similar to: selinux on xen virtual machines

We're trying to migrate RHEL3 and CentOS4 based samba servers over to CentOS5, but it's a bleeding disaster. We cannot get it to work reliably with any version of CentOS5, i386 or x86_64, the included 3.0.x version of samba or 3.4.x/3.5.x compiled from source. The symptoms are: read access is extremely slow, write access seems to work in principle (e.g. creating a zeros-sized file on

I found a kickstart installation with part pv.100000 --size=1 --grow volgroup vol0 pv.100000 creates a partition with a size of 8TB even though more than 9TB is available. I need to go in manually with gdisk to destroy the partition and recreate it with all available space. No filesystem is specified be cause want to use xfs, which kickstart does not support out of the box. This is under

I'm trying to build a bugfixed anaconda package for 5.3 x84_64, but there are some fairly basic failures, like pkg-config .pc files not being found. When I modify the spec file accordingly, linking fails because installed libraries are not found. $ rpmbuild -ba anaconda.spec Executing(%prep): /bin/sh -e /var/tmp/rpm-tmp.25019 + umask 022 + cd /usr/src/redhat/BUILD + LANG=C + export LANG +

Hi all, I've started playing with kvm on CentOS 5.5, with not much success so far. In a nutshell, I have the same problem as http://lists.centos.org/pipermail/centos-virt/2010-April/001854.html I followed the RHEL5 virtualization guide to set up a bridge interface br0, and then used virt-install (rather than virt-manager - I like automation) to set up the vm. It hangs at some point.

Hi Guys, After some moths the server has been running in SELinux Permesive mode ... Some avc: denied messages has been recored ... I thought it was time to go to the next step and set SELinux Enforcing mode in the server ... it is a mail(postfix+cyrus+sasl), web, snmp with mrtg, squid sever with a local TLS configured for webmail access ... I took a look to the Deployment Guide about how to do

CentOS Linux release 7.2.1511 (Core) Hi, Last night our CentOS 7 server rebooted. Seemingly it's a very clean reboot. I can't find a shred of evidence as to why it happened though. Things I've checked: * sa reports * /var/log/{messages,secure,dmesg,cron} * /var/log/audit/audit.log * lastlog The host is used for KVM virtualisation and connects via multipathing to our OmniOS SAN via

I recently began getting periodic emails from SEalert that SELinux is preventing /usr/libexec/qemu-kvm "getattr" access from the directory I store all my virtual machines for KVM. All VMs are stored under /vmstore , which is it's own mount point, and every file and folder under /vmstore currently has the correct context that was set by doing the following: semanage fcontext -a -t

Hi, how do I allow lighttpd access to a directory like this: dr-xrwxr-x. lighttpd example unconfined_u:object_r:samba_share_t:s0 files_articles I tried to create and install a selinux module, and it didn?t work. The non-working module can not be removed, either: semodule -r lighttpd-files_articles.pp libsemanage.semanage_direct_remove_key: Unable to remove module lighttpd-files_articles.pp at

On 04/26/2017 04:22 AM, Gordon Messmer wrote: > On 04/25/2017 03:25 PM, Robert Moskowitz wrote: >> This made the same content as before that caused problems: > > I still don't understand, exactly. Are you seeing *new* problems > after installing a policy? What are the problems? > >> #!!!! The file '/var/lib/mysql/mysql.sock' is mislabeled on your system.

Following a hard drive corruption I have reinstalled the latest version of CentOS and all current patch files. For most applications I selected the default options. By doing this I expected that the packages would play nice with one another and I could customize as necessary. Setting SELinux to enforce I encountered all sorts of problems - but most were resolvable, save for Dovecot,

On Sat, Nov 20, 2010 at 3:25 PM, Lars Hecking <lhecking at users.sourceforge.net> wrote: > ?Possibly. Or possibly not. On a closely related topic, can you comment on > ?whether or not it's a good idea to install the nspluginwrapper rpms on x86_64? > ?They seem to be fundamentally broken. > I don't think you need it anymore with FF 3.6.

Hi, can anyone provide any pointers as to how to avoid this issue? A CentOS 5.3 domU on snv_111 dom0 is crashing on bott unless I remove /lib/modules/2.6.18-128.1.6.el5/kernel/drivers/xenpv_hvm dom0: haggis:~$ uname -a SunOS haggis 5.11 snv_111 i86pc i386 i86xpv Name: SUNWxvm Summary: Hypervisor Header Files Category: System/Virtualization State: Installed

I'm following this thread here http://www.centos.org/modules/newbb/viewtopic.php?topic_id=23749&forum=38 to build an rpm for thunderbird 3.1.6/3.1.7 from source. While it works well on i386, compilation fails for x86_64. Any advice how to fix the spec file? ... rm -f libthebes.so c++ -fno-rtti -fno-exceptions -Wall -Wpointer-arith -Woverloaded-virtual -Wsynth

CentOS-6.1 KVM guest on CentOS-6.1 host. I am seeing this SEAlert in the /var/log/audit/audit.log file a new guest immediately after startup. Can someone tell me what it means and what I should do about it? A Google search reveals a number of Fedora issues with similar errors dating back a few years; most of which seem to have something to do with package ownership. This guest starts without

Getting module_request errors from SELinux. Errors being thrown by metacity sendmail.postfix cleanup trivial-rewarite local postdrop pickup All errors are essentially the same System was working well until I began to apply some basic security hardening configuration. Postfix started complaining when I made /tmp noexec, nodev, nosuid, and then did a mount --bind of /var/tmp under

I'm trying to use rysnc to back up some directories on a CentOS6 machine that uses selinux in enforcing mode. Most files didn't transfer, so I tried the example from rsync_selinux(8): Allow rsync servers to read the /var/rsync directory by adding the pub- lic_content_t file type to the directory and by restoring the file type. semanage fcontext -a -t

I need to support 3.9 for another while and thought I would set up a local repo with base and updates merged into one. How can I update repodata? I don't see createrepo in 3.9. --------------------------------------------------------------- This message and any attachments may contain Cypress (or its subsidiaries) confidential information. If it has been received in error, please advise

Which configuration or rc script is responsible for loading the kvm modules on CentOS 5.4/5.5? They interfere with vmware. --------------------------------------------------------------- This message and any attachments may contain Cypress (or its subsidiaries) confidential information. If it has been received in error, please advise the sender and immediately delete this message.

Hi all, I'm updating a customised CentOS 5.2 repo to 5.4. After running createrepo, I find all the usual .xml.gz files updated, but the sqlite.bz2 files have not been touched. What is the significance of these files? If they need to be updated, how is it done? -r--r--r-- 1 user group 1811 Oct 1 2009 TRANS.TBL -rw-r--r-- 1 user group 1050329 May 12 11:04 comps.xml -rw-r--r-- 1 user

The 5.3 upgrade broke the kickstart procedures for my xen virtual machines. They are installed via http. 1. The installer sets up the timezone interactively even though it is specified in the kickstart file. Not a big deal, though. 2. The installer hangs unpredictably when installing selinux-policy-targeted-2.4.6-203.el5.noarch.rpm. Performing a dozen or so installs, sometimes the