Displaying 12 results from an estimated 12 matches similar to: "pppd does not work if SELinux is turned on."
2010 Mar 19
0
How to disable selinux protection interfering with pppd? I tried audit2allow, but policy does not load. Is there an seboolean?
CentOS release 5.4 (Final)
I run pppd on this system, it accepts dial-in connections, logs people
in over ssh/sftp.
I had selinux disabled on this system originally, but I recently
enabled it, and selinux
is blocking this pppd service.
"audit2allow -M" has generated the following policy based on AVC
denial messages:
module fixdialinserver 1.0;
require {
type pppd_t;
2020 Nov 10
0
Error from unix_chkpwd
Hi,
On CentOS 7.7.1908 I've got the following error message:
unix_chkpwd[1026]: could not obtain user info (root)
I dont' know why...
There are no SELinux errors, and the permissions of relevant files are:
ls -Z /etc/shadow /etc/passwd /usr/sbin/unix_chkpwd
-rw-r--r--. root root system_u:object_r:passwd_file_t:s0 /etc/passwd
----------. root root system_u:object_r:shadow_t:s0
2007 May 30
2
Centos 5 OpenVPN / SElinux
Hi,
I'm running Centos 5 32bit and installed openvpn-2.0.9-1.el5.rf from
Dag Wieers Repo. When OpenVPN is started during boot-up it just shows
an SElinux related error message. When I start OpenVPN manually after
the system has come up completely it works fine.
Here are all the messages from /var/log/messages that are SElinux related:
May 28 21:39:15 srsblnfw01 kernel:
2011 Nov 01
1
SELinux and SETroubleshootd woes in CR
I'm setting up a dedicated database server, and since this will be a
central service to my various web servers I wanted it to be as secure as
possible...so I am leaving SELinux enabled. However I'm having trouble
getting Apache to use mod_auth_pam. I also now can't get setroubleshootd
working to send me notifications of the denials and provide tips to solve
the problem.
The Apache
2014 Jan 13
1
Re: Livecd-creator is disabling selinux
[Moving this to the libguestfs mailing list]
On Mon, Jan 13, 2014 at 03:05:14PM -0500, Daniel J Walsh wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On 01/13/2014 11:49 AM, Richard W.M. Jones wrote:
> > On Mon, Jan 13, 2014 at 10:20:22AM -0500, Daniel J Walsh wrote:
> >> Secondly we prevent even unconfined_t from putting down labels on the
> >>
2010 Dec 06
1
CentOS 5 + selinux
I've just installed CentOS 5.5 and dovecot 2.0.7. Out of the box, it
worked ok with local user accounts. Then I enable selinux and I could
no loger login to imap server. I can deal with that via a local
policy. But I found dovecot tried to open /etc/shadow:
type=AVC msg=audit(1291490764.101:670): avc: denied { read } for
pid=16130 comm="auth" name="shadow" dev=md2
2009 Aug 27
1
SELinux messages after compiling new kernel
Hi,
I compiled a kernel from sources (2.6.30.5) and when system is booting
shows these errors:
SELinux: 61 classes, 69080 rules
SELinux: class peer not defined in policy
SELinux: class capability2 not defined in policy
SELinux: class kernel_service not defined in policy
SELinux: permission open in class dir not defined in policy
SELinux: permission open in class file not defined in policy
2012 Apr 20
1
Cannot login after modification shadow file with guestmount
Hi.
I have a VM with CentOs6.2 on KVM. I mount an image of the VM when it's
not working with guestmount:
root at diehard:~# guestmount -a named-centos.img -i tmp
vi /etc/shadow
insert comment line into the file (esc yy p 0 i # esc :wq!), save changes,
unmount the image, turn on the VM, and I cannot login.
I cannot login even if I recover the shadow file.
root at diehard:~# guestmount
2015 Nov 05
1
[PATCH 1/2] test-data: phony-guests: Don't use *.tmp.* temporary files.
---
test-data/phony-guests/Makefile.am | 3 +--
test-data/phony-guests/make-archlinux-img.sh | 4 ++--
test-data/phony-guests/make-coreos-img.sh | 10 ++++----
test-data/phony-guests/make-debian-img.sh | 10 ++++----
test-data/phony-guests/make-fedora-img.pl | 34 ++++++++++++++--------------
test-data/phony-guests/make-ubuntu-img.sh | 14 ++++++------
2015 Feb 04
6
Another Fedora decision
On Wed, 2015-02-04 at 14:55 -0700, Warren Young wrote:
> > On Feb 4, 2015, at 12:16 PM, Lamar Owen <lowen at pari.edu> wrote:
> >
> > Again, the real bruteforce danger is when your /etc/shadow is exfiltrated by a security vulnerability
>
> Unless you have misconfigured your system, anyone who can copy /etc/shadow already has root privileges. They don?t need to
2007 Jan 11
6
[PATCH 4/8] HVM save restore: vcpu context support
[PATCH 4/8] HVM save restore: vcpu context support
Signed-off-by: Zhai Edwin <edwin.zhai@intel.com>
save/restore HVM vcpu context such as vmcs
diff -r ee20d1905bde xen/arch/x86/domain.c
--- a/xen/arch/x86/domain.c Thu Jan 11 16:40:55 2007 +0800
+++ b/xen/arch/x86/domain.c Thu Jan 11 16:46:59 2007 +0800
@@ -573,6 +573,7 @@ int arch_set_info_guest(
else
{
2012 Nov 26
13
[PATCH 0 of 4] Minios improvements for app development
This patch series contains a set of patches making minios rather easier
to use, from an application development point of view.
Overview of patches:
1 Command line argument parsing support, from Xen.
2 Weak console handler function.
3 Build system tweaks for application directories.
4 Trailing whitespace cleanup. (because it is very messy)
Patch 4 is likely to be more controversial than