similar to: postgresql copy to and selinux

Displaying 20 results from an estimated 1000 matches similar to: "postgresql copy to and selinux"

2019 Apr 16
4
Time Synchronisation - SELinux Labeling and Policy
hi, i want set selinux to usw with ntpd but when i run (as described in wiki) semanage -a -t ntpd_t "/usr/local/samba/var/lib/ntp_signd" i have that error " usage: semanage [-h] {import,export,login,user,port,ibpkey,ibendport,interface,module,node,fcontext,boolean,permissive,dontaudit} ... semanage: error: argument subcommand: invalid choice:
2008 Aug 23
2
CentOS 5.2 + SELinux + Apache/PHP + Postfix
Hi All, I'm running CentOS 5.2 with SELinux in enforcing mode (default targeted policy). The server hosts a PHP web app that sends mail. I'm getting the following errors (see end of message) in my selinux audit.log file every time the app sends an email. The email always seems to get sent successfully, despite the log messages. However, they do concern me and I would like to understand
2015 Jan 19
2
CentOS-6.6 Fail2Ban and Postfix Selinux AVCs
I am seeing these in the log of one of our off-site NX hosts running CentOS-6.6. type=AVC msg=audit(1421683972.786:4372): avc: denied { create } for pid=22788 comm="iptables" scontext=system_u:system_r:fail2ban_t:s0 tcontext=system_u:system_r:fail2ban_t:s0 tclass=rawip_socket Was caused by: Missing type enforcement (TE) allow rule. You can use
2010 Mar 25
3
httpd stopped working under SELinux so I had to turn SELinux off. libxml2.so.2: failed to map segment from shared object: Permission denied
Hi. CentOS 5.4 64-bit with SELinux, happily running for over a year, suddenly httpd fails to start up, getting an error message like: Starting httpd: Syntax error on line X of /etc/httpd/conf.d/php.conf: Cannot load /etc/httpd/modules/libphp5.so into server: libxml2.so.2: failed to map segment from shared object: Permission denied I turned off SELinux and was able to start httpd. But what went
2008 Aug 10
7
SELinux
Hi list, I've knocked up a contribution on SELinux here: http://wiki.centos.org/HowTos/SELinux I've tried to pitch it as an introduction for those not already familiar with SELinux but also hopefully a useful reference. I'm relatively new to SELinux and have covered pretty much everything I know to the limits of my limited knowledge. If folks think other material needs to be
2015 Jun 17
2
selinux allow apache log access
> > Try something like: > grep zabbix /var/log/audit/audit.log | audit2allow -M zabbix > semodule -i zabbix.pp Thanks for your response! However this is what happens when I try to install the module: [root at monitor2:~] #semodule -i zabbix.pp libsepol.print_missing_requirements: zabbix's global requirements were not met: type/attribute zabbix_t (No such file or directory).
2020 Feb 26
3
CentOS 7 : SELinux trouble with Fail2ban
On Feb 26, 2020, at 08:52, Nicolas Kovacs <info at microlinux.fr> wrote: > >> Le 26/02/2020 ? 11:51, Nicolas Kovacs a ?crit : >> SELinux is preventing /usr/bin/python2.7 from read access on the file disable. >> ***** Plugin catchall (100. confidence) suggests ***** >> If you believe that python2.7 should be allowed read access on the disable file by default.
2020 Feb 26
5
CentOS 7 : SELinux trouble with Fail2ban
Hi, Some time ago I had SELinux problems with Fail2ban. One of the users on this list suggested that it might be due to the fact that I'm using a bone-headed iptables script instead of FirewallD. I've spent the past few weeks getting up to date with doing things in a more orthodox manner. So currently my internet-facing CentOS server has a nicely configured NetworkManager, and
2015 Jun 17
2
selinux allow apache log access
> > That's because there's already a zabbix module loaded (the message isn't > very informative!). I forgot that the received wisdom is to insert "my" in > front of ones own modules i.e.: > grep zabbix /var/log/audit/audit.log | audit2allow -M myzabbix > semodule -i myzabbix.pp Hmm no luck there either: [root at monitor2:~] #semodule -i myzabbix.pp
2015 Jun 16
2
selinux allow apache log access
Hey guys,. I have a centos 7 machine I'm using as a zabbix server. And I noticed that apache won't start, with this complaint in the error log: (13)Permission denied: AH00091: httpd: could not open error log file /var/log/zabbix_error_log. AH00015: Unable to open logs I tried having a look at audit2allow and this is the response I get back: [root at monitor2:/etc/httpd] #grep http
2007 Nov 19
1
Can not mount CIFS-Share on bootup (SELinux Problem)
Hello everybody, i am trying to mount a CIFS-share while booting, providing a credential file for the share (/root/smbpassword) - without success (with SElinux turned on). The share will get mounted just fine when typing mount -a on the shell. And it also will get mounted automatically during boot when SELinux ist turned off. I have searched the documentation, but i have no clue which SElinux
2015 Jun 17
1
selinux allow apache log access
On 06/17/2015 04:03 PM, Jonathan Billings wrote: > On Wed, Jun 17, 2015 at 03:30:51PM -0400, Tim Dunphy wrote: >> No prob! Thanks for all the help! But in searching my system I don't find >> anything of the sort. >> >> [root at monitor2:~] #updatedb >> [root at monitor2:~] #locate myzabbix.te >> [root at monitor2:~] #find / -name "myzabbix.*"
2015 May 08
2
Q: respecting .ssh/id_rsa
On 5/8/2015 7:22 AM, Valeri Galtsev wrote: > On Fri, May 8, 2015 8:58 am, James B. Byrne wrote: >> While attempting to debug something else I ran across this: >> >> ssh -vvv somehost >> . . . >> debug1: Connection established. >> debug1: permanently_set_uid: 0/0 >> debug1: identity file /root/.ssh/identity type -1 >> debug1: identity file
2017 Oct 09
2
Can't get Samba 4.4.4 going on CentOS 7.3.1611
Hi folks, I've been googling for an hour on this which seems to be awfully basic. But I cannot find anything definitive. [root at centos-gig ~]# systemctl enable smb.service Failed to execute operation: Access denied [root at centos-gig ~]# setenforce 0 [root at centos-gig ~]# systemctl enable smb.service Failed to execute operation: No such file or directory Have tried things like : chcon
2015 May 09
1
Q: respecting .ssh/id_rsa
On 8 May 2015 20:41, "Conley, Matthew M CTR GXM" < matthew.m.conley1.ctr at navy.mil> wrote: > > chmod 0700 .ssh > chmod 0600 .ssh/* > > Keys can fail if you don't have that setup correctly. > Also do: > grep sshd /var/log/audit/audit.log| audit2allow -m sshd > # Will let you see what modules it will create. > grep sshd /var/log/audit/audit.log|
2007 May 16
2
selinux-policy-targeted-sources and CentOS 5?
What is the equivelent "selinux-policy-targeted-sources" package in CentOS 5? It was available in 4.4. Thanks for any help. -- Jiann-Ming Su "I have to decide between two equally frightening options. If I wanted to do that, I'd vote." --Duckman "The system's broke, Hank. The election baby has peed in the bath water. You got to throw 'em both out."
2007 Aug 16
1
SELinux questions, upon restarting BIND
Hi all, On my newly up-and-running nameserver (CentOS 5), I noticed the following alerts in /var/log/messages after restarting BIND. (lines inserted to aid in reading). As I'm new to SELinux, I'm hoping for some pointers on 1) if this is an issue which simply *must* be addressed, or if it's something I should live with, and 2) how to eliminate the warming messages without sacrificing
2017 Oct 09
3
Samba won't start on Centos 7.3.1611
Hi folks, I've been googling for an hour on this which seems to be awfully basic. But I cannot find anything definitive. [root at centos-gig ~]# systemctl enable smb.service Failed to execute operation: Access denied [root at centos-gig ~]# setenforce 0 [root at centos-gig ~]# systemctl enable smb.service Failed to execute operation: No such file or directory Have tried things like : chcon
2019 Apr 16
0
Time Synchronisation - SELinux Labeling and Policy
On 4/16/19 12:47 PM, Marco Gemignani via samba wrote: > hi, i want set selinux to usw with ntpd > > > but when i run (as described in wiki) > > semanage -a -t ntpd_t "/usr/local/samba/var/lib/ntp_signd" > > > i have that error > " > usage: semanage [-h] > > >
2017 Feb 12
2
Centos7 and old Bind bug
On 02/12/2017 10:40 AM, Gordon Messmer wrote: > I'm not seeing those errors logged, either, so maybe your system > differs from mine. If I'm misreading, hopefully someone will chime in > to clarify. ... Also, it might be useful to get the AVCs on your system. The bug entry indicated that you'd need to enable debugging (semodule -DB, and later use semodule -B to