similar to: centos6 selinux-policy-targeted not getting installed properly from kickstart

I want you all to see what I went through trying to simply reassign (unsuccessfully) the context of a well-known port. To the best of my ability to recall none of the packages mentioned below are even installed on the host in question. Why are these dependices preventing me from removing a disused SELinux policy. I have done exactly that, reassign port contexts, in the past without encountering

Hello, I'm trying to run Nagios 3.0.6 on CentOS 5.2 with SELinux in enforcing mode but it is not working. I'm using the following packages: httpd-2.2.3-11.el5_2.centos.4 nagios-3.0.6-1.el5.rf nagios-plugins-1.4.12-1.el5.rf I followed the steps bellow to try to create a selinux policy to Nagios but it is failing. Any help, please? # setenforce Permissive # service nagios start #

> > Try something like: > grep zabbix /var/log/audit/audit.log | audit2allow -M zabbix > semodule -i zabbix.pp Thanks for your response! However this is what happens when I try to install the module: [root at monitor2:~] #semodule -i zabbix.pp libsepol.print_missing_requirements: zabbix's global requirements were not met: type/attribute zabbix_t (No such file or directory).

> > That's because there's already a zabbix module loaded (the message isn't > very informative!). I forgot that the received wisdom is to insert "my" in > front of ones own modules i.e.: > grep zabbix /var/log/audit/audit.log | audit2allow -M myzabbix > semodule -i myzabbix.pp Hmm no luck there either: [root at monitor2:~] #semodule -i myzabbix.pp

On 17/06/15 15:27, Tim Dunphy wrote: >> Try something like: >> grep zabbix /var/log/audit/audit.log | audit2allow -M zabbix >> semodule -i zabbix.pp > > > Thanks for your response! However this is what happens when I try to > install the module: > > [root at monitor2:~] #semodule -i zabbix.pp > libsepol.print_missing_requirements: zabbix's global

Hey folks, Ok so I'm having another issue with SELinux. However I think I'm pretty close to a solution and just need a nudge in the right directtion. I wrote a puppet module that gets systems into bacula backups. Part of the formula is to distribute key/cert pairs with permissions that allow bacula to read them so that bacula can talk to the host over TLS. It's pretty slick, I must

I'm busy setting up amavisd-new on a CentOS 5.0 box - and believe I've got it working well enough that I can switch selinux enforcing back on again. I've done the usual- - grab a chunk of the audit.log that is relevant to all the actions that would be denied. - do 'cat audit.log | audit2allow -M amavis' to generate the module - amavis.te looks like: module amavis 1.0;

> Am 20.11.2020 um 19:50 schrieb lejeczek via CentOS <centos at centos.org>: > > hi guys > > I've just gotten a bunch of updates via yum and something > weird seems to be going on after the update. > System has: > > selinux-policy-3.13.1-268.el7_9.2.noarch > selinux-policy-targeted-3.13.1-268.el7_9.2.noarch > > actually three different boxes, all

I recently setup my Puppetmaster server to run through Passenger via Apache instead of on the default webrick web server. SELinux made that not work and I've found some documentation on making rules to allow it however mine won't load. This is the policy I found via this website, http://sandcat.nl/~stijn/2012/01/20/selinux-passenger-and-puppet-oh-my/comment-page-1/ . module

Updating a system from CentOS 5.4 (current) to 5.5, and I see: libsepol.scope_copy_callback: zosremote: Duplicate declaration in module: type/attribute zos_remote_t libsemanage.semanage_link_sandbox: Link packages failed semodule: Failed! Any ideas as to what's going on, or why? mark "glad selinux is disabled on that box"

CentOS release 5.4 (Final) I run pppd on this system, it accepts dial-in connections, logs people in over ssh/sftp. I had selinux disabled on this system originally, but I recently enabled it, and selinux is blocking this pppd service. "audit2allow -M" has generated the following policy based on AVC denial messages: module fixdialinserver 1.0; require { type pppd_t;

Hi, I've got a Centos 5 box (recently replaced a Centos4 box of the same function). The means of applying custom SELinux policy has changed somewhat from 4->5. I've got it mostly figured out; I have a local.te file with my custom policy and also which defines a few new file types, and a local.fc with appropriate defintions of file contexts. When I run: # checkmodule -M -m -o

hi guys I've just gotten a bunch of updates via yum and something weird seems to be going on after the update. System has: selinux-policy-3.13.1-268.el7_9.2.noarch selinux-policy-targeted-3.13.1-268.el7_9.2.noarch actually three different boxes, all the same: $ semodule -l No modules. and an attempt to install modules fails: $ semodule -i openvpn.pp Failed to resolve typeattributeset

On Thu, Mar 18, 2010 at 6:05 PM, Aleksey Tsalolikhin <atsaloli.tech at gmail.com> wrote: > CentOS release 5.4 (Final) > > I run pppd on this system, it accepts dial-in connections, logs people > in over ssh/sftp. > > I had selinux disabled on this system originally, but I recently > enabled it, and selinux > is blocking this pppd service. > > "audit2allow

Hi all, Note: selinux was in permissive prior to error Got this with a yum update: abrt_version: 2.0.8 cgroup: cmdline: semodule -n -r oracle-port -b base.pp.bz2 -i accountsd.pp.bz2 ada.pp.bz2 cachefilesd.pp.bz2 cpufreqselector.pp.bz2 chrome.pp.bz2 awstats.pp.bz2 abrt.pp.bz2 aiccu.pp.bz2 amanda.pp.bz2 afs.pp.bz2 apache.pp.bz2 arpwatch.pp.bz2 audioentropy.pp.bz2 asterisk.pp.bz2

Hi, how do I allow lighttpd access to a directory like this: dr-xrwxr-x. lighttpd example unconfined_u:object_r:samba_share_t:s0 files_articles I tried to create and install a selinux module, and it didn?t work. The non-working module can not be removed, either: semodule -r lighttpd-files_articles.pp libsemanage.semanage_direct_remove_key: Unable to remove module lighttpd-files_articles.pp at

On Wed, December 17, 2014 05:07, Patrick Bervoets wrote: > Hi, > > On an internal webserver (latest C6) I want smb-access to /var/www/html/ > In april I did > chcon -R -t public_content_rw_t /var/www/html/ > setsebool -P allow_smbd_anon_write 1 > setsebool -P allow_httpd_anon_write 1 > echo "/var/www/html/ --

Hey guys,. I have a centos 7 machine I'm using as a zabbix server. And I noticed that apache won't start, with this complaint in the error log: (13)Permission denied: AH00091: httpd: could not open error log file /var/log/zabbix_error_log. AH00015: Unable to open logs I tried having a look at audit2allow and this is the response I get back: [root at monitor2:/etc/httpd] #grep http

On 04/25/2017 06:45 PM, Gordon Messmer wrote: > On 04/25/2017 01:58 AM, Laurent Wandrebeck wrote: >> Quick?n?(really) dirty SELinux howto: > > > Alternate process: > > 1: setenforce permissive > 2: tail -f /var/log/audit/audit.log | grep AVC > 3: use the service, exercise each function that's constrained by the > existing policy > 4: copy and paste the

Trying to add SELinux support to my bitcoin package. Keep getting this on install: SELinux: Could not downgrade policy file /etc/selinux/targeted/policy/policy.29, searching for an older version. SELinux: Could not open policy file <= /etc/selinux/targeted/policy/policy.29: No such file or directory /sbin/load_policy: Can't load policy: No such file or directory