Displaying 20 results from an estimated 1000 matches similar to: "Digest Subcriber needs help with SELinux file context setting"
2008 May 22
1
Re: Need help with rsync. [solved]
In-Reply-To: <f4e013870805211022r36194b29gb74ca4421dc2ee77 at mail.gmail.com>
On: Wed, 21 May 2008 10:22:19 -0700, MHR <mhullrich at gmail.com>
wrote:
>> On Wed, May 21, 2008 at 8:37 AM, James B. Byrne <byrnejb at harte-lyne.ca>
>> wrote:
>>
>> This indeed turned out to be an SELinux policy problem which I have since
>> resolved.
>
> Whoa,
2009 Sep 14
4
Contribution to wiki: nagios incompatibility with centos 5.2
Hi
I would like to contribute to the wiki.centos.org:
username: boel
subject: nagios incompatibility with centos 5.2
location: http://wiki.centos.org/HowTos/Nagios
content: A security feature of centos 5.2 SELinux prevents the access
from the apache httpd server to the needed /var/nagios files. The error
manifests itself in the /var/log/messages as "SELinux is preventing the
tac.cgi from
2009 Aug 11
1
selinux question and answer
This is continuing/summarising a rather long discussion that happened
on IRC ...
We talked to some SELinux experts about what was required to make
SELinux work with libguestfs, and it seems reasonably simple to load
the policy from the guest filesystem.
All that needs to be done is to mount the guest disks up and then run:
sh "/usr/sbin/load_policy -i"
That command also mounts up
2009 Feb 06
1
Darned thing is suddenly failing. We had a reboot last night, and I
changed a couple of files today too, so either one could somehow be
responsible. But I can''t figure out how from this crash. First I noticed
that my changes weren''t updating. Then I noticed that puppet wasn''t
running. Then I found that it won''t, in fact, run.
/selinux contains only a
2010 Sep 26
1
Bugzilla 3.6.2 + sendmail + SELinux
Hello,
I have deployed Bugzilla 3.6.2 on CentOS 5 (with rpmforge perl-*
packages) and I have a problem with SELinux preventing mail being sent
via sendmail.
(see SELinux reports below, especially the second one)
When SELinux is in permissive mode, mail sending from Bugzilla is
working properly.
Has anybody got recent Bugzilla to work with SELinux on CentOS?
Thanks in advance!
Mathieu
2008 Aug 23
2
CentOS 5.2 + SELinux + Apache/PHP + Postfix
Hi All,
I'm running CentOS 5.2 with SELinux in enforcing mode (default
targeted policy). The server hosts a PHP web app that sends mail. I'm
getting the following errors (see end of message) in my selinux
audit.log file every time the app sends an email. The email always
seems to get sent successfully, despite the log messages. However,
they do concern me and I would like to understand
2007 Mar 12
2
selinux disable but still working
I have some centos 4.4 server. i have disable selinux for some software
problem:
# cat /etc/selinux/config
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - SELinux is fully disabled.
SELINUX=disable
#
2010 Apr 06
1
SELinux restorecon does not work
Hi All,
I have this following issue in SELinux. I did what instruction said but the
security context has still never changed. Do I need to create local SELinux
module? I hope anyone could help me out of this. Thank you.
-------------------------------------------------------
# sealert -b
........................................
Summary:
SELinux is preventing postmaster (postgresql_t)
2015 Jan 22
2
SELinux permissions for apache
Hey all,
I have a simple php app working that writes some info to a text file. The
app will only work correctly if SELinux is disabled. If it's enabled and
try to use the app, it fails. It seems that SELinux is denying the app
ability to write to the text file.
So I tried running the following command:
chcon -R -t httpd_sys_content_t /var/www
And tried veriying the command with the
2015 Apr 01
1
SEmodule dependency hell.
I want you all to see what I went through trying to simply reassign
(unsuccessfully) the context of a well-known port.
To the best of my ability to recall none of the packages mentioned
below are even installed on the host in question. Why are these
dependices preventing me from removing a disused SELinux policy.
I have done exactly that, reassign port contexts, in the past without
encountering
2017 Feb 21
2
SELInux conflict with Postfixadmin
On 02/21/2017 11:46 AM, Zdenek Sedlak wrote:
> On 2017-02-21 17:30, Robert Moskowitz wrote:
>> postfixadmin setup.php is claiming:
>>
>> *Error: Smarty template compile directory templates_c is not writable.*
>> *Please make it writable.*
>> *If you are using SELinux or AppArmor, you might need to adjust their
>> setup to allow write access.*
>>
2015 Feb 10
1
SELinux context for ssh host keys?
> On Feb 9, 2015, at 12:27 PM, Robert Nichols <rnicholsNOSPAM at comcast.net> wrote:
>
> On 02/09/2015 11:14 AM, James B. Byrne wrote:
>> So, I decided to run restorecon -v to
>>
...
>> restorecon reset /etc/ssh/ssh_host_rsa_key_4096 context
>> unconfined_u:object_r:sshd_key_t:s0->unconfined_u:object_r:etc_t:s0
>>
...
>> There is no
2017 Feb 21
3
SELInux conflict with Postfixadmin
postfixadmin setup.php is claiming:
*Error: Smarty template compile directory templates_c is not writable.*
*Please make it writable.*
*If you are using SELinux or AppArmor, you might need to adjust their
setup to allow write access.*
This goes away with 'setenforce 0', so it is an SELinux issue. I have
tried both:
restorecon -Rv /usr/share/postfixadmin
and
chcon -R -t
2015 Jan 22
2
SELinux permissions for apache
Hey Jeremy,
> Have you tried changing the folder where it's writing into with these
> lables? httpd_sys_content_rw_t or httpd_user_content_rw_t
Adding 'rw' to the command did the trick. I tried httpd_sys_content_rw_t and
that works fine! Thanks for the tip!
Tim
On Thu, Jan 22, 2015 at 1:19 PM, Jeremy Hoel <jthoel at gmail.com> wrote:
> Have you tried changing
2007 Jul 28
2
Any SELinux gurus around?
Hey all, I'm having some trouble getting PHP5 w/ CentOS 5 to connect to
a remote MySQL server using the standard mysql_connect() call.
Yes, MySQL libraries are installed along with php-mysql...
The only way I can get it to work is to run setenforce Permissive,
otherwise the connection fails.
The annoying thing is that nothing at all shows up in my
/var/log/messages file describing why
2006 Sep 02
1
imap fails, policy wrong?
up until a week or so ago, I had no problem using IMAP logging into a server
running Fedora Core (I think 4 or 5 ) with dovecot 1.0. Had used squirrelmail
and other mail agents using IMAP with no problem. as of 2 days ago, I
get a squirrelmail error "ERROR: Connection dropped by IMAP server.
Query: CAPABILITY" and turning on dovecot debugging shows the following:
2015 Jan 22
0
SELinux permissions for apache
Have you tried changing the folder where it's writing into with these
lables? httpd_sys_content_rw_t or httpd_user_content_rw_t
On Thu, Jan 22, 2015 at 11:09 AM, Tim Dunphy <bluethundr at gmail.com> wrote:
> Hey all,
>
> I have a simple php app working that writes some info to a text file. The
> app will only work correctly if SELinux is disabled. If it's enabled and
2015 Jan 22
0
SELinux permissions for apache
The easiest answer is to edit the Selinux config file. By default it is
set to enforce, which really locks it down.
cd /etc/selinux
edit the config file and change SELUNIX=enforcing to SELUNIX=permissive
Save the file and restart httpd, you should be fine..
john plemons
On 1/22/2015 1:36 PM, Tim Dunphy wrote:
> Hey Jeremy,
>
>
>
>> Have you tried changing the folder where
2017 Feb 21
0
SELInux conflict with Postfixadmin
On 02/21/2017 11:52 AM, Robert Moskowitz wrote:
>
>
> On 02/21/2017 11:46 AM, Zdenek Sedlak wrote:
>> On 2017-02-21 17:30, Robert Moskowitz wrote:
>>> postfixadmin setup.php is claiming:
>>>
>>> *Error: Smarty template compile directory templates_c is not writable.*
>>> *Please make it writable.*
>>> *If you are using SELinux or AppArmor,
2017 Sep 04
0
selinux denial of cgi script with httpd using ssl
Am 04.09.2017 um 23:49 schrieb Gregory P. Ennis:
> Thanks for your help.
>
> I did pick up an additional entry in the audit file :
>
>
> type=AVC msg=audit(1504561395.709:10196): avc: denied { execute } for
> pid=19163 comm="/usr/sbin/httpd" name="s.check.cgi" dev="dm-0"
> ino=537182029 scontext=system_u:system_r:httpd_t:s0
>