similar to: SELinux issue

Ok, so there is not a problem with SElinux and Samba. But it is a pain to set up so it will work right. I finally figured out how to set up SE and Samba so you can be able to write and delete files. I found in one of that man pages "man samba_selinux", you can just disable SE for samba. I am sure there are other ways also but this is what I have found so far. I tried to just

Hello, I was using CentOS 5.5 as a "playground" VM at my WinXP notebook and now I'm migrating to a new CentOS 5.6 install and everything has worked well - except samba. I have this very permissive config to export my ~/src dir: # cat /etc/samba/smb.conf [global] guest ok = yes guest account = afarber security = share hosts allow = 172.16.6. 127.0.0.1 [src]

I have setup a Samba4 server and would like to report my experiences in the hope that it may be helpful to others. I basically followed the official Samba4 HowTo, which is very good. Based on what I have seen, this is the only document I would recommend people to follow. I will try not to repeat things that are covered in the HowTo, but rather focus on what I did differently or additionally,

Hello, I have Samba 4 installed with some correctly configured shares so I can access them from my Windows box. It is a proven setup from an older Fedora+Samba setup, though on that other machine I have SELinux disabled. So I set samba_export_all_rw=1 to be able to access the shares whose files and directories are labelled public_content_rw_t by issuing: semanage fcontext -a -t

Hey, I'm having problems with samba. It has never worked properly on my server since I've had it installed.. Its for a home server, running xbox-Linux Fedora Core 6. I've just uninstalled every trace of the old samba, and started a fresh. With the latest samba sources I found on the website. The nmbd starts fine, but smbd never starts, and in the kernel log, I get the following

Hi all, I just installed a CentOS 5 machine from Kickstart. I configure NSS and PAM to lookup and authenticate users from LDAP with authconfig. On my LDAP I also have some automount configuration, but I'm not running automount on this server. SELinux is installed and enforcing. Whenever I try to install an RPM (and in other occasions during boot) I see those messages: # rpm -Uvh ... .rpm

Hi All, I'm running CentOS 5.2 with SELinux in enforcing mode (default targeted policy). The server hosts a PHP web app that sends mail. I'm getting the following errors (see end of message) in my selinux audit.log file every time the app sends an email. The email always seems to get sent successfully, despite the log messages. However, they do concern me and I would like to understand

Any ideas why bind is putting the tmp files in the [chroot]/var/named directory and not in /tmp or /var/tmp? [root at devserver21 chroot]# Aug 15 14:08:21 devserver21 named[5101]: loading configuration from '/etc/named.conf' Aug 15 14:08:21 devserver21 named: named reload succeeded Aug 15 14:08:21 devserver21 named[5101]: dumping master file: tmp-XXXXQ5X9mC: open: permission denied Aug 15

Hey guys, I've been getting some strange selinux messages after the 5.3 upgrade. It appears as though my mail system (postfix) is constantly trying to access the rpm database? Here's the audit messages (I tend to look at my selinux messages using audit2allow < /var/log/audit.log as I find it easier to read quickly): allow postfix_postdrop_t rpm_t:tcp_socket { read write }; allow

Hi. I'm trying to setup squid with SELinux, the problem i encounter is taht i want to add another directory for cache, in this system we have a home partition with huge space, i create a squid dir and add the path with semanage: semanage fcontext -a -t squid_cache_t '/home/squid(/.*)?' i check the files and are in the good context: drwxr-xr-x squid squid

Yesterday I activated SELinux in targeted mode, then I rebooted and started receiving some error messages in the system services initialization: ====================================================================== audit(1156518721.252:2): avc: denied { read } for pid=2223 comm="syslogd" name="libc-2.3.4.so" dev=dm-0 ino=50441 scontext=user_u:system_r:syslogd_t

Hi. I've installed BackupPC 3.1.0 from Testing repository, to Cent OS 5.2 x86_64, and I am hitting an SE Linux denial - the httpd cannot talk to the BackupPC socket: type=AVC msg=audit(07/31/2008 17:18:53.623:410) : avc: denied { connectto } for pid=11767 comm=httpd path=/var/log/BackupPC/BackupPC.sock scontext=user_u:system_r:httpd_t:s0 tcontext=user_u:system_r:initrc_t:s0

I have some centos 4.4 server. i have disable selinux for some software problem: # cat /etc/selinux/config # This file controls the state of SELinux on the system. # SELINUX= can take one of these three values: # enforcing - SELinux security policy is enforced. # permissive - SELinux prints warnings instead of enforcing. # disabled - SELinux is fully disabled. SELINUX=disable #

Summary: SELinux prevented mount from mounting on the file or directory "./Fedora-9-Everything-i386-DVD1.iso" (type "samba_share_t"). Detailed Description: SELinux prevented mount from mounting a filesystem on the file or directory "./Fedora-9-Everything-i386-DVD1.iso" of type "samba_share_t". By default SELinux limits the mounting of filesystems to only

I setup postfix/dovecot on a new machine and now all works well with the small exception of dovecot triggering selinux avc denials on some temp... files here is a sample alert: Summary SELinux is preventing /usr/libexec/dovecot/deliver (dovecot_deliver_t) "link" to temp.localhost.678.40caaf5592891c46 (user_home_dir_t). Detailed Description SELinux denied access requested

CentOS 4 - updated to current, rebooted to new kernel and now I can't get mysqld to start... # service mysqld start Timeout error occurred trying to start MySQL Daemon #tail -n 4 /var/log/messages Nov 12 00:48:56 srv1 kernel: audit(1131781736.221:4): avc: denied { write } for pid=4874 comm="mysqld" name="tmp" dev=dm-0 ino=2894305 scontext=root:system_r:mysqld_t

Hi, I am not very experienced with SELinux and I have a problem which I can't track down. Any help would be really appreciated. I have an 'install everything' Centos 4.2 system which I am using as a workstation. Before anyone tells me off for installing everything, I have done this in order to get used to CentOS before using it on live servers. Anyway when I log into X (gnome, gdm)

I'm trying to set the context on an nfs mounted /home. I believe exactly like in Redhat's Deployment Guide at http://www.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/5.2/html/Deployment_Guide/ch45s02s03.html On my system running CentOS 5.2: $ ls -alZ /home drwxr-xr-x root root system_u:object_r:home_root_t . drwxr-xr-x root root system_u:object_r:root_t .. $ mount -t

Hi all, On my newly up-and-running nameserver (CentOS 5), I noticed the following alerts in /var/log/messages after restarting BIND. (lines inserted to aid in reading). As I'm new to SELinux, I'm hoping for some pointers on 1) if this is an issue which simply *must* be addressed, or if it's something I should live with, and 2) how to eliminate the warming messages without sacrificing

I'm having problems setting up a samba server with sellinux in centos 5.6 (x64). My samba config works flawlessly when selinux is disabled but fails to access shares when selinux is enabled. Wich command makes it possible to run samba with selinux without disabling it, now I've done: "set sebool -P smbd_disable_trans 1" but doesn't really solve my problem. Thanks in