Displaying 20 results from an estimated 2000 matches similar to: "SELinux permissions for apache"
2015 Jan 22
2
SELinux permissions for apache
Hey Jeremy,
> Have you tried changing the folder where it's writing into with these
> lables? httpd_sys_content_rw_t or httpd_user_content_rw_t
Adding 'rw' to the command did the trick. I tried httpd_sys_content_rw_t and
that works fine! Thanks for the tip!
Tim
On Thu, Jan 22, 2015 at 1:19 PM, Jeremy Hoel <jthoel at gmail.com> wrote:
> Have you tried changing
2015 Jan 22
2
SELinux permissions for apache
>
> The easiest answer is to edit the Selinux config file. By default it is
> set to enforce, which really locks it down.
> cd /etc/selinux
> edit the config file and change SELUNIX=enforcing to SELUNIX=permissive
> Save the file and restart httpd, you should be fine..
Yeah dude, exactly. Except I actually do want to start using it. I've been
disabling SELINUX forever
2015 Jan 22
0
SELinux permissions for apache
Exactly, SELinux is great. Its a good room to have when you can get it
working and it's another good layer of protection. Its better to learn to
use the tool then just turn it off.
Not every label has a rw option but it never hurts to try. :-)
On Jan 22, 2015 1:18 PM, "Tim Dunphy" <bluethundr at gmail.com> wrote:
> >
> > The easiest answer is to edit the Selinux
2015 Jan 22
0
SELinux permissions for apache
The easiest answer is to edit the Selinux config file. By default it is
set to enforce, which really locks it down.
cd /etc/selinux
edit the config file and change SELUNIX=enforcing to SELUNIX=permissive
Save the file and restart httpd, you should be fine..
john plemons
On 1/22/2015 1:36 PM, Tim Dunphy wrote:
> Hey Jeremy,
>
>
>
>> Have you tried changing the folder where
2015 Jan 22
0
SELinux permissions for apache
Have you tried changing the folder where it's writing into with these
lables? httpd_sys_content_rw_t or httpd_user_content_rw_t
On Thu, Jan 22, 2015 at 11:09 AM, Tim Dunphy <bluethundr at gmail.com> wrote:
> Hey all,
>
> I have a simple php app working that writes some info to a text file. The
> app will only work correctly if SELinux is disabled. If it's enabled and
2017 Feb 21
2
SELInux conflict with Postfixadmin
On 02/21/2017 11:46 AM, Zdenek Sedlak wrote:
> On 2017-02-21 17:30, Robert Moskowitz wrote:
>> postfixadmin setup.php is claiming:
>>
>> *Error: Smarty template compile directory templates_c is not writable.*
>> *Please make it writable.*
>> *If you are using SELinux or AppArmor, you might need to adjust their
>> setup to allow write access.*
>>
2015 May 10
5
mariadb fails to start under C7
Hey all,
I just unstalled MariaDB version 10 from the mariadb repositories under a
CentOS 7 host.
The install went fine!
[root at nfsdb1 ~]# rpm -qa | grep -i mariadb
MariaDB-common-10.0.19-1.el7.centos.x86_64
MariaDB-server-10.0.19-1.el7.centos.x86_64
MariaDB-client-10.0.19-1.el7.centos.x86_64
MariaDB-shared-10.0.19-1.el7.centos.x86_64
However, when I go to start up the service, I'm
2015 Oct 30
4
disable ZTS in php
Hey guys,
I'm trying to disable ZTS in php, because an application we need
(AppDynamics) is not compatible with it.
So I tried compiling php with the following flags:
php -i | grep configure
Configure Command => './configure' '--with-apxs2=/opt/apache2/bin/apxs'
'--with-zlib=/usr' '--prefix=/opt/php-5.6.8' '--with-libdir=lib64'
2015 Oct 30
2
disable ZTS in php
Yeah Erro, ok you have a point. I'll do that. Thanks!
On Fri, Oct 30, 2015 at 11:40 AM, Eero Volotinen <eero.volotinen at iki.fi>
wrote:
> This is really wrong way to do this. Install yum-utils and use
> yumdownloader --source package-name to get rhel version of package. Then
> modify spec file and recompile.
>
> Eero
> Hey guys,
>
> I'm trying to disable
2015 Dec 19
2
LDAP create home directories
>
> You may also need to restart sssd or nslcd, depending upon which one is
> running the backed ldap connection service on the clients.
Hmm.. I got a different result after restarting nclcd. Instead of logging
me in and just complaining that it couldn't create the home directory, it
still complains about not creating the home directory, but now it doesn't
let me in:
#ssh
2011 Mar 30
2
nlockdmgr listen on privileged port
hey list!
I am attempting to shore up some centos machines (ranging from centos
5 to centos 5.4) for pci compliance by changing the port that
nlockdmgr listens on to function under a privileged port.
So what I did was try to hardcode the port by editing /etc/sysconfig/nfs
# TCP port rpc.lockd should listen on.
LOCKD_TCPPORT=1011
# UDP port rpc.lockd should listen on.
LOCKD_UDPPORT=1011
#
2015 May 01
5
Could not complete SSL handshake to Amazon EC2 host
Hi Eric,
Thanks for your reply. I do have nrpe running under xinetd on the host I'm
trying to monitor.
And running the nrpe checl locally:
[root at ops:~] #/usr/local/nagios/libexec/check_nrpe -H localhost
NRPE v2.15
[root at ops:~] #grep only_from /etc/xinetd.d/nrpe
only_from = 127.0.0.1 216.120.248.126
And I do have port 5666 open on the security group for this host.
2015 Aug 25
6
echo password into bash script
Hey guys,
I'm trying to echo my password into some commands inside of a bash script.
But I think I'm going about it incorrectly.
Here's the top part of my script:
#!/bin/bash
pub="~/.ssh/id_rsa.pub"
dps_pass="my_pass"
ssh="/usr/bin/ssh"
scp="/usr/bin/scp"
for i in 10.10.10.2{5,6}
do
echo "xfring key up"
echo $dps_pass | $scp $PUB
2015 May 01
2
Could not complete SSL handshake to Amazon EC2 host
Hi
NRPE: Error receiving data from daemon
Seems as this is not a SSL Problem. Do you have a nagios user account? Cat
/etc/passwd
Am 01.05.2015 18:45 schrieb "Tim Dunphy" <bluethundr at gmail.com>:
> >
> > Oh my mistake. I mean nrpe without parameters. It should say something
> > about SSL/TLS aktiv or so.
> > You could test nrpe without SSL. Use nrpe -n -
2015 Oct 15
2
selinux commands fail on low memory box
Hey all,
I have 3 web servers hosted at Digital Ocean that all have the same amount
of memory at 512MB. They're all running CentOS 7.
They are low powered apache servers and don't really need more than that.
All they're doing is serving the web, no database on those hosts at all.
On the first two hosts I seem to have no trouble running SELinux related
commands. It's only on
2015 Dec 19
2
LDAP create home directories
Hey guys,
I've setup an LDAP server on our network. I'm using OpenLDAP.
It was really easy to use the authconfig-tui to generate the nsswitch.conf
and ldap.conf files that would allow user authentication.
But when users would log in, the system wasn't creating the home
directories.
I found one command that would correct that:
authconfig --enablemkhomedir --update
After that
2015 Mar 03
2
selinux allow FTP
On Mar 3, 2015, at 2:30 PM, Brian Mathis <brian.mathis+centos at betteradmin.com> wrote:
>
> people are bound by corporate restrictions
That seems like an awfully convenient rug to sweep problems under.
Can?t fix a security problem? Corporate restrictions!
Can?t require sensible security defaults restrictions by default? Corporate restrictions!
Can?t move off IE6? Corporate
2015 May 01
2
Could not complete SSL handshake to Amazon EC2 host
> This is strange...
> Do you have SSL aktive on both systems? Run nrpr localy without parameters
> (this should return some nrpe stats) and check ldd for libssl.
I don't seem to have that command.
[root at monitor1:~] #find / -name "*nrpr" 2> /dev/null
[root at monitor1:~] #
And that's on either system.
And if I do an ldd on both, this is what I can tell:
2015 May 01
2
Could not complete SSL handshake to Amazon EC2 host
Oh my mistake. I mean nrpe without parameters. It should say something
about SSL/TLS aktiv or so.
You could test nrpe without SSL. Use nrpe -n - H host
Am 01.05.2015 13:18 schrieb "Eero Volotinen" <eero.volotinen at iki.fi>:
> well. how about trying default setting and running nrped without xinetd.
>
> --
> Eero
>
> 2015-05-01 14:14 GMT+03:00 Tim Dunphy
2015 Mar 05
2
SELinux kills Cassandra based website
Hey all,
There's a website I help run that uses the Cassandra DB as its database. I
notice that if I run the web server in SELinux permissive mode, the site
works fine. But if I put it into enforcing mode, the site goes down with
this error:
Warning: require_once(/McFrazier/PhpBinaryCql/CqlClient.php): failed to
open stream: Permission denied in