similar to: SELinux : please explain ...

CentOS-6.1 KVM guest on CentOS-6.1 host. I am seeing this SEAlert in the /var/log/audit/audit.log file a new guest immediately after startup. Can someone tell me what it means and what I should do about it? A Google search reveals a number of Fedora issues with similar errors dating back a few years; most of which seem to have something to do with package ownership. This guest starts without

Well, I was having a heck of a time with the rpm install in terms of customizing the install directory. So I thought the easy way out might be to go for a source install. Which I tried and this was the output from the install: [root at web1:/opt/AppDynamics/appdynamics-php-agent] #./install.sh appd.jokefire.com 443 beta.jokefire.com "Web Front End" web1.jokefire.com Install script for

[Moving this to the libguestfs mailing list] On Mon, Jan 13, 2014 at 03:05:14PM -0500, Daniel J Walsh wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On 01/13/2014 11:49 AM, Richard W.M. Jones wrote: > > On Mon, Jan 13, 2014 at 10:20:22AM -0500, Daniel J Walsh wrote: > >> Secondly we prevent even unconfined_t from putting down labels on the > >>

I'm experimenting with the libvirt lxc driver, and wondering if there is some way to control the capabilities assigned to the container processes. With lxc-tools, I can specify a configuration option, lxc.cap.drop, which causes the container processes to drop the specified privileges. My libvirt containers seem to run with

Hi, I wonder if makes sense to install SAMBA4 AD DC on a LXC container. What do you think? The AD DC has around 50 users. Thanks in advance -- -- Sergio Belkin LPIC-2 Certified - http://www.lpi.org

Hi, I compiled a kernel from sources (2.6.30.5) and when system is booting shows these errors: SELinux: 61 classes, 69080 rules SELinux: class peer not defined in policy SELinux: class capability2 not defined in policy SELinux: class kernel_service not defined in policy SELinux: permission open in class dir not defined in policy SELinux: permission open in class file not defined in policy

> On 12 May 2015, at 03:39, Tim Dunphy <bluethundr at gmail.com> wrote: > ***** Plugin catchall_labels (83.8 > confidence) suggests *******************... > May 11 22:31:38 web1 python[14832]: SELinux is preventing > /usr/lib/appdynamics-php5/proxy/jre/bin/java from block_suspend access on > the capability2 Unknown. > Why is that

After reading the instructions at https://wiki.samba.org/index.php/Time_Synchronisation, I still have questions about how samba interacts with nptd. The issue is that LXD doesn't want containers setting the time and so won't start ntpd at container startup even though it's enabled in systemd. The host does sync it's time with a national time server, so we can assume that the

Hello! The following code triggered by syzbot r = get_user_pages_fast(log, 1, 1, &page); if (r < 0) return r; BUG_ON(r != 1); Just looking at get_user_pages_fast's documentation this seems impossible - it is supposed to only ever return # of pages pinned or errno. However, poking at code, I see at least one path that might cause this:

> > If rpm is configured for _that_ location of log files, I would remove the > repository this rpm comes from from configuration and will remember to > never-never ever use that repository for anything. > > Just my $0.02 > Yeah I completely get where you're coming from there. However it's not an RPM from a repo. I downloaded the rpm from the appdynamics site itself.

Hello All, I set up ltsp regulary, on Centos6 machines. This morning I have a Selinux problem that usualy does not occur: after setting everything up, the thinclients boot, but nobody can login. It only works after the command : # echo 0 > /selinux/enforce I tried this semanage command: # semanage fcontext -a -t bin_t /usr/bin/xauth but it makes no difference. The message I'm now

I`m having trouble running some games (JadeDynasty,War Of The Immortals) after I have installed them and I need to determine if this is the problem. Is anyone famaliar with the following msg: SELinux is preventing wine-preloader from mmap_zero access on the memprotect . ***** Plugin mmap_zero (53.1 confidence) suggests ************************** If you do not think wine-preloader should need

Hi! I am trying libvirt on POWERPC64 with the default settings such as selinux enabled. It is all good till I move images out of /var/lib/libvirt/images/. http://libvirt.org/drvqemu.html#securityselinux is saying that "If attempting to use disk images in another location, the user/administrator must ensure the directory has be given this requisite label. Likewise physical block devices

Hi All, Thanks for the information. But after resetting the semanage User/login, and moving the targeted folder to old one and then install the default target. then also its still showing the Id context as context=*system_u:system_r:unconfined_t:s0-s0:c0.c1023.* *What I observed is after changing the permission using semanage command also, its still showing the system_u:system_r. * *Check the

On 07/22/2013 11:12 AM, Daniel P. Berrange wrote: > On Mon, Jul 22, 2013 at 11:08:07AM -0400, Matt Hicks wrote: >> Warning - I'm fairly new to libvirt, lxc and systemd so there is a >> good chance I'm doing something terribly wrong here. However, >> instead of continuing to struggle, I figured I would mail the list >> for some advice. What I'm trying to

Hey CentOS folks! I have an interesting issue with starting a server on a CentOS 6 KVM guest. The server (service) in particular is gotour, which is a web application created by Google and their Golang developers, intended to teach users the basics of using the Go programming langauge. When starting gotour, the program claims to be binding to port 12049, but the VM doesn't seem to be serving

Hello everyone, I have a question about logging. I need to find out whether it is possible to see user id/session id inside logs or somewhere else. It is not passed in structured across the network, so where should I look to find out, which user (which session) is currently performing the actions?

Hi, I wanted just to ask an additional question to that: how then here in the polkit documentation you distinguish users?: Consider a local user berrange who has been granted permission to connect > to libvirt in full read-write mode. > 2018-04-12 11:01 GMT+03:00 Erik Skultety <eskultet@redhat.com>: > On Thu, Mar 22, 2018 at 08:17:15PM +0300, Anastasiya Ruzhanskaya wrote: >

Hello All! How to plot a image ( image function ) with restrictions, like a polygon?? Thanks in advance! Cleber N. Borges ##### problem example x <- y <- seq(-4*pi, 4*pi, len=27) r <- sqrt(outer(x^2, y^2, "+")) image( z ) contour(z, add = TRUE, drawlabels = FALSE) m=scan() 0.2 0.2 0.8 0.2 0.5 0.8 m = matrix(m,nr=3,byrow=T) polygon( m, lwd=5 )

Hi, I have encountered problem running virsh as non-root user. I am using eucalyptus software on top of KVM, eucalyptus requires to run virsh as non-root user. I've found that people had similiar issue posted in the list, but I didn't find the solution. I've tried few things. 1) put user eucalyptus in the libvirt group. 2) even changed owner /var/run/libvirt/libvirt-sock to