similar to: selinux policy for nginx

It says what it is my original post; that?s the output from audit2allow ?w (which is audit2why): Was caused by: The boolean allow_ypbind was set incorrectly. Description: Allow system to run with NIS Allow access by executing: # setsebool -P allow_ypbind 1 --- Mike VanHorn Senior Computer Systems Administrator College of Engineering and Computer Science Wright State University 265 Russ

On 6/6/17, 12:38 PM, "Daniel Walsh" <dwalsh at redhat.com> wrote: >I am asking if you run it again, does it change. If the boolean is set >the audit2why should say that the AVC is allowed. Well, if I just run audit2why again, it always tells me the same thing. However, I have now discovered that if I unset allow_ypbind, and then reset it to 1, audit2why then says

Hi, I'm currently fiddling with Nginx on CentOS 7. Eventually I want to use it instead of Apache on some servers. Apache works more or less out of the box with SELinux. My websites are all stored under /var/www, and ls -Z shows me that all files created under /var/www are correctly labeled httpd_sys_content_t. On my sandbox server I don't have Apache (httpd) installed, only Nginx

I recently began getting periodic emails from SEalert that SELinux is preventing /usr/libexec/qemu-kvm "getattr" access from the directory I store all my virtual machines for KVM. All VMs are stored under /vmstore , which is it's own mount point, and every file and folder under /vmstore currently has the correct context that was set by doing the following: semanage fcontext -a -t

Hello, how do people cope with constant SELinux errors like this from Fusion Passenger: 36886. 03/27/2013 14:20:05 ps unconfined_u:system_r:passenger_t:s0 2 file open system_u:system_r:udev_t:s0-s0:c0.c1023 denied 1922 36887. 03/27/2013 14:20:05 ps unconfined_u:system_r:passenger_t:s0 4 dir getattr unconfined_u:system_r:initrc_t:s0 denied 1927 36888. 03/27/2013 14:20:05 ps

I keep seeing this in my audit.logs: type=AVC msg=audit(1496336600.230:6): avc: denied { name_connect } for pid=2411 comm="dbus-daemon" dest=111 scontext=system_u:system_r:system_dbusd_t:s0-s0:c0.c1023 tcontext=system_u:object_r:portmap_port_t:s0 tclass=tcp_socket Was caused by: The boolean allow_ypbind was set incorrectly. Description: Allow system to run with NIS Allow

On 06/17/2015 04:03 PM, Jonathan Billings wrote: > On Wed, Jun 17, 2015 at 03:30:51PM -0400, Tim Dunphy wrote: >> No prob! Thanks for all the help! But in searching my system I don't find >> anything of the sort. >> >> [root at monitor2:~] #updatedb >> [root at monitor2:~] #locate myzabbix.te >> [root at monitor2:~] #find / -name "myzabbix.*"

Hi folks. Just wondering if I can change the ownership on the nginx logs folder so I can access them easier for analysis on a regular basis and cronjobs. /var/log/nginx is owned by nginx:nginx which shuts me out. Cheers, Bee

Hi List, I am looking for good multifunction (fax, scanner, ..) color network laser printer for Linux, any ideas? specs: - Linux, Windows and OSX support on printer and also on scanner. - A4 papersize http://multi.gnt.lt/Pages/brochures/HP/CM2320MFP-ENG.pdf ? thanks, -- Eero

First I know this is not a list for PHP or Nginx setup or something else but I'll give it a try and ask here for support I'm running a new server with PHP 5.5.18 and Nginx 1.6.2 through FPM/FastCGI. The server is working fine since I have other websites running on it. Now I'm trying to configure phpMyAdmin and I tried this: * 1. *Create a file under

I am getting tons of these messages since I updated to 4.2 Nov 12 12:21:39 srv1 dbus: Can't send to audit system: USER_AVC pid=2839 uid=81 loginuid=-1 message=avc: denied { send_msg } for scontext=user_u:system_r:unconfined_t tcontext=user_u:system_r:initrc_t tclass=dbus Now I can see this process... # ps aux|grep 2839 dbus 2839 0.0 0.3 16168 1888 ? Ssl Nov11 0:13 dbus-

I'm looking for suggestions as to a good general method of remote-logging services such as nginx or anything else which doesn't support syslog natively. I'm aware that there's an nginx patch, and we're evaluating this. It may be the way we fly. However there are other tools which may not have a patch for which remote logging would be useful. If there's a general soution

Hi, Anyone here using Nginx as alternative to apache in conjunction to php scripts? Care to share thoughts and caveats? I am reading that it is a good alternative but do not know the real life limitations, diferences to apache, which repo to fetch etc. -------------- next part -------------- An HTML attachment was scrubbed... URL:

Hi, I'm currently fiddling with Nginx to get acquainted with its various quirks and idiosyncrasies. I have a public CentOS 7 sandbox server, and I've tried various setups. Install the binary from EPEL, install various binaries from SCLo, build from source. I wonder which version is recommended for production use on CentOS 7. Any suggestions? Cheers & happy Christmas holidays,

Does anyone know whether the mongrel upload progress plugin works with nginx? It works fine for my app under pound, but not with nginx. I am using DRb to handle the uploads as detailed at http://mongrel.rubyforge.org/docs/upload_progress.html . If I am using pound I can see the uploads with irb -r lib/upload_client.rb , but cannot if I am using nginx. Does anyone know anything more about this

I?m trying to understand how the nginx mail proxy and dovecot work. As a I understand it, nginx can listen on a IP:port for IMAP connections. NGINX then can invoke a PHP script to do authorization and backend server selection. Does NGINX than proxy to the backend dovecot IMAP server all subsequent IMAP commands that the user?s mail client requests? Does the backend dovecot IMAP server do its

Hello all, I''m wondering if you deploy nginx: 1) on the same machine that runs unicorn (exclusively proxying to that) 2) on a different machine that doesn''t run unicorn 3) both, nginx could forward to either to localhost or another host on the same LAN And of course, the reason(s) you chose what you chose. I''m inclined to believe many folks are on 1) simply

Hi, I''ve created two Nginx patches (see at the end of this message) to allow a simpler Nginx configuration for your Mongrel puppetmasters. The two main issues with Nginx in front of puppet were: * no CRL support * no optional certificate verification (and thus we''re forced to have two separate configs on two different ports, and to use --ca_port). Now, it is as simple as

Folks- James Cox, Alexy Kovyrin and I all huddled up and got nginx working perfectly with mongrel cluster and rails page caching. So all static and cached files are served fast by nginx and anything not static gets sent to mongrel. http://brainspl.at/articles/2006/09/12/new-nginx-conf-with-rails-caching Cheers- -Ezra

Am 09.09.2018 um 14:49 schrieb Daniel Walsh <dwalsh at redhat.com>: > > On 09/08/2018 09:50 PM, Leon Fauster via CentOS wrote: >> Any SElinux expert here - briefly: >> >> # getenforce >> Enforcing >> >> # sesearch -ACR -s httpd_t -c file -p read |grep system_conf_t >> <no output> >> >> # sesearch -ACR -s httpd_t -c file