similar to: Learning SELINUX management, help?

Hey guys, I've been getting some strange selinux messages after the 5.3 upgrade. It appears as though my mail system (postfix) is constantly trying to access the rpm database? Here's the audit messages (I tend to look at my selinux messages using audit2allow < /var/log/audit.log as I find it easier to read quickly): allow postfix_postdrop_t rpm_t:tcp_socket { read write }; allow

Hi all, On my newly up-and-running nameserver (CentOS 5), I noticed the following alerts in /var/log/messages after restarting BIND. (lines inserted to aid in reading). As I'm new to SELinux, I'm hoping for some pointers on 1) if this is an issue which simply *must* be addressed, or if it's something I should live with, and 2) how to eliminate the warming messages without sacrificing

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi folks, Im trying to get the sealert browser to show up on my desktop, but I cant get it to work. I have installed all setroubleshoot packages, which provides sealert and im running sealert -b from the command line over a GUI session on gnome and nothing happens. Any ideas? Jeronimo Calvo jeronimocalvop at hush.com -----BEGIN PGP

CentOS-6.5 OpenDKIM-2.9.0 (epel) Postfix-2.6.6 (updates) I am trying to get opendkim working with our mailing lists. In the course of that endeavour I note that these messages are appearing in our syslog: May 4 20:50:02 inet08 setroubleshoot: SELinux is preventing /usr/sbin/opendkim from using the signull access on a process. For complete SELinux messages. run sealert -l

CentOS 6.3. *Just* updated, including most current selinux-policy and selinux-policy-targeted. I'm getting tons of these, as in it's just spitting them out when I tail -f /var/log/messages: Sep 13 15:20:51 <server> setroubleshoot: SELinux is preventing /bin/ps from search access on the directory @2. For complete SELinux messages. run sealert -l d92ec78b-3897-4760-93c5-343a662fec67

I hadn't paid attention when one or two folks recently posted this, but it's hit us, also: $ sealert -l d1655210-f43c-4737-98dc-86b6aac82bb6 Entity: line 53: parser error : Input is not proper UTF-8, indicate encoding ! Bytes: 0x99 0x3C 0x2F 0x74 <tpath>`</tpath> ^ failed to connect to server: xmlParseDoc() failed I tried reinstalling

On 28/12/16 21:24, m.roth at 5-cent.us wrote: > Robert Moskowitz wrote: >> >> >> On 12/28/2016 03:32 PM, J Martin Rushton wrote: >>> >>> On 28/12/16 20:11, Robert Moskowitz wrote: >>>> >>>> On 12/28/2016 01:53 PM, m.roth at 5-cent.us wrote: >>>>> Robert Moskowitz wrote: >>>>>> On 12/28/2016 05:11 AM,

I'll jump in here to say we'll try your suggestion, but I guess what's not been mentioned is that we get the setroubleshoot abrt's only a few times a day, but we're getting 10000s of setroubleshoot messages in /var/log/messages a day. e.g. Dec 2 10:03:55 server audispd: queue is full - dropping event Dec 2 10:04:00 server audispd: last message repeated 199 times Dec 2

Indeed, thanks Dan - it doesn't get us to a completely clean running that would allow us to run our Node app as we are under Passenger with SELinux enforcing, but it at least has stopped the excessive amount of AVCs we were getting. John On 3 December 2014 at 10:01, Daniel J Walsh <dwalsh at redhat.com> wrote: > Looks like turning on three booleans will solve most of the problem.

On 12/28/2016 03:32 PM, J Martin Rushton wrote: > > On 28/12/16 20:11, Robert Moskowitz wrote: >> >> On 12/28/2016 01:53 PM, m.roth at 5-cent.us wrote: >>> Robert Moskowitz wrote: >>>> On 12/28/2016 05:11 AM, Todor Petkov wrote: >>>>> On Wed, Dec 28, 2016 at 5:18 AM, Robert Moskowitz <rgm at htt-consult.com> >>>>> wrote:

Mark: Labels look OK, restorecon has nothing to do, and: -rwxr-xr-x. root root system_u:object_r:bin_t:s0 /bin/ps dr-xr-xr-x. root root system_u:object_r:proc_t:s0 /proc I'll send the audit log on to Dan. Cheers, John On 2 December 2014 at 16:10, Daniel J Walsh <dwalsh at redhat.com> wrote: > Could you send me a copy of your audit.log. > > You should not be

On 12/28/16, 3:09 PM, "CentOS on behalf of Robert Moskowitz" <centos-bounces at centos.org on behalf of rgm at htt-consult.com> wrote: On 12/28/2016 06:05 PM, J Martin Rushton wrote: > > On 28/12/16 21:24, m.roth at 5-cent.us wrote: >> Robert Moskowitz wrote: >>> >>> On 12/28/2016 03:32 PM, J Martin Rushton wrote: >>>> On 28/12/16 20:11,

On 12/28/16, 3:28 PM, "CentOS on behalf of Robert Moskowitz" <centos-bounces at centos.org on behalf of rgm at htt-consult.com> wrote: On 12/28/2016 06:13 PM, Greg Cornell wrote: > On 12/28/16, 3:09 PM, "CentOS on behalf of Robert Moskowitz" <centos-bounces at centos.org on behalf of rgm at htt-consult.com> wrote: > > > > On 12/28/2016 06:05 PM, J

All of a sudden, Virtual Machine Manager (VMM) on a CentOS 5.7 load will no longer run any VMs. The VM worked A-OK on the morning of 23 Feb, when I brought it up, applied the Microsoft updates, rebooted it, installed an application, rebooted again and ran several tests. Later that day, it wouldn't run. I didn't have time to diagnose, so I did some investigation a few minutes ago. Working

I recently setup my Puppetmaster server to run through Passenger via Apache instead of on the default webrick web server. SELinux made that not work and I've found some documentation on making rules to allow it however mine won't load. This is the policy I found via this website, http://sandcat.nl/~stijn/2012/01/20/selinux-passenger-and-puppet-oh-my/comment-page-1/ . module

Following a hard drive corruption I have reinstalled the latest version of CentOS and all current patch files. For most applications I selected the default options. By doing this I expected that the packages would play nice with one another and I could customize as necessary. Setting SELinux to enforce I encountered all sorts of problems - but most were resolvable, save for Dovecot,

Hi, I'm running CentOS 7 on an Internet-facing server. SELinux is in permissive mode for debugging. I've removed FirewallD and replaced it with a custom-made Iptables script. I've also installed and configured Fail2ban (fail2ban-server package) to protect the server from brute force attacks. Out of the box, Fail2ban doesn't seem to play well with SELinux. Here's what I

As this remains an issue for me, I'm reposting. Please forgive the redundancy, but I've been unable to find the answer and am hoping for some guidance. Thanks in advance, ~Ray ==========Original Posts follow========== (full output is in the original thread) Ray Leventhal wrote: > > Hi all, > > > > On my newly up-and-running nameserver (CentOS 5), I noticed the >

CentOS-6.6 Postfix-2.11.1 (local) ClamAV-0.98.5 (epel) Amavisd-new-2.9.1 (epel) opendkim-2.9.0 (centos) pypolicyd-spf-1.3.1 (epel) /var/log/maillog Dec 11 16:52:09 inet18 setroubleshoot: SELinux is preventing /usr/bin/perl from read access on the file online. For complete SELinux messages. run sealert -l 62006e35-dcc8-4a4f-8e10-9f34757f3a4a Dec 11 16:52:10 inet18 setroubleshoot: SELinux is

Hi, I'm running Centos 5 32bit and installed openvpn-2.0.9-1.el5.rf from Dag Wieers Repo. When OpenVPN is started during boot-up it just shows an SElinux related error message. When I start OpenVPN manually after the system has come up completely it works fine. Here are all the messages from /var/log/messages that are SElinux related: May 28 21:39:15 srsblnfw01 kernel: