similar to: Digest Subcriber needs help with SELinux file context setting

In-Reply-To: <f4e013870805211022r36194b29gb74ca4421dc2ee77 at mail.gmail.com> On: Wed, 21 May 2008 10:22:19 -0700, MHR <mhullrich at gmail.com> wrote: >> On Wed, May 21, 2008 at 8:37 AM, James B. Byrne <byrnejb at harte-lyne.ca> >> wrote: >> >> This indeed turned out to be an SELinux policy problem which I have since >> resolved. > > Whoa,

Hi I would like to contribute to the wiki.centos.org: username: boel subject: nagios incompatibility with centos 5.2 location: http://wiki.centos.org/HowTos/Nagios content: A security feature of centos 5.2 SELinux prevents the access from the apache httpd server to the needed /var/nagios files. The error manifests itself in the /var/log/messages as "SELinux is preventing the tac.cgi from

This is continuing/summarising a rather long discussion that happened on IRC ... We talked to some SELinux experts about what was required to make SELinux work with libguestfs, and it seems reasonably simple to load the policy from the guest filesystem. All that needs to be done is to mount the guest disks up and then run: sh "/usr/sbin/load_policy -i" That command also mounts up

Darned thing is suddenly failing. We had a reboot last night, and I changed a couple of files today too, so either one could somehow be responsible. But I can''t figure out how from this crash. First I noticed that my changes weren''t updating. Then I noticed that puppet wasn''t running. Then I found that it won''t, in fact, run. /selinux contains only a

Hello, I have deployed Bugzilla 3.6.2 on CentOS 5 (with rpmforge perl-* packages) and I have a problem with SELinux preventing mail being sent via sendmail. (see SELinux reports below, especially the second one) When SELinux is in permissive mode, mail sending from Bugzilla is working properly. Has anybody got recent Bugzilla to work with SELinux on CentOS? Thanks in advance! Mathieu

Hi All, I'm running CentOS 5.2 with SELinux in enforcing mode (default targeted policy). The server hosts a PHP web app that sends mail. I'm getting the following errors (see end of message) in my selinux audit.log file every time the app sends an email. The email always seems to get sent successfully, despite the log messages. However, they do concern me and I would like to understand

I have some centos 4.4 server. i have disable selinux for some software problem: # cat /etc/selinux/config # This file controls the state of SELinux on the system. # SELINUX= can take one of these three values: # enforcing - SELinux security policy is enforced. # permissive - SELinux prints warnings instead of enforcing. # disabled - SELinux is fully disabled. SELINUX=disable #

Hi All, I have this following issue in SELinux. I did what instruction said but the security context has still never changed. Do I need to create local SELinux module? I hope anyone could help me out of this. Thank you. ------------------------------------------------------- # sealert -b ........................................ Summary: SELinux is preventing postmaster (postgresql_t)

Hey all, I have a simple php app working that writes some info to a text file. The app will only work correctly if SELinux is disabled. If it's enabled and try to use the app, it fails. It seems that SELinux is denying the app ability to write to the text file. So I tried running the following command: chcon -R -t httpd_sys_content_t /var/www And tried veriying the command with the

I want you all to see what I went through trying to simply reassign (unsuccessfully) the context of a well-known port. To the best of my ability to recall none of the packages mentioned below are even installed on the host in question. Why are these dependices preventing me from removing a disused SELinux policy. I have done exactly that, reassign port contexts, in the past without encountering

On 02/21/2017 11:46 AM, Zdenek Sedlak wrote: > On 2017-02-21 17:30, Robert Moskowitz wrote: >> postfixadmin setup.php is claiming: >> >> *Error: Smarty template compile directory templates_c is not writable.* >> *Please make it writable.* >> *If you are using SELinux or AppArmor, you might need to adjust their >> setup to allow write access.* >>

> On Feb 9, 2015, at 12:27 PM, Robert Nichols <rnicholsNOSPAM at comcast.net> wrote: > > On 02/09/2015 11:14 AM, James B. Byrne wrote: >> So, I decided to run restorecon -v to >> ... >> restorecon reset /etc/ssh/ssh_host_rsa_key_4096 context >> unconfined_u:object_r:sshd_key_t:s0->unconfined_u:object_r:etc_t:s0 >> ... >> There is no

postfixadmin setup.php is claiming: *Error: Smarty template compile directory templates_c is not writable.* *Please make it writable.* *If you are using SELinux or AppArmor, you might need to adjust their setup to allow write access.* This goes away with 'setenforce 0', so it is an SELinux issue. I have tried both: restorecon -Rv /usr/share/postfixadmin and chcon -R -t

Hey Jeremy, > Have you tried changing the folder where it's writing into with these > lables? httpd_sys_content_rw_t or httpd_user_content_rw_t Adding 'rw' to the command did the trick. I tried httpd_sys_content_rw_t and that works fine! Thanks for the tip! Tim On Thu, Jan 22, 2015 at 1:19 PM, Jeremy Hoel <jthoel at gmail.com> wrote: > Have you tried changing

Hey all, I'm having some trouble getting PHP5 w/ CentOS 5 to connect to a remote MySQL server using the standard mysql_connect() call. Yes, MySQL libraries are installed along with php-mysql... The only way I can get it to work is to run setenforce Permissive, otherwise the connection fails. The annoying thing is that nothing at all shows up in my /var/log/messages file describing why

up until a week or so ago, I had no problem using IMAP logging into a server running Fedora Core (I think 4 or 5 ) with dovecot 1.0. Had used squirrelmail and other mail agents using IMAP with no problem. as of 2 days ago, I get a squirrelmail error "ERROR: Connection dropped by IMAP server. Query: CAPABILITY" and turning on dovecot debugging shows the following:

Have you tried changing the folder where it's writing into with these lables? httpd_sys_content_rw_t or httpd_user_content_rw_t On Thu, Jan 22, 2015 at 11:09 AM, Tim Dunphy <bluethundr at gmail.com> wrote: > Hey all, > > I have a simple php app working that writes some info to a text file. The > app will only work correctly if SELinux is disabled. If it's enabled and

The easiest answer is to edit the Selinux config file. By default it is set to enforce, which really locks it down. cd /etc/selinux edit the config file and change SELUNIX=enforcing to SELUNIX=permissive Save the file and restart httpd, you should be fine.. john plemons On 1/22/2015 1:36 PM, Tim Dunphy wrote: > Hey Jeremy, > > > >> Have you tried changing the folder where

On 02/21/2017 11:52 AM, Robert Moskowitz wrote: > > > On 02/21/2017 11:46 AM, Zdenek Sedlak wrote: >> On 2017-02-21 17:30, Robert Moskowitz wrote: >>> postfixadmin setup.php is claiming: >>> >>> *Error: Smarty template compile directory templates_c is not writable.* >>> *Please make it writable.* >>> *If you are using SELinux or AppArmor,

Am 04.09.2017 um 23:49 schrieb Gregory P. Ennis: > Thanks for your help. > > I did pick up an additional entry in the audit file : > > > type=AVC msg=audit(1504561395.709:10196): avc: denied { execute } for > pid=19163 comm="/usr/sbin/httpd" name="s.check.cgi" dev="dm-0" > ino=537182029 scontext=system_u:system_r:httpd_t:s0 >