similar to: SELinux module

Hello everyone, I have a problem with oddjob_mkhomedir on a NFS mount point. The actual context is nfs_t drwxr-xr-x. root root system_u:object_r:nfs_t:s0 users/ With this type, oddjob_mkhomedir cannot do is job of creating home user directories. In the logs, I found about creating a new module with audi2allow and semodule: [root@ audit]# sealert -l fe2d7f60-d3ff-405b-b518-38d0cf021598

Hi: I have been using Dovecot for well over a year now and it has always worked with few problems. The mail setup is not simple... Postfix+MailScanner+ClamAV+Docvecot+MySql+postfix.admin... just to mention the major things. The system is CentOS 5.3 on VMware. The maildir is on an NFS share, index and control is local. About a month ago I thought I upgraded from 1.1.x to 1.2.x. by doing an

I'm trying to set the context on an nfs mounted /home. I believe exactly like in Redhat's Deployment Guide at http://www.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/5.2/html/Deployment_Guide/ch45s02s03.html On my system running CentOS 5.2: $ ls -alZ /home drwxr-xr-x root root system_u:object_r:home_root_t . drwxr-xr-x root root system_u:object_r:root_t .. $ mount -t

I have a NFS mount that I want apache to be able to serve files from. According to this doc: http://www.centos.org/docs/5/html/5.1/Deployment_Guide/rhlcommon-section-0097.html I should be able to mount it with a context that will allow apache to access it. But when I try the command they suggest: [root at vm-37:~] mount -t nfs -o \ context=system_u:object_r:httpd_sys_content_t \

Apache DocumentRoot on an NFS directory: [root at localhost ~]# service httpd start Starting httpd: Warning: DocumentRoot [/home/www/html] does not exist Syntax error on line 292 of /etc/httpd/conf/httpd.conf: DocumentRoot must be a directory [FAILED] [root at localhost ~]# After some research, I found this (dated) link

All test machines are CentOS 5.5 (RHEL subscriptions purchased). We've had NFS3 storage working fine and decided to try NFS4. We can mount an NFS4 share on our KVM host, but the SELinux file context on the mountpoint directory is magically changed from virt_image_t to nfs_t. Restorecon refuses to change it back. Adding the mount option context=system_u:object_r:virt_image_t on either server

Hi, what do I need to do to share the same directory with both NFS and samba? SElinux requires 'samba_share_t' for samba and 'nfs_t' for NFS, and AFAIC I can't set both at the same time on a directory.

> On Jul 19, 2019, at 8:27 AM, Leon Fauster via CentOS <centos at centos.org> wrote: > > Am 19.07.2019 um 14:51 schrieb hw <hw at gc-24.de>: >> Hi, >> >> what do I need to do to share the same directory with both NFS and samba? >> SElinux requires 'samba_share_t' for samba and 'nfs_t' for NFS, and AFAIC >> I can't set both at

Hey folks, Ok so I'm having another issue with SELinux. However I think I'm pretty close to a solution and just need a nudge in the right directtion. I wrote a puppet module that gets systems into bacula backups. Part of the formula is to distribute key/cert pairs with permissions that allow bacula to read them so that bacula can talk to the host over TLS. It's pretty slick, I must

OK, I managed to get past this problem. There were two issues - I did not have peth0 configured correctly (as you can see, the ifconfig output does not show a peth0). That was resolved by fixing my settings in the network manager. The second issue was that I don''t have a static IP address, so I selected the option for DHCP on wireless during the guest host setup. I switched to static IP

I'm having a strange problem with selinux and the mounting of a nfs directory. I'm specifying the security context as part of the mount command, yet the security context still shows nfs. The mount shows what the security context should be: [root at clienthost ~]# mount serverhost:/usr/local on /usr/local type nfs4

Got a CentOS 7 box running motion. Selinux is complaining that one of the scripts motion runs is mislabeled. Here's what it is. system_u:object_r:nfs_t:s0 /home/motion/bin/on_move_end Now, ~motion is NFS mounted, and we've got use_nfs_home_dirs --> on, so what *would* the proper label be, or do I really need to create a policy for this? mark

Am 19.07.2019 um 14:51 schrieb hw <hw at gc-24.de>: > Hi, > > what do I need to do to share the same directory with both NFS and samba? > SElinux requires 'samba_share_t' for samba and 'nfs_t' for NFS, and AFAIC > I can't set both at the same time on a directory. Maybe samba_share_nfs boolean? (not tested) -- LF

Send CentOS-announce mailing list submissions to centos-announce at centos.org To subscribe or unsubscribe via the World Wide Web, visit https://lists.centos.org/mailman/listinfo/centos-announce or, via email, send a message with subject or body 'help' to centos-announce-request at centos.org You can reach the person managing the list at centos-announce-owner at centos.org When

If you are using NFS homedirs, you should run: setsebool -P use_nfs_home_dirs 1 -- Jonathan Billings > On Sep 16, 2016, at 08:25, Bernard Fay <bernard.fay at gmail.com> wrote: > > setsebool -P use_nfs_home_dirs 1 > > ***** Plugin catchall (11.6 confidence) suggests > ************************** > > If you believe that mkhomedir should be allowed setattr access

https://bugzilla.mindrot.org/show_bug.cgi?id=2016 proler at gmail.com changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |proler at gmail.com --- Comment #1 from proler at gmail.com --- on freebsd: with this patch i cant connect with sctp to v6-only host. v4

Trying to revive this old thread as problems continue. I have noticed from the gluster logs the following on m y volume called export: [2017-08-16 20:08:47.663908] I [MSGID: 109066] [dht-rename.c:1608:dht_rename] 0-export-dht: renaming /projects/ACTIVE/Automotive/JEEP/Brand Image Program June 2016/04_Western Region/Huntington Beach CDJR - Huntington Beach, CA/04 REVIT AND CAD/2017-08-16 CAD dwgs

Hey John, Hehe, I got the right guy then. Very nice! And very good ideas but I may need more time to reread and try them out later tonight. I'm fully in agreement about providing more details. Can't be accurate in a diagnosis if there isn't much data to go on. This pool option is new to me. Please tell me more on it. Can't find it in the file below but maybe it's

Hi Tomas, On 09/03/2018 11:49 AM, Tomas Kalibera wrote: > Please don't do this to get the underlying vector length (or to achieve > anything else). Setting/deleting attributes of an R object without > checking the reference count violates R semantics, which in turn can > have unpredictable results on R programs (essentially undebuggable > segfaults now or more likely later

I can access /depot/tftp from a tftp client but unable to do it from a Windows client as long as SELinux is enforced. If SELinux is permissive I can access it then I know Samba is properly configured. # getenforce Enforcing # ls -dZ /depot/tftp/ drwxrwxrwx. root root system_u:object_r:tftpdir_rw_t:s0 /depot/tftp/ And if I do it the other way around, give the directory a type samba_share_t then