Displaying 20 results from an estimated 200 matches similar to: "CentOS-6.6 - Selinux and Postfix-2.11.1"
2014 May 05
2
Opendkim and SELinux
CentOS-6.5
OpenDKIM-2.9.0 (epel)
Postfix-2.6.6 (updates)
I am trying to get opendkim working with our mailing lists. In the course of
that endeavour I note that these messages are appearing in our syslog:
May 4 20:50:02 inet08 setroubleshoot: SELinux is preventing
/usr/sbin/opendkim from using the signull access on a process. For complete
SELinux messages. run sealert -l
2014 Nov 25
2
CentOS-5.10 Sendmail STARTTLS error
This morning I discovered this in the logwatch report for our external MX
backup host.
STARTTLS: write error=syscall error (-1), errno=32,
get_error=error:00000000:lib(0):func(0):reason(0), retry=99, ssl_err=5: 206
Time(s)
I also see many entries similar to this:
8: fl=0x802, mode=140777: SOCK
inet04.mississauga.harte-lyne.ca/34091->(Transport endpoint is not connected):
1 Time(s)
2012 May 30
1
need assist with upstart config problem
I am trying, without success, to create an upstart config file to
automatically start and restart an ssh proxy. The command sting that
I use in the script has been checked and verified from the shell but
it fails in the upstart file.
The file contents are:
. . .
# proxy is used to authenticate smtp submissions
# so start it before the postfix service starts
start on starting postfix
# Take
2018 Oct 12
0
Restarting Named on CentOS-6 gives SE Error
Restarting one of our named services produces this entry in the system
log file:
Oct 12 08:47:45 inet08 setroubleshoot: SELinux is preventing
/usr/sbin/named from search access on the directory . For complete
SELinux messages. run sealert -l 9eabadb9-0e03-4238-bdb8-c5204333a0bf
Checking the selinux incident reference shows this:
# sealert -l 9eabadb9-0e03-4238-bdb8-c5204333a0bf
SELinux is
2014 May 12
1
OpenDKIM and SELinux
Following the most recent kernel updates I restarted our outgoing SMTP MTA
which was recently reconfigured to DKIM sign messages using OpenDKIM. This
morning I discovered that Postfix had stopped on that server. Whether it is
related to the Postfix issue or not is yet to be determined but, in the
process of getting things restarted I ran across this error with Open DKIM:
# service opendkim
2014 Nov 25
0
CentOS-5.10 Sendmail STARTTLS error
Am 25.11.2014 um 21:39 schrieb James B. Byrne:
> This morning I discovered this in the logwatch report for our external MX
> backup host.
>
>
> STARTTLS: write error=syscall error (-1), errno=32,
> get_error=error:00000000:lib(0):func(0):reason(0), retry=99, ssl_err=5: 206
> Time(s)
>
>
>
> I also see many entries similar to this:
>
>
>
> 8:
2015 Jan 19
2
CentOS-6.6 Fail2Ban and Postfix Selinux AVCs
I am seeing these in the log of one of our off-site NX hosts running
CentOS-6.6.
type=AVC msg=audit(1421683972.786:4372): avc: denied { create } for
pid=22788 comm="iptables" scontext=system_u:system_r:fail2ban_t:s0
tcontext=system_u:system_r:fail2ban_t:s0 tclass=rawip_socket
Was caused by:
Missing type enforcement (TE) allow rule.
You can use
2014 Apr 23
1
SELInux and POSTFIX
Installed Packages
Name : postfix
Arch : x86_64
Epoch : 2
Version : 2.6.6
Release : 6.el6_5
Size : 9.7 M
Repo : installed
>From repo : updates
I am seeing several of these in our maillog file after a restart of the
Postfix service:
Apr 23 12:48:27 inet08 setroubleshoot: SELinux is preventing
/usr/libexec/postfix/smtp from 'read, write'
2012 Mar 22
1
CentOS-6, Postfix and Mailman
We have a bunch of lists hosted on a CentOS-4.9 server
running sendmail and mailman that we are moving to a
CentOS-6 vm running postfix and mailman. I am testing the
setup and I am running into a problem no doubt caused by
my own ignorance wrt postfix.
Based on groking the web I discovered that the recommended
way to configure postfix to work with mailman is a script
called
2014 Aug 21
1
Centos 7 lockup
A machine I set up to run OpenNMS stopped working last night - no
hardware alarm lights, but keyboard/monitor/network unresponsive.
After a reboot I see a large stack of messages like this in
/var/log/messages:
----
Aug 20 14:02:34 opennms-h-03 python: SELinux is preventing
/usr/sbin/monitor-get-edid-using-vbe from mmap
_zero access on the memprotect .
***** Plugin mmap_zero (53.1 confidence)
2012 Apr 30
1
SELinux is preventing /usr/libexec/postfix/pickup from module_request
Getting module_request errors from SELinux. Errors being thrown by
metacity
sendmail.postfix
cleanup
trivial-rewarite
local
postdrop
pickup
All errors are essentially the same
System was working well until I began to apply some basic security
hardening configuration.
Postfix started complaining when I made /tmp noexec, nodev, nosuid, and
then did a mount --bind of /var/tmp under
2013 Jan 04
2
Syslinux 5.00 - Doesn't boot my system / Not passing the kernel options to the kernel?
Hi,
I encounter a problem with Syslinux 5.00 I cannot really describe. So I
created two small videos:
Booting with Syslinux 5.00 (1.3 MB):
<https://www.dropbox.com/s/b6g8cdf2t9v48c6/boot-syslinux5-fail.mp4>
How I fixed the problem by downgrading to Syslinux 4.06 and how booting
should look like (6.5 MB):
<https://www.dropbox.com/s/lt7cpgfm0qvqtba/boot-syslinux5-how-i-fixed-it.mp4>
2020 Apr 18
1
CentO 8 and nftables default policy
I had the same problem.
If you are not using virtual machines then
# systemctl disable libvirtd
works and is easily reversible.
Alan
On 18/04/2020 23:03, Alessandro Baggi wrote:
> Il 17/04/20 11:01, Alessandro Baggi ha scritto:
>> Hi list,
>>
>> I'm studying nftables. I'm using CentOS 8.1 (Gnome) and I disabled
>> firewalld. I noticed that a default
2008 Aug 26
3
Amavisd Howto
Hello CentOS Docs People!
I recently used the Amavisd howto to setup a couple of mailservers, which saved me from hours of searching online and reading novels of documentation. Since Ned is taking a little break from the Amavisd page, I would like to help contribute. There were a few things I'd like to add, like GTUBE/EICAR testing and SELinux config lines.
My wiki username is WilliamFong.
2020 Apr 17
2
CentO 8 and nftables default policy
Hi list,
I'm studying nftables. I'm using CentOS 8.1 (Gnome) and I disabled
firewalld. I noticed that a default policy is created with tables and
chains probably for firewalld.
So I created a .nft script where I stored my rules with a flush for
previous ruleset, then saved on /etc/sysconfig/nftables.conf and the
enabled nftables service.
Running the script with nft -f script.nft all
2012 May 28
0
mcelog SELinux errors
Prowling around in the system logs this morning I discover the
following entries:
May 27 09:48:27 vhost01 mcelog: Cannot open logfile /var/log/mcelog:
Permission
denied
May 27 09:48:27 vhost01 mcelog: failed to prefill DIMM database from
DMI data
May 27 09:48:27 vhost01 mcelog: Cannot bind to client unix socket
`/var/run/mcel
og-client': Permission denied
and later:
vhost01 setroubleshoot:
2015 Jan 19
0
CentOS-6.6 Fail2Ban and Postfix Selinux AVCs
On Mon, January 19, 2015 11:50, James B. Byrne wrote:
> I am seeing these in the log of one of our off-site NX hosts running
> CentOS-6.6.
>
> type=AVC msg=audit(1421683972.786:4372): avc: denied { create } for
> pid=22788 comm="iptables" scontext=system_u:system_r:fail2ban_t:s0
> tcontext=system_u:system_r:fail2ban_t:s0 tclass=rawip_socket
> Was caused by:
2015 Dec 31
0
CentOS 7, annoyances in the logs
Annoyances:
1. I'm seeing a lot of noise in the logfile for a workstation that I just
built a couple months ago. One complaint is that
Configuration file /usr/lib/systemd/system/ebtables.service is marked
executable. Please remove executable permission bits. Proceeding anyway.
*Should* anything named <servicename>.service have any permissions other
than readable (and write for root)?
2016 Feb 29
0
Odd selinux complaints on new, fully updated CentOS 7
Just installed 7.2, and I'm seeing this - is this a bug in the policy?
**************************
SELinux is preventing systemd-readahe from add_name access on the
directory .readahead.new.
***** Plugin catchall_labels (83.8 confidence) suggests
*******************
If you want to allow systemd-readahe to have add_name access on the
.readahead.new directory
Then you need to change the
2012 May 28
0
Another odd SELinux message
Does anyone recognize this sort of message or have any idea what might
cause it?
May 28 11:00:06 inet09 setroubleshoot: [avc.ERROR] Plugin Exception
catchall #012Traceback (most recent call last):#012 File
"/usr/lib64/python2.6/site-packages/setroubleshoot/analyze.py", line
191, in analyze_avc#012 report = plugin.analyze(avc)#012 File