Displaying 20 results from an estimated 10000 matches similar to: "X11 connection rejected because of wrong authentication"
2012 Sep 13
1
SELinux is preventing /bin/ps from search access
CentOS 6.3. *Just* updated, including most current selinux-policy and
selinux-policy-targeted. I'm getting tons of these, as in it's just
spitting them out when I tail -f /var/log/messages:
Sep 13 15:20:51 <server> setroubleshoot: SELinux is preventing /bin/ps
from search access on the directory @2. For complete SELinux messages. run
sealert -l d92ec78b-3897-4760-93c5-343a662fec67
2011 Dec 20
1
SELinux is preventing /usr/bin/chcon "mac_admin" access
CentOS-6.1 KVM guest on CentOS-6.1 host.
I am seeing this SEAlert in the /var/log/audit/audit.log
file a new guest immediately after startup. Can someone
tell me what it means and what I should do about it? A
Google search reveals a number of Fedora issues with
similar errors dating back a few years; most of which seem
to have something to do with package ownership.
This guest starts without
2008 Jul 01
2
setroubleshoot
There is a setroubleshoot package that
runs under X, that really makes it a lot easier to troubleshoot
selinux, but I really don't want to run X on all my vms.
Does anyone here know of an equivalent that doesn't
require X?
--
Drew Einhorn
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
2010 Feb 26
8
[Bug 1718] New: Spurious messages "X11 connection rejected because of wrong authentication."
https://bugzilla.mindrot.org/show_bug.cgi?id=1718
Summary: Spurious messages "X11 connection rejected because of
wrong authentication."
Product: Portable OpenSSH
Version: 5.3p1
Platform: Other
OS/Version: Linux
Status: NEW
Severity: normal
Priority: P2
Component: ssh
2007 Dec 17
2
Digest Subcriber needs help with SELinux file context setting
CentOS-5.1
I need some help with setting up the SELinux context for a custom httpd
directory so that I can write log files into it. This is what I have:
In my virtual host config file:
RewriteEngine on
RewriteLog /etc/httpd/virtual.d/trac-rewrite.log
# RewriteLogLevel 0=off 1=basic 2=verbose 3+=module developer debuging
RewriteLogLevel 0
If /etc/httpd/virtual.d/trac-rewrite.log does
2014 May 05
2
Opendkim and SELinux
CentOS-6.5
OpenDKIM-2.9.0 (epel)
Postfix-2.6.6 (updates)
I am trying to get opendkim working with our mailing lists. In the course of
that endeavour I note that these messages are appearing in our syslog:
May 4 20:50:02 inet08 setroubleshoot: SELinux is preventing
/usr/sbin/opendkim from using the signull access on a process. For complete
SELinux messages. run sealert -l
2012 Jul 04
2
Strange alterations to vim and related packages on KVM host
OS CentOS-6.2 with updates to present.
I use git on this host to manage configuration changes and to monitor
package alterations. This is not meant to be a security check. It is
simply a way for me to easily recover from fumble fingered
configuration changes.
Yesterday git status reported that the following files had changed
since the previous commit:
# modified: ../usr/bin/gdb
#
2001 Jul 21
5
Failed X11 authentication does the wrong thing
Hi,
if I do the following:
ssh -X localhost
su - another_user
xterm
I get:
X connection to ming:10.0 broken (explicit kill or server shutdown).
Where what is really wanted was something like:
Xlib: connection to ":0.0" refused by server
Xlib: Client is not authorized to connect to Server
xterm Xt error: Can't open display: :0.0
'tis easy to reproduce the bug, but the debug
2001 Nov 14
5
X11 forwards and libwrap support
Hi!
Is there any reason why support for the libwrap code isn't included
in the X11 forwarding code? I'd like to restrict access to that
port.
How many applications would break if the tcp port
would be closed and only the unix-domain socket would be available?
It's true that x11 forwardings can be considered as a security
risk and they are disabled because of that by default.
I
2009 Apr 30
2
Defaults of CentOS Install not working with SELinux
Following a hard drive corruption I have reinstalled the latest
version of CentOS and all current patch files.
For most applications I selected the default options. By doing this I
expected that the packages would play nice with one another and I
could customize as necessary.
Setting SELinux to enforce I encountered all sorts of problems - but
most were resolvable, save for Dovecot,
1999 Nov 28
2
gnuclient X11 & openssh
The following message is a courtesy copy of an article
that has been posted to comp.emacs.xemacs as well.
[This message has been CC'ed to the OpenSSH list in a plea to at least
consider supporting more advanced usages of Xauth]
Chris Green <sprout at dok.org> writes:
> Its not configurable behavior. It always generates a new random file
> in /tmp.
Then they should probably
2004 Feb 28
4
[Bug 803] Security Bug: X11 Forwarding is more powerful than it needs to be.
http://bugzilla.mindrot.org/show_bug.cgi?id=803
Summary: Security Bug: X11 Forwarding is more powerful than it
needs to be.
Product: Portable OpenSSH
Version: -current
Platform: All
OS/Version: All
Status: NEW
Severity: major
Priority: P2
Component: ssh
AssignedTo: openssh-bugs
2015 Aug 05
26
[Bug 2440] New: X11 connection will fail if user's home directory is read-only
https://bugzilla.mindrot.org/show_bug.cgi?id=2440
Bug ID: 2440
Summary: X11 connection will fail if user's home directory is
read-only
Product: Portable OpenSSH
Version: 6.8p1
Hardware: Sparc
OS: Solaris
Status: NEW
Severity: normal
Priority: P5
Component: sshd
2002 May 07
1
X11 forwarding and LBX
So I'm working from home today, and for the first time I've tried
running Evolution over a forwarded X11 connection. Even though work has
a T1 and I have 640k at home, and ssh is compressing, it's ... rather
slow.
So I fire off lbxproxy and try to run an xterm to see if it works. No
dice, authentication denied.
Does anybody have any experience with this? Is it possible to run
2014 Dec 03
1
SEtroubleshootd Crashing
Indeed, thanks Dan - it doesn't get us to a completely clean running that
would allow us to run our Node app as we are under Passenger with SELinux
enforcing, but it at least has stopped the excessive amount of AVCs we were
getting.
John
On 3 December 2014 at 10:01, Daniel J Walsh <dwalsh at redhat.com> wrote:
> Looks like turning on three booleans will solve most of the problem.
2014 Dec 09
1
CentOS-6.6 - Selinux and Postfix-2.11.1
Applied policy update. Now I see these occasionally. But by the time I try and
see what the matter is the file is gone:
/var/log/maillog
. . .
Dec 9 15:12:08 inet08 postfix/smtp[3670]: fatal: shared lock
active/0A7EC60D8A: Resource temporarily unavailable
. . .
Dec 9 15:12:08 inet08 postfix/smtp[3758]: fatal: shared lock
active/8DD5060F81: Resource temporarily unavailable
. . .
Dec 9 15:12:09
2018 May 23
1
Vsftpd vs. iptables firewall script
Le 23/05/2018 ? 16:58, m.roth at 5-cent.us a ?crit?:
> A suggestion: once you've got the firewall issue dealt with, set selinux
> into permissive mode; *then* you can figure out what it's complaining
> about, while at the same time, your system will be available. Once you've
> fixed those issues, then you can make it enforcing.
This is always my approach. Turns out the
2007 Apr 20
2
Learning SELINUX management, help?
OK, so setup CENTOS-5 on a laptop to learn about Xen stuff.
KDE Desktop, wanted to print the virt.108.com xen howto.
Needed to setup printer first.
Open KDE control center, go to printers.
Hear error sound, message says
"Unable to retrieve the printer list....
Connection to CUPS server failed. ..."
So I check to see that cups is running (it is).
I check /var/log/messages
2014 Dec 03
2
SEtroubleshootd Crashing
Mark: Labels look OK, restorecon has nothing to do, and:
-rwxr-xr-x. root root system_u:object_r:bin_t:s0 /bin/ps
dr-xr-xr-x. root root system_u:object_r:proc_t:s0 /proc
I'll send the audit log on to Dan.
Cheers,
John
On 2 December 2014 at 16:10, Daniel J Walsh <dwalsh at redhat.com> wrote:
> Could you send me a copy of your audit.log.
>
> You should not be
2012 Jun 21
6
reinventing the wheel? page checker
Not sure if there is an app like this yet.
I want to keep tabs on my web applications and thought of using a 'page
checker'/
I was thinking either running a sum on the directory or each file...but
thinking a simple date check would
be fine.
The idea is web application, except the uploads area for photos, never
has changes to its files except when I change it.
However, if it gets