similar to: Inherit groups

What are you using for the database - SQLite? I am using mysql (mariadb). I am not familiar with SQLlite. Can you access the database from the console - look up the list of tables - display the contents from a table? Anything to see if your SQLite is working and has asterisk data in it. From your Asterisk console, |CLI> core show help database| should give you a list of commands that you

Apache DocumentRoot on an NFS directory: [root at localhost ~]# service httpd start Starting httpd: Warning: DocumentRoot [/home/www/html] does not exist Syntax error on line 292 of /etc/httpd/conf/httpd.conf: DocumentRoot must be a directory [FAILED] [root at localhost ~]# After some research, I found this (dated) link

i had a small query , whant is the difference between stickybit SUID and SGID , is there any proper site where i can get a clear understanding . -- Regards Agnello D'souza -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.centos.org/pipermail/centos/attachments/20100709/c7c22588/attachment.html>

Hi, how do I allow lighttpd access to a directory like this: dr-xrwxr-x. lighttpd example unconfined_u:object_r:samba_share_t:s0 files_articles I tried to create and install a selinux module, and it didn?t work. The non-working module can not be removed, either: semodule -r lighttpd-files_articles.pp libsemanage.semanage_direct_remove_key: Unable to remove module lighttpd-files_articles.pp at

Hi, I find that files (not directories) in an smbfs-mounted share always have the sgid bit set. I've looked in the FAQ and HOWTO but didn't see anything. I wonder if someone might suggest a way to fix it. The share is served from Windows 2003 SP2 and mounted on a Fedora 10 Linux machine (samba-client-3.2.5-0.23.fc10.i386) with this command line: mount //wcl-fp1/shared /mnt/shared -t

PS: Now I found this: type=PROCTITLE msg=audit(09/22/2017 12:08:29.911:1023) : proctitle=/usr/lib/sendmail -t -oi -oem -fwawi-genimp type=SYSCALL msg=audit(09/22/2017 12:08:29.911:1023) : arch=x86_64 syscall=setgroups success=no exit=EPERM(Operation not permitted) a0=0x1 a1=0x7ffc1df3b0d0 a2=0x0 a3=0x7f5d77c3a300 items=0 ppid=19417 pid=19418 auid=unset uid=lighttpd gid=lighttpd euid=root

Daniel Walsh wrote: > On 09/22/2017 06:58 AM, hw wrote: >> >> PS: Now I found this: >> >> >> type=PROCTITLE msg=audit(09/22/2017 12:08:29.911:1023) : proctitle=/usr/lib/sendmail -t -oi -oem -fwawi-genimp >> type=SYSCALL msg=audit(09/22/2017 12:08:29.911:1023) : arch=x86_64 syscall=setgroups success=no exit=EPERM(Operation not permitted) a0=0x1

Hi, This is a very scary problem I have here. I use a precompiled 2.0.6 samba on my SGI IRIX 6.3 system. I also have smbpasswd file setup. When I tried to change the samba password using smbpasswd program ( from a non root account whic I use) I got an error messgae saying that it cannot change the password. My goodness, I found that the instead of changing password for my account smbpasswd

Hi, After configuring systemd unit with ReadWritePaths=/home/mail, I get the following error logs in audit: type=AVC msg=audit(1586604621.637:6736): avc: denied { write } for pid=12750 comm="imap" name="Maildir" dev="dm-3" ino=438370738 scontext=system_u:system_r:dovecot_t:s0 tcontext=unconfined_u:object_r:etc_runtime_t:s0 tclass=dir permissive=0 type=SYSCALL

<!doctype html> <html> <head> <meta charset="UTF-8"> </head> <body> <div> <br> </div> <blockquote type="cite"> <div> On 11/04/2020 15:47 Alex JOST < <a href="mailto:jost+lists@dimejo.at">jost+lists@dimejo.at</a>> wrote: </div> <div>

Hi, Has anyone any ideas what is causing my smbd processes to crash? The files being accessed via samba are on an NFS mounted directory. In the samba log file I am getting the following errors: [2004/12/03 16:31:33, 0] smbd/oplock.c:request_oplock_break(1026) request_oplock_break: no response received to oplock break request to pid 2181 9 on port 53336 for dev = 2c00002, inode = 297939333

Hey *, I'm getting an audit coming down the pipes and I have 2 4.6 release boxes to clean up. I say "clean up" because they have some requirements that I missed despite due diligence. My specific question is: To what extent can I get rid of UUCP? Aside from the SUID/SGID stuff that pops up via my finds, I simply see no reason to have any UUCP stuff on these boxes. Is this stuff

Hello. In the Samba by Example book theres a section called "Effect of Setting File and Directory SUID/SGID Permissions Explained", that shows an example of the effect of SUID/SGID bits. The SGID bit when setted in directories makes the files inherit the group owner, but I couldn't make the SUID bit on directories work, making files inherit the owner. The

Hello All, I set up ltsp regulary, on Centos6 machines. This morning I have a Selinux problem that usualy does not occur: after setting everything up, the thinclients boot, but nobody can login. It only works after the command : # echo 0 > /selinux/enforce I tried this semanage command: # semanage fcontext -a -t bin_t /usr/bin/xauth but it makes no difference. The message I'm now

I recently began getting periodic emails from SEalert that SELinux is preventing /usr/libexec/qemu-kvm "getattr" access from the directory I store all my virtual machines for KVM. All VMs are stored under /vmstore , which is it's own mount point, and every file and folder under /vmstore currently has the correct context that was set by doing the following: semanage fcontext -a -t

Merry Christmas, Vorbis folks! Here's bunches of cleanups to ogg123. I haven't changed much in the raw code, mostly a few places with broken implementations. I'm also trying to cleanup some places where we assume too much, because ogg123 might eventually be able to safely run suid (or sgid) (to access the audio devices). I think the next thing I'll attack is the buffering. --

amd from the amd-920824upl102-6.i386.rpm file distributed with RedHat Linux 4.1 does not honor the nodev option for NFS filesystems and probably other mount types, allowing any user access to the device files in /dev on a system, provided that they have root access to another linux box on the network. In addition, the default amd.conf from RH 4.1 maps /net/* to NFS mounting, which makes the bug in

Hi all, Just want to enable squid's SNMP support to get information about its perfomance through snmp client. I set "snmp_port 3401" in squid.conf SELinux is in enforcing state with targeted policy. But squid daemon doesn't start. There are some messages in audit.log like type=SYSCALL msg=audit(1176946812.492:244): arch=40000003 syscall=102 success=no exit=-13 a0=2 a1=bf880060

I'm setting up a dedicated database server, and since this will be a central service to my various web servers I wanted it to be as secure as possible...so I am leaving SELinux enabled. However I'm having trouble getting Apache to use mod_auth_pam. I also now can't get setroubleshootd working to send me notifications of the denials and provide tips to solve the problem. The Apache

Any SElinux expert here - briefly: # getenforce Enforcing # sesearch -ACR -s httpd_t -c file -p read |grep system_conf_t <no output> # sesearch -ACR -s httpd_t -c file -p read |grep syslog_conf_t <no output> # ls -laZ /etc/sysctl.conf /etc/rsyslog.conf -rw-r--r--. root root system_u:object_r:syslog_conf_t:s0 /etc/rsyslog.conf -rw-r--r--. root root