similar to: setroubleshoot bug returns?

Does anyone recognize this sort of message or have any idea what might cause it? May 28 11:00:06 inet09 setroubleshoot: [avc.ERROR] Plugin Exception catchall #012Traceback (most recent call last):#012 File "/usr/lib64/python2.6/site-packages/setroubleshoot/analyze.py", line 191, in analyze_avc#012 report = plugin.analyze(avc)#012 File

I am seeing these in the log of one of our off-site NX hosts running CentOS-6.6. type=AVC msg=audit(1421683972.786:4372): avc: denied { create } for pid=22788 comm="iptables" scontext=system_u:system_r:fail2ban_t:s0 tcontext=system_u:system_r:fail2ban_t:s0 tclass=rawip_socket Was caused by: Missing type enforcement (TE) allow rule. You can use

I'm setting up a dedicated database server, and since this will be a central service to my various web servers I wanted it to be as secure as possible...so I am leaving SELinux enabled. However I'm having trouble getting Apache to use mod_auth_pam. I also now can't get setroubleshootd working to send me notifications of the denials and provide tips to solve the problem. The Apache

CentOS Errata and Security Advisory 2015:0729 Important Upstream details at : https://rhn.redhat.com/errata/RHSA-2015-0729.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: 337223226372dd0f7c8738eb4a42146bcbe5a7e73be7554b8a50dfbc56e33f23 setroubleshoot-3.0.47-6.el6_6.1.i686.rpm

CentOS Errata and Security Advisory 2016:1267 Important Upstream details at : https://rhn.redhat.com/errata/RHSA-2016-1267.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: 6162d2040eee1d468be25455dff5505b881b0e843848a0d770b47f8f7b6de9fe setroubleshoot-3.0.47-12.el6_8.i686.rpm

CentOS Errata and Bugfix Advisory 2014:1896 Upstream details at : https://rhn.redhat.com/errata/RHBA-2014-1896.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) x86_64: 7b560fad03a31da9fd4db79e1aa7bad3a5bc0f64d81ec54fe18592ab958ed8b6 setroubleshoot-3.2.17-3.el7.i686.rpm

CentOS Errata and Security Advisory 2015:0729 Important Upstream details at : https://rhn.redhat.com/errata/RHSA-2015-0729.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: 216f2cf3534c6a8f8e1be41f68d5f5259b03bfacdbaeaa7b325db24b44c04888 setroubleshoot-2.0.5-7.el5_11.noarch.rpm

CentOS Errata and Security Advisory 2015:0729 Important Upstream details at : https://rhn.redhat.com/errata/RHSA-2015-0729.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) x86_64: e212780d7247c3913fc6f60d698827e7e947b96ecc84b9ce0519db5a54ae9ce2 setroubleshoot-3.2.17-4.1.el7_1.x86_64.rpm

CentOS Errata and Security Advisory 2016:1267 Important Upstream details at : https://rhn.redhat.com/errata/RHSA-2016-1267.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: 3b8bbdeaf83bf2ae720395dd7ea13c3946f439e85bc60731f54414d85beb8a90 setroubleshoot-plugins-3.0.40-3.1.el6_8.noarch.rpm x86_64:

CentOS Errata and Security Advisory 2016:1293 Important Upstream details at : https://rhn.redhat.com/errata/RHSA-2016-1293.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) x86_64: ab00345bf65003461140071b468ebe13fb420e3feaa1d279f53bec2f55f99731 setroubleshoot-3.2.24-4.el7_2.x86_64.rpm

Hi, I recently discovered setroubleshoot, a wonderful tool that helps diagnose and resolve selinux problems, even if you really do not understand selinux. I need to read up on selinux and get to where I understand it much better. I'm wondering if there is a text only version of setroubleshoot that runs on a minimal server configuration without X installed? -- Drew Einhorn --------------

CentOS Errata and Security Advisory 2016:1293 Important Upstream details at : https://rhn.redhat.com/errata/RHSA-2016-1293.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) x86_64: 82bfcffd7f86229a7fac7fdca6bb8d4c0b9db561ce1d5dfd0343117b09856a09 setroubleshoot-plugins-3.0.59-2.el7_2.noarch.rpm Source:

There is a setroubleshoot package that runs under X, that really makes it a lot easier to troubleshoot selinux, but I really don't want to run X on all my vms. Does anyone here know of an equivalent that doesn't require X? -- Drew Einhorn -------------- next part -------------- An HTML attachment was scrubbed... URL:

Hi, I'm running Centos 5 32bit and installed openvpn-2.0.9-1.el5.rf from Dag Wieers Repo. When OpenVPN is started during boot-up it just shows an SElinux related error message. When I start OpenVPN manually after the system has come up completely it works fine. Here are all the messages from /var/log/messages that are SElinux related: May 28 21:39:15 srsblnfw01 kernel:

Hello List, after the last update I have a selinux "Problem" with dovecot. My system is a centos 7. After a new start from dovecot selinux block a connection. Jul 12 16:24:24 mx01 systemd: Starting Dovecot IMAP/POP3 email server... Jul 12 16:24:54 mx01 systemd: Started Dovecot IMAP/POP3 email server. Jul 12 16:24:54 mx01 dovecot: Warning: Corrected permissions for login directory

Could you send me a copy of your audit.log. You should not be getting hundreds of AVC's a day. ausearch -m avc,user_avc -ts today On 12/02/2014 05:08 AM, John Beranek wrote: > I'll jump in here to say we'll try your suggestion, but I guess what's not > been mentioned is that we get the setroubleshoot abrt's only a few times a > day, but we're getting 10000s of

Looks like turning on three booleans will solve most of the problem. httpd_execmem, httpd_run_stickshift, allow_httpd_anon_write On 12/03/2014 03:55 AM, John Beranek wrote: > Mark: Labels look OK, restorecon has nothing to do, and: > > -rwxr-xr-x. root root system_u:object_r:bin_t:s0 /bin/ps > > dr-xr-xr-x. root root system_u:object_r:proc_t:s0 /proc > > I'll

Indeed, thanks Dan - it doesn't get us to a completely clean running that would allow us to run our Node app as we are under Passenger with SELinux enforcing, but it at least has stopped the excessive amount of AVCs we were getting. John On 3 December 2014 at 10:01, Daniel J Walsh <dwalsh at redhat.com> wrote: > Looks like turning on three booleans will solve most of the problem.

Mark: Labels look OK, restorecon has nothing to do, and: -rwxr-xr-x. root root system_u:object_r:bin_t:s0 /bin/ps dr-xr-xr-x. root root system_u:object_r:proc_t:s0 /proc I'll send the audit log on to Dan. Cheers, John On 2 December 2014 at 16:10, Daniel J Walsh <dwalsh at redhat.com> wrote: > Could you send me a copy of your audit.log. > > You should not be

I'll jump in here to say we'll try your suggestion, but I guess what's not been mentioned is that we get the setroubleshoot abrt's only a few times a day, but we're getting 10000s of setroubleshoot messages in /var/log/messages a day. e.g. Dec 2 10:03:55 server audispd: queue is full - dropping event Dec 2 10:04:00 server audispd: last message repeated 199 times Dec 2