Displaying 20 results from an estimated 10000 matches similar to: "selinux"
2014 Dec 03
2
SEtroubleshootd Crashing
Mark: Labels look OK, restorecon has nothing to do, and:
-rwxr-xr-x. root root system_u:object_r:bin_t:s0 /bin/ps
dr-xr-xr-x. root root system_u:object_r:proc_t:s0 /proc
I'll send the audit log on to Dan.
Cheers,
John
On 2 December 2014 at 16:10, Daniel J Walsh <dwalsh at redhat.com> wrote:
> Could you send me a copy of your audit.log.
>
> You should not be
2014 Dec 03
1
SEtroubleshootd Crashing
Indeed, thanks Dan - it doesn't get us to a completely clean running that
would allow us to run our Node app as we are under Passenger with SELinux
enforcing, but it at least has stopped the excessive amount of AVCs we were
getting.
John
On 3 December 2014 at 10:01, Daniel J Walsh <dwalsh at redhat.com> wrote:
> Looks like turning on three booleans will solve most of the problem.
2014 Dec 02
2
SEtroubleshootd Crashing
I'll jump in here to say we'll try your suggestion, but I guess what's not
been mentioned is that we get the setroubleshoot abrt's only a few times a
day, but we're getting 10000s of setroubleshoot messages in
/var/log/messages a day.
e.g.
Dec 2 10:03:55 server audispd: queue is full - dropping event
Dec 2 10:04:00 server audispd: last message repeated 199 times
Dec 2
2011 Nov 01
1
SELinux and SETroubleshootd woes in CR
I'm setting up a dedicated database server, and since this will be a
central service to my various web servers I wanted it to be as secure as
possible...so I am leaving SELinux enabled. However I'm having trouble
getting Apache to use mod_auth_pam. I also now can't get setroubleshootd
working to send me notifications of the denials and provide tips to solve
the problem.
The Apache
2014 Dec 01
2
SEtroubleshootd Crashing
We are currently running libxml2-2.7.6-14.el6_5.2.x86_64
How far back would you suggest we go? would libxml2-2.7.6-14.el6_5.1.x86_64 be sufficient
-----Original Message-----
From: centos-bounces at centos.org [mailto:centos-bounces at centos.org] On Behalf Of Daniel J Walsh
Sent: 01 December 2014 15:10
To: CentOS mailing list
Subject: Re: [CentOS] SEtroubleshootd Crashing
I am not sure. I was
2014 Nov 28
2
SEtroubleshootd Crashing
When running Node.js through Phusion Passenger on Centos 6.5 ( Linux 2.6.32-431.23.3.el6.x86_64 #1 SMP Thu Jul 31 17:20:51 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux), with SELinux enabled in permissive mode we receive a large number of entries in the audit.log and setroubleshootd randomly crashes with the following error, We have resolved the selinux alerts by following the troubleshooting steps
2014 Dec 01
2
SEtroubleshootd Crashing
Thanks
Could you please clarify, which version libxml is broken and has there been a newer version released that will fix it.
-----Original Message-----
From: centos-bounces at centos.org [mailto:centos-bounces at centos.org] On Behalf Of Daniel J Walsh
Sent: 01 December 2014 14:58
To: CentOS mailing list
Subject: Re: [CentOS] SEtroubleshootd Crashing
This seems to be a problem with an updated
2014 Dec 02
0
SEtroubleshootd Crashing
Could you send me a copy of your audit.log.
You should not be getting hundreds of AVC's a day.
ausearch -m avc,user_avc -ts today
On 12/02/2014 05:08 AM, John Beranek wrote:
> I'll jump in here to say we'll try your suggestion, but I guess what's not
> been mentioned is that we get the setroubleshoot abrt's only a few times a
> day, but we're getting 10000s of
2014 Dec 03
0
SEtroubleshootd Crashing
Looks like turning on three booleans will solve most of the problem.
httpd_execmem, httpd_run_stickshift, allow_httpd_anon_write
On 12/03/2014 03:55 AM, John Beranek wrote:
> Mark: Labels look OK, restorecon has nothing to do, and:
>
> -rwxr-xr-x. root root system_u:object_r:bin_t:s0 /bin/ps
>
> dr-xr-xr-x. root root system_u:object_r:proc_t:s0 /proc
>
> I'll
2016 Dec 28
2
Help with httpd userdir recovery
On 28/12/16 21:24, m.roth at 5-cent.us wrote:
> Robert Moskowitz wrote:
>>
>>
>> On 12/28/2016 03:32 PM, J Martin Rushton wrote:
>>>
>>> On 28/12/16 20:11, Robert Moskowitz wrote:
>>>>
>>>> On 12/28/2016 01:53 PM, m.roth at 5-cent.us wrote:
>>>>> Robert Moskowitz wrote:
>>>>>> On 12/28/2016 05:11 AM,
2007 Jul 27
1
setroubleshoot w/o X?
Hi,
I recently discovered setroubleshoot, a wonderful tool that helps
diagnose and resolve selinux problems, even if you really do not
understand selinux. I need to read up on selinux and get to where
I understand it much better.
I'm wondering if there is a text only version of setroubleshoot that
runs on a minimal server configuration without X installed?
--
Drew Einhorn
--------------
2016 Dec 28
4
Help with httpd userdir recovery
On 12/28/2016 03:32 PM, J Martin Rushton wrote:
>
> On 28/12/16 20:11, Robert Moskowitz wrote:
>>
>> On 12/28/2016 01:53 PM, m.roth at 5-cent.us wrote:
>>> Robert Moskowitz wrote:
>>>> On 12/28/2016 05:11 AM, Todor Petkov wrote:
>>>>> On Wed, Dec 28, 2016 at 5:18 AM, Robert Moskowitz <rgm at htt-consult.com>
>>>>> wrote:
2007 Aug 16
1
SELinux questions, upon restarting BIND
Hi all,
On my newly up-and-running nameserver (CentOS 5), I noticed the
following alerts in /var/log/messages after restarting BIND. (lines
inserted to aid in reading).
As I'm new to SELinux, I'm hoping for some pointers on 1) if this is an
issue which simply *must* be addressed, or if it's something I should
live with, and 2) how to eliminate the warming messages without
sacrificing
2008 Jul 01
2
setroubleshoot
There is a setroubleshoot package that
runs under X, that really makes it a lot easier to troubleshoot
selinux, but I really don't want to run X on all my vms.
Does anyone here know of an equivalent that doesn't
require X?
--
Drew Einhorn
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
2016 Dec 28
2
Help with httpd userdir recovery
On 12/28/16, 3:09 PM, "CentOS on behalf of Robert Moskowitz" <centos-bounces at centos.org on behalf of rgm at htt-consult.com> wrote:
On 12/28/2016 06:05 PM, J Martin Rushton wrote:
>
> On 28/12/16 21:24, m.roth at 5-cent.us wrote:
>> Robert Moskowitz wrote:
>>>
>>> On 12/28/2016 03:32 PM, J Martin Rushton wrote:
>>>> On 28/12/16 20:11,
2014 May 05
2
Opendkim and SELinux
CentOS-6.5
OpenDKIM-2.9.0 (epel)
Postfix-2.6.6 (updates)
I am trying to get opendkim working with our mailing lists. In the course of
that endeavour I note that these messages are appearing in our syslog:
May 4 20:50:02 inet08 setroubleshoot: SELinux is preventing
/usr/sbin/opendkim from using the signull access on a process. For complete
SELinux messages. run sealert -l
2012 Sep 13
1
SELinux is preventing /bin/ps from search access
CentOS 6.3. *Just* updated, including most current selinux-policy and
selinux-policy-targeted. I'm getting tons of these, as in it's just
spitting them out when I tail -f /var/log/messages:
Sep 13 15:20:51 <server> setroubleshoot: SELinux is preventing /bin/ps
from search access on the directory @2. For complete SELinux messages. run
sealert -l d92ec78b-3897-4760-93c5-343a662fec67
2016 Dec 28
1
Help with httpd userdir recovery
On 12/28/16, 3:28 PM, "CentOS on behalf of Robert Moskowitz" <centos-bounces at centos.org on behalf of rgm at htt-consult.com> wrote:
On 12/28/2016 06:13 PM, Greg Cornell wrote:
> On 12/28/16, 3:09 PM, "CentOS on behalf of Robert Moskowitz" <centos-bounces at centos.org on behalf of rgm at htt-consult.com> wrote:
>
>
>
> On 12/28/2016 06:05 PM, J
2012 Nov 28
2
apache, passenger, and selinux
I seem to have quieted some, but I'm still getting noise from selinux.
Here's one that really puzzles me: my users have a ruby app with passenger
running. However, one of the sealerts gives me:
sealert -l 5a02b0a1-8512-4f71-b1c8-70a40b090a9d
SELinux is preventing /bin/chmod from using the fowner capability.
***** Plugin catchall_boolean (89.3 confidence) suggests
*******************
2007 May 30
2
Centos 5 OpenVPN / SElinux
Hi,
I'm running Centos 5 32bit and installed openvpn-2.0.9-1.el5.rf from
Dag Wieers Repo. When OpenVPN is started during boot-up it just shows
an SElinux related error message. When I start OpenVPN manually after
the system has come up completely it works fine.
Here are all the messages from /var/log/messages that are SElinux related:
May 28 21:39:15 srsblnfw01 kernel: