Displaying 20 results from an estimated 2000 matches similar to: "SELinux context not applied"
2017 Oct 23
2
Unable to apply mysqld_db_t to mysql directory
Interesting to see the Equivalence. As a first thing, I tried:
semanage fcontext -a -e /var/lib/mysql.old /var/lib/mysql
then
restorecon -R /var/lib/mysql
# semanage fcontext -lC
SELinux fcontext type
Context
/home/users(/.*)? all files
system_u:object_r:user_home_dir_t:s0
/var/lib/mysql all
2017 Oct 23
2
Unable to apply mysqld_db_t to mysql directory
Thanks, I managed to fix /var/lib/mysql
# ls -ldZ /var/lib/mysql
drwxr-xr-x. mysql mysql system_u:object_r:mysqld_db_t:s0 /var/lib/mysql
To fix it, I tried:
semanage fcontext -d -e /var/lib/mysql
this command returned:
KeyError: /var/lib/mysql
I tried restorecon anyway:
restorecon -Rv /var/lib/mysql
But not better:
ls -ldZ /var/lib/mysql
drwxr-xr-x. mysql mysql system_u:object_r:var_lib_t:s0
2017 Oct 23
2
Unable to apply mysqld_db_t to mysql directory
Hello,
A server was configured in /var/lib/myslq in the root fs. I added a LV
specifically for mysql. I stopped myql and renamed /var/lib/mysql to
/var/lib/mysql.old. I created a new dir /var/lib/mysql and mounted the LV
on /var/lib/mysql. I then copied with "cp -prZ" all mysql files in
/var/lib/mysql.old to /var/lib/mysql.
But then I got a selinux problem:
# ls -ldZ mysql.old/
2017 Apr 30
3
selinux problem policies
Hello,
My problem is to add selinux policies
can any help to say what is wrong with my policies
I write this!
semanage fcontext -a -t httpd_sys_rw_content_t "/var/www/html(/.*)?/
typo3conf(/.*)?"
I have more instances from typo3
I found this construct in the selinux policies
"/var/www/html(/.*)?/uploads(/.*)?"
but my is not working ?
and I have only errors?
neverallow
2017 May 01
2
selinux problem policies
Hello,
On Sonntag, 30. April 2017 18:40:23 CEST Gordon Messmer wrote:
> On 04/30/2017 07:03 AM, G?nther J. Niederwimmer wrote:
> > I write this!
> >
> > semanage fcontext -a -t httpd_sys_rw_content_t "/var/www/html(/.*)?/
> > typo3conf(/.*)?"
>
> OK. Did you get an error?
I have only Errors ;-).
when I like to set this Rule ?
semanage fcontext -a
2014 Dec 17
4
selinux-policy update resets /etc/selinux/targeted/contexts/files/file_contexts?
Hi,
On an internal webserver (latest C6) I want smb-access to /var/www/html/
In april I did
chcon -R -t public_content_rw_t /var/www/html/
setsebool -P allow_smbd_anon_write 1
setsebool -P allow_httpd_anon_write 1
echo "/var/www/html/ -- unconfined_u:object_r:public_content_rw_t:s0" >> /etc/selinux/targeted/contexts/files/file_contexts
After the latest round
2016 Oct 17
0
SELinux context not applied
Hello Bernard,
On Mon, 2016-10-17 at 09:10 -0400, Bernard Fay wrote:
> I tried to apply a security context on a directory with the following
> commands:
>
> [root@ local]# semanage fcontext -a -t httpd_sys_rw_content_t "netdot(/.*)?"
> [root@ local]# restorecon -R netdot/
Try using absolute paths in your commands and see if that fixes your
issue.
Regards,
Leonard.
--
2017 Sep 04
5
selinux denial of cgi script with httpd using ssl
Thanks for your help.
I did pick up an additional entry in the audit file :
type=AVC msg=audit(1504561395.709:10196): avc: denied { execute } for
pid=19163 comm="/usr/sbin/httpd" name="s.check.cgi" dev="dm-0"
ino=537182029 scontext=system_u:system_r:httpd_t:s0
tcontext=unconfined_u:object_r:httpd_sys_content_t:s0 tclass=file
Unfortunately, I am not sure how the
2012 Oct 09
8
Service Resources and Selinux
Hi list,
I''ve got an issue at the moment, which isn''t really a big problem, but
an untidy annoyance really, and I''d just like to understand what the
best practice might be when dealing with the issue.
As a really quick summary, the issue is that Puppet is starting up the
mysqld service for the first time as unconfined_u, and then when MySQL
goes and creates a load
2013 Nov 25
2
ltsp & Selinux
Hello All,
I set up ltsp regulary, on Centos6 machines.
This morning I have a Selinux problem that usualy does not occur:
after setting everything up, the thinclients boot, but nobody can login.
It only works after the command :
# echo 0 > /selinux/enforce
I tried this semanage command:
# semanage fcontext -a -t bin_t /usr/bin/xauth
but it makes no difference.
The message I'm now
2013 Dec 19
1
quota and selinux on centos 6.5
??? Hi,
I'm facing a challenge with selinux and because I don't got an explanation elsewhere, I'm trying to explain here.
I have decided to mount /var/spool/cron on a separate partition? and apply quota for regular users. But quotacheck replyes with a "permission denied" .
quotacheck: Cannot create new quotafile /var/spool/cron/aquota.user.new: Permission denied
2019 May 08
2
Issues trying to change the selinux context
We're forced to use Siteminder, by CA, who have no clue what they're doing
in *nix. No packages, tarballs...
Anyway, I'm trying clean up some stuff, and in /*/smwa/webagent/bin (all
their binaries, including .so's, are in there, duh... I'm trying to set
the .so's to lib_t.
semanage -fcontext -a -t lib_t "/<elided>/smwa/webagent/bin(/.*).so"
gives me the
2018 May 04
4
Samba HOWTO wiki bug: chcon samba_share_t
In this wiki article:
https://wiki.centos.org/HowTos/SetUpSamba
?there is a command down in section 2 that gives an error here on CentOS 7:
$ sudo semanage fcontext ?at samba_share_t /path/to/share
?noise noise noise?
semanage: error: unrecognized arguments: samba_share_t /path/to/share
That and the following restorecon command can be replaced by a single shorter command, which
2018 Nov 30
2
Asterisk non-root - selinux - astdb
Hi
I'm trying to use Asterisk running as non-root user and selinux enabled.
Asterisk is running ok, but astdb not works. When i try to put in astdb,
console shows this message:
WARNING[1853]: db.c:350 ast_db_put: Couldn't execute statment: SQL logic
error or missing database
CentOS 7.5.1804
Asterisk certified/13.21-cert3
[root at sv03 asterisk]# ls -lahZ /var/lib/asterisk/astdb.sqlite3
2019 Apr 16
4
Time Synchronisation - SELinux Labeling and Policy
hi, i want set selinux to usw with ntpd
but when i run (as described in wiki)
semanage -a -t ntpd_t "/usr/local/samba/var/lib/ntp_signd"
i have that error
"
usage: semanage [-h]
{import,export,login,user,port,ibpkey,ibendport,interface,module,node,fcontext,boolean,permissive,dontaudit}
...
semanage: error: argument subcommand: invalid choice:
2019 May 08
3
Issues trying to change the selinux context
Warren Young wrote:
> On May 8, 2019, at 9:31 AM, mark <m.roth at 5-cent.us> wrote:
>
>> semanage -fcontext -a -t lib_t "/<elided>/smwa/webagent/bin(/.*).so?
>
> [snip]
>
>> What am I doing wrong?
>>
<snip>
> Also, I?m confused by the parens in your file path. Whether your shell
> is or not is a different question.
I'm following
2017 Dec 12
4
Spamassassin vs. SELinux trouble
Hi,
Spamassassin has been working nicely on my main server running CentOS 7
and Postfix. SELinux is activated (Enforcing).
Since the most recent update (don't know if it's related to it though)
I'm getting the following SELinux error.
--8<-----------------------------------------------------------------
SELinux is preventing /usr/bin/perl from 'read, write' accesses on
2018 May 04
3
Samba HOWTO wiki bug: chcon samba_share_t
On Fri, 2018-05-04 at 14:55 -0700, Akemi Yagi wrote:
> On Fri, May 4, 2018 at 2:26 PM, Warren Young <warren at etr-usa.com>
> wrote:
> > On May 4, 2018, at 3:03 PM, Akemi Yagi <amyagi at gmail.com> wrote:
> > >
> > > On Fri, May 4, 2018 at 12:03 PM, Warren Young <warren at etr-usa.com
> > > > wrote:
> > > >
> > > >
2017 Nov 21
1
File access in Apache 2.4 (clarification)
At 09:24 AM 11/21/2017, Jonathan Billings wrote:
>On Nov 21, 2017, at 11:42, david <david at daku.org> wrote:
> >
> > Folks
> >
> > I'm having file-access problems in Apache 2.4
> under Centos 7. In particular:
> >
> > - I have a file that's readable to every user
> and every application, (writeable by only one
> user), but my CGI
2015 Jun 02
3
Try II: selinux, xfs, and CentOS 6 and 5 issue
Tried just the selinux list yesterday, no answers, so I'm trying again.
I partitioned GPT, and formatted, as xfs, a large (3TB) drive on a CentOS
6 system, which has selinux in permissive mode. I then moved the drive to
a CentOS 5 system. When we run a copy (it mirror-copies from another
system), we get a ton of errors. I discovered that the CentOS 5 system was
enforcing. I changed it to