similar to: How to prevent root from managing/disabling SELinux

On 01/23/2015 06:01 PM, Stephen Harris wrote: > At work I'm used to tools like eTrust Access Control (aka SEOS). eTrust > takes away the ability to manage the eTrust config from root and puts it > in the hands of "security admin". So there's a good separation of duties; > security admin control the security ruleset, but are limited by the OS > permissions (so

Hello CentOS / RedHat / IBM folks! I am wondering if I can get a communication channel opened with someone who can affect changes win upstream RHEL? I don't have support accounts with RHEL, and use CentOS almost exclusively. I did have a direct email conversation with Mr. Daniel Walsh regarding these problems, but his answer was to create custom policy to allow what's being denied, as

I'm setting up a dedicated database server, and since this will be a central service to my various web servers I wanted it to be as secure as possible...so I am leaving SELinux enabled. However I'm having trouble getting Apache to use mod_auth_pam. I also now can't get setroubleshootd working to send me notifications of the denials and provide tips to solve the problem. The Apache

I tried downloading R-2.7.2 (http://cran.cnr.berkeley.edu/bin/windows/base/R-2.7.2-win32.exe, both from Berkeley and cran) and both times I got a warning from Computer Associates eTrust Antivirus (version 7.1.710) that the Win32/Adclicker.JO trojan was detected: The Win32/Adclicker.JO was detected in C:\USERS\USER\APPDATA\LOCAL\MICROSOFT\WINDOWS\TEMPORARY INTERNET

Hi! I am trying libvirt on POWERPC64 with the default settings such as selinux enabled. It is all good till I move images out of /var/lib/libvirt/images/. http://libvirt.org/drvqemu.html#securityselinux is saying that "If attempting to use disk images in another location, the user/administrator must ensure the directory has be given this requisite label. Likewise physical block devices

Hi, I have two local SIP extensions (both bt100). One is on remote location behind another nat (16), but everyithing seems to be setup correctly as it can register and is listed as OK(57ms). However I can only call in one direction between those two. Extensions are defined in same context: exten => 11,1,Macro(oneline,SIP/11) exten => 16,1,Macro(oneline,SIP/16) both using same macro

Content Inspecion SMTPMAIL could not deliver the e-mail below because of unreachable host Please check the recipients e-mail address before you try again. Received: from Unknown (61.113.174.142) by ETRUST-SMTP (10.3.0.22) From: r-bugs@r-project.org To: aikins@pixie.udw.ac.za Subject: Mail Delivery System (aikins@pixie.udw.ac.za) Date: Thu, 1 Apr 2004 00:56:02 -0800 MIME-Version: 1.0 Content-Type:

Hey Guys, I have a network of windows clients with a couple of linux servers for various tasks. What I would like to do is have some form of antivirus on the clients that will log alerts to something on a linux server and store the info in sql. Anybody have any idea on something that can do this? I tried asking on the securityfocus virus list and I emailed grisoft about their network product.

Hi all I have a Fedora release 17 (Beefy Miracle) with libvirt versions: libvirt-0.9.11.3-1.fc17.x86_64 virt-manager-0.9.1-3.fc17.noarch I have allowed non-root user to user libvirt by allowing the user through polkit cat /etc/polkit-1/localauthority/50-local.d/cat 50-org.example-libvirt-remote-access.pkla [Remote libvirt SSH access] Identity=unix-group:virt

On May 4, 2018, at 5:13 PM, Gordon Messmer <gordon.messmer at gmail.com> wrote: > > On 05/04/2018 12:03 PM, Warren Young wrote: >> ?there is a command down in section 2 that gives an error here on CentOS 7: >> >> $ sudo semanage fcontext ?at samba_share_t /path/to/share >> ?noise noise noise? >> semanage: error: unrecognized arguments:

Hi, As we are moving away from an NT based enviroment to SAMBA we are looking for a managed virus scanner for our desktops. Managed means: 1. Remote deployment 2. Updates from a local repository 3. Notification and reporting. The existing solutions (Symantec, TrendMicro, Mcafee) assume that you have an NT server. I would much rather have a Linux/Samba based managment console. Any ideas/leads?

I've got this poor ext3-partition which I can't access. I have tried a lot of things but it doesn't seem to solve the problem. I've got quite important files on that particular partition. I can't even get the block groups from my /dev/hda3 with dumpe2fs! It all happened after a crash. GRUB wouldn't give me the graphical UI. I decided I had to get my dosbootdisk and do an

Hi, I'd like to organize my Asterisk to properly handle incoming SIP/IAX/H323 callerids so they can be called back if needed. I have three incoming contexts for sip, iax and h323 calls. To each incoming call I'd like to prepend certain number that will be catched with pattern matching on output calls. For instance for iax I have: [from-iax] exten => s,1,NoOp(IAX call from outside

Hi All, Thanks for the information. But after resetting the semanage User/login, and moving the targeted folder to old one and then install the default target. then also its still showing the Id context as context=*system_u:system_r:unconfined_t:s0-s0:c0.c1023.* *What I observed is after changing the permission using semanage command also, its still showing the system_u:system_r. * *Check the

Hi list, I hope that maybe one of you can shed some light on this, as this is a very strange case and I don't even have the slightest clue from what this symptom may all come from. Maybe not Samba, maybe Hardware, maybe buggy windows ..... Problem: We have running a Samba 3.0.7 (from backports.org) Debian 3.0 STABLE Server here for over a year now. On Tuesday this week we got the first

Hi, I've been kicking this idea around, and the problem with it escapes me. I'm looking for someone to tell me why this is a bad idea. The new OpenSSH includes the AuthorizedKeysCommand, which was mostly added to let people use a command to look up user keys in LDAP. LDAP key lookup have some limitations -- specifically, the common openssh-lpk_openldap schema won't let you add

Hi, if I dial meetme from extension 200 directly it works ok - I get moh as only user (first trace). If I dial to other local extension and trasfer from there I get second trace... Apparent difference between those two is warning : Jan 27 11:06:33 WARNING[6133]: res_musiconhold.c:466 moh_alloc: No class: random What this could mean ? Direct Call log-----------------------------------------:

Hi Everyone, I''m working at getting Rails introduced in my company. We''re a J2EE shop. Our deployments make use of thee-tiered architecture, just to be clear, that means that there are essentially three machines involved in dealing out an app: a webserver, an application server, and a database server. As I see it (unless I''ve missed something) Ruby is essentially

https://bugs.freedesktop.org/show_bug.cgi?id=81072 Priority: medium Bug ID: 81072 Assignee: nouveau at lists.freedesktop.org Summary: GPU lockup after "read fault at 0x0000039000 [PAGE_NOT_PRESENT]" QA Contact: xorg-team at lists.x.org Severity: normal Classification: Unclassified OS:

Hola: En el trabajo tengo que montar acceso a investigadores a uno de los servidores de cálculo de la unidad, y he conseguido ya montar un R dentro de una jaula ssh con JailKit (chroot). http://olivier.sessink.nl/jailkit/ https://launchpad.net/jailkit Ahora bien, quería probar que los usuarios pudieran también abrir alguna GUI al conectarse con ''ssh -X foo@server'' (por