote: > > On 28/12/16 21:24, m.roth at 5-cent.us wrote: >> Robert Moskowitz wrote: >>> >>> On 12/28/2016 03:32 PM, J Martin Rushton wrote: >>>> On 28/12/16 20:11, Robert Moskowitz wrote: >>>>> On 12/28/2016 01:53 PM, m.roth at 5-cent.us wrote: >>>>>> Robert Moskowitz wrote:
2016 Dec 28
0
Help with httpd userdir recovery
On 12/28/2016 06:13 PM, Greg Cornell wrote: > On 12/28/16, 3:09 PM, "CentOS on behalf of Robert Moskowitz" <centos-bounces at centos.org on behalf of rgm at htt-consult.com> wrote: > > > > On 12/28/2016 06:05 PM, J Martin Rushton wrote: >> On 28/12/16 21:24, m.roth at 5-cent.us wrote: >>> Robert Moskowitz wrote: >>>> On 12/28/2016 03:32 PM,
2016 Dec 28
2
Help with httpd userdir recovery
On 28/12/16 21:24, m.roth at 5-cent.us wrote: > Robert Moskowitz wrote: >> >> >> On 12/28/2016 03:32 PM, J Martin Rushton wrote: >>> >>> On 28/12/16 20:11, Robert Moskowitz wrote: >>>> >>>> On 12/28/2016 01:53 PM, m.roth at 5-cent.us wrote: >>>>> Robert Moskowitz wrote: >>>>>> On 12/28/2016 05:11 AM,
2016 Dec 28
4
Help with httpd userdir recovery
On 12/28/2016 03:32 PM, J Martin Rushton wrote: > > On 28/12/16 20:11, Robert Moskowitz wrote: >> >> On 12/28/2016 01:53 PM, m.roth at 5-cent.us wrote: >>> Robert Moskowitz wrote: >>>> On 12/28/2016 05:11 AM, Todor Petkov wrote: >>>>> On Wed, Dec 28, 2016 at 5:18 AM, Robert Moskowitz <rgm at htt-consult.com> >>>>> wrote:
2016 Dec 28
1
Help with httpd userdir recovery
On 12/28/16, 3:28 PM, "CentOS on behalf of Robert Moskowitz" <centos-bounces at centos.org on behalf of rgm at htt-consult.com> wrote: On 12/28/2016 06:13 PM, Greg Cornell wrote: > On 12/28/16, 3:09 PM, "CentOS on behalf of Robert Moskowitz" <centos-bounces at centos.org on behalf of rgm at htt-consult.com> wrote: > > > > On 12/28/2016 06:05 PM, J
1999 Jan 04
0
Tripwire mess..
This may be, or may not be a security issue, however, since alot of people still use tripwire-1.2 or lesser versions(this is what shipped with R.H. Linux 5.2 at least), they might be interested in following detail: Chuck Campbell (campbell@neosoft.com) pointed me out that tripwire dies with coredump on R.H. linux, if it hits a filename containing 128-255 characters. Playing a bit with debugger I
2016 Dec 28
2
Help with httpd userdir recovery
On 12/28/16, 3:09 PM, "CentOS on behalf of Robert Moskowitz" <centos-bounces at centos.org on behalf of rgm at htt-consult.com> wrote: On 12/28/2016 06:05 PM, J Martin Rushton wrote: > > On 28/12/16 21:24, m.roth at 5-cent.us wrote: >> Robert Moskowitz wrote: >>> >>> On 12/28/2016 03:32 PM, J Martin Rushton wrote: >>>> On 28/12/16 20:11,
2007 Jul 05
0
tripwire / .xauth$$$$ problem on Centos5
Dear All, I'm using Centos5 to run a firewall, and as part of the intrusion detection apparatus, I use tripwire (tripwire-2.4.1.1-1.fc6.x86_64.rpm - as made for fedora core 6, and then tweaked with my own twpol.txt). My problem, is that when I su to root, a .xauth file is created with a random tail name - i.e. /root/.xauthyN4aHS or /root/.xauth1sGdFh and this causes tripwire to
2014 Aug 22
2
Yum update changes inode of file
Hi folks, on CentOS 6.5 I run tripwire software which verifies data integrity. My system is automatically updated by yum (as far as I understand the /etc/cron.daily/0yum.cron is responsible for the regular system updates). After a system update I'm then notified by tripwire about the changes on the file system. By browsing those tripwire reports I found that there are files which did
2009 Nov 04
3
Tripwire Question
I'm trying to run tripwire on a RHEL 5.4 box. I'm new to it. I'm getting errors: The object: "/ora" is on a different file system...ignoring. For one thing, it's not a different file system. It's not any different than the root partition, that tripwire will monitor. And I want tripwire to monitor it. I've been googling around, and have seen this error in
2006 Jun 14
3
Tripwire for CentOS
Hi, I literally have about 36 machines running CentOS on a private network, and will probably change the remaining 30 or so away from Whitebox or RH in the near term. One thing I just noticed was when I tried to search out Tripwire RPM's, that none seemed evident. Can anyone point me in the direction of an Tripwire RPM that works with CentOS 4.3, or advise me on how to create one from the