similar to: SELinux - way of the future or good idea but !!!

Displaying 20 results from an estimated 40000 matches similar to: "SELinux - way of the future or good idea but !!!"

2012 Apr 01
7
selinux on/off percentage
hi Just wondering if there is any statiscs report of selinxu usages in production environment? I know some still turn it off. thanks. min
2012 Jan 05
6
SELinux and access across 'similar types'
http://wiki.centos.org/HowTos/SELinux says: "Access is only allowed between similar types, so Apache running as httpd_t can read /var/www/html/index.html of type httpd_sys_content_t." however the doc doesn't define what "similar types" means. I assumed it just meant "beginning with the same prefix". However that can't be right because on my system with
2012 Dec 06
9
courier mail for Centos
Are there existing rpms for courier mta? I am working from: http://www.howtoforge.com/virtual-users-and-domains-with-postfix-courier-mysql-and-squirrelmail-fedora-14-x86_64 And am making progress with postfix and mysql, but looking ahead to other steps. I see squirrelmail is in EPEL.
2007 Mar 28
5
Zimbra, Scalix or something else..
Hello all, I've played with both Zimbra and Scalix and they seem quite nice and do pretty much what I want. I'm now at the point where I am considering retiring my trusty old courier-imap service in favour of one of these two, unless of course anyone has any other recommendations or suggestions. I'd probably be doing this inside a centos 4.4 Xen VMs running on centos 5 when it comes
2005 May 24
2
PostgreSQL/SELinux Error - relation "pg_catalog.pg_u ser" does not exist
> > The best thing to do is add this to /etc/selinux/config > > SELINUX=disabled > > And then get on with the real jobs.... > Listening to all the pros and cons of SELinux. I'd like to improve the security of our regional web server using SELinux. We have a main regional web site and several virtual domains, kept up by private users, all on the same server. Some of
2011 Nov 30
12
duqu
There's an article on slashdot about the Duqu team wiping all their intermediary c&c servers on 20 Oct. Interestingly, the report says that they were all (?) not only linux, but CentOS. There's a suggestion of a zero-day exploit in openssh-4.3, but both the original article, and Kaspersky labs (who have a *very* interesting post of the story) consider that highly unlikely, and the
2014 Aug 21
1
Centos 7 lockup
A machine I set up to run OpenNMS stopped working last night - no hardware alarm lights, but keyboard/monitor/network unresponsive. After a reboot I see a large stack of messages like this in /var/log/messages: ---- Aug 20 14:02:34 opennms-h-03 python: SELinux is preventing /usr/sbin/monitor-get-edid-using-vbe from mmap _zero access on the memprotect . ***** Plugin mmap_zero (53.1 confidence)
2006 Aug 19
9
web based mail packages for CentOS
Hello Everyone, I was using OpenGroupware but just hosed my system. Since I'm starting from scratch I would like to know what everyone's using for web based mail. I currently implemented cyrus-imapd and postfix which I used before. I was going to give dovecot a try but it wouldn't start even though it was supposed to be easier. I would like to move my postfix to a chroot but have
2015 Mar 03
2
selinux allow FTP
On Mon, Mar 2, 2015 at 4:43 PM, Tim Dunphy <bluethundr at gmail.com> wrote: >> >> errr, I meant, sftp, not rscp > > > Heh.. yeah. But the client isn't gonna go for that. LOL. Any way to allow > regular ol' FTP using SELinux? Or does that just defeat the purpose of > having a secure SELlinux server entirely? What is the context here? The big problem
2015 Apr 16
3
systemd private tmp dirs
On Wed, Apr 15, 2015 at 6:48 PM, Matthew Miller <mattdm at mattdm.org> wrote: > On Wed, Apr 15, 2015 at 05:31:52PM -0500, Les Mikesell wrote: >> Thanks - I can see how those would work once you understand what is >> broken on the target system and why, but is there a way that programs >> 'should' be written to run with/without systemd? That just happened
2010 Jan 08
6
New selinux-policy breaks logwatch emails?
Hello, After a yum update last night, I had a CenOS 5.4 i386 system pull in the following selinux updates: Jan 07 21:39:14 Updated: selinux-policy-2.4.6-255.el5_4.3.noarch Jan 07 21:39:31 Updated: selinux-policy-targeted-2.4.6-255.el5_4.3.noarch This machine has SELinux set to Enforcing. This morning, I see I got the following email from Cron: /etc/cron.daily/0logwatch: sendmail: warning:
2012 Jan 31
3
rsync from rescue boot
If I boot a 5.7 install disk with 'linux rescue selinux=0', let it start the network and detect the installed system, ssh seems to work, but rsync fails with "rsync: connection unexpectedly closed (0 bytes received so far) [receiver]). Shouldn't it work as long as the underlying ssh connection works? It doesn't prompt for the ssh password and using -essh doesn't change
2008 Feb 01
7
General questions about security
Hi, I admit I never gave security that much thought, that is, except the most basic security rules like choosing good passwords, or reasonable file and directory permissions. But now I have to change that, since I'll soon have to setup a dedicated production server for our public libraries. I wonder where to begin. I would say first thing is get a series of "auditing" tools
2007 Apr 18
1
[Bridge] recent crashes? Linux kernel 2.6.18-1.2239.fc5 (Linux Fedora Core 5)
At the risk of angering the crash Gods, my sustem has NOT crashed again since I downgraded the kernel from 2.6.18-1.2239.fc5 to 2.6.18-1.2200.fc5. Given that newfound stability, and my lack of time, I'm going to put on hold any further diagnostics, until the next kernel revision is released. I have submitted a report at bugzilla.redhat.com (bug 218128). (Ah, nuts; accidentally created a
2013 Nov 15
7
Mysql databases from old system?
Last week I had a hard disk failure on my CentOS server. I managed to re-install CentOS on a new disk. I have the old mysql databases from /var/lib/mysql . Can I just move them to my new disk? Any help or suggestions gratefully received. -- Timothy Murphy e-mail: gayleard /at/ eircom.net School of Mathematics, Trinity College, Dublin 2, Ireland
2009 Nov 07
5
Serious Privileges Problem: Second Post!
I have a serious privileges problem that is making it impossible to serve python pages on a CentOS server. I have tried to resolve this problem in my last post, but now it appears that interest has petered out. I'm desperate and hoping someone on this list can help. [Fri Nov 06 11:50:40 2009] [error] [client 66.248.168.98] (2)No such file or directory: exec of
2015 Apr 16
2
systemd private tmp dirs
On Wed, Apr 15, 2015 at 9:00 PM, John R Pierce <pierce at hogranch.com> wrote: > On 4/15/2015 6:52 PM, Les Mikesell wrote: >> >> Mostly I'm interested in avoiding surprises and having code that isn't >> married to the weirdness of any particular version of any particular >> distribution. And I found this to be pretty surprising, given that I >> could
2014 Dec 30
3
can't enable selinux CentOS 6.5
Hey guys, For some reason I can't seem to enable SELinux on this one host. Here's my SELinux config file: [root at beta-new:~] #cat /etc/sysconfig/selinux # This file controls the state of SELinux on the system. # SELINUX= can take one of these three values: # enforcing - SELinux security policy is enforced. # permissive - SELinux prints warnings instead of enforcing. #
2010 Jun 29
4
security compliance vs. old software versions
What's the correct response to a security scan that points out that apache versions below 2.2.14 have multiple known vulnerabilities? Is there an official document about what known vulnerabilities have been fixed in the RHEL/CentOS updates or do you have to wade through the changelog to try to find each thing? -- Les Mikesell lesmikesell at gmail.com
2020 Sep 24
3
Re: [common PATCH 3/3] mlcustomize: do not relabel if not enforcing (RHBZ#1828952)
On Wed, Sep 23, 2020 at 05:57:50PM +0200, Pino Toscano wrote: > Do not attempt to relabel a guest in case its SELinux enforcing mode is > not "enforcing", as it is either pointless, or it may fail because of an > invalid policy configured. > --- > mlcustomize/SELinux_relabel.ml | 26 +++++++++++++++++++++++++- > 1 file changed, 25 insertions(+), 1 deletion(-) >