similar to: SELinux upgrade

I have experienced this myself. It is very upsetting. (Sent from iPhone, so please accept my apologies in advance for any spelling or grammatical errors.) > On Jan 19, 2017, at 2:57 AM, Fabian Arrotin <arrfab at centos.org> wrote: > > log

On 01/19/2017 04:47 AM, Marcin Trendota wrote: > W dniu 19.01.2017 o 10:17, Hal Wigoda pisze: >> I have experienced this myself. It is very upsetting. > > > It happened on servers with docker installed. I got error message there: > # semanage port -a -t ssh_port_t -p tcp <newport> > Re-declaration of type docker_t > Failed to create node > Bad type

Hello everyone, Now after the recent discussion on running SSH on a different port, I decided to start a new thread but with SELinux involved. Assuming that you have SELinux enabled, and that you changed the default port for SSHD, let say for 1234, when I restart SSHD I don't get any AVC denials. This is the output of: semanage -l port | grep ssh ssh_port_t tcp

On 19/01/17 09:43, Marcin Trendota wrote: > Hello All > > After recent system upgrade (this night) i lost access to two servers > through SSH, because of change in SELinux policy - i have ssh there on > different port and now it's gone. > > Thanks to puppet i was able to change SSH port back to default and log > in, but is this expected behavior? I thought minor

W dniu 19.01.2017 o 10:17, Hal Wigoda pisze: > I have experienced this myself. It is very upsetting. It happened on servers with docker installed. I got error message there: # semanage port -a -t ssh_port_t -p tcp <newport> Re-declaration of type docker_t Failed to create node Bad type declaration at /etc/selinux/targeted/tmp/modules/100/docker/cil:1 OSError: Error After

Hi! I want to change the sshd port at install for centos7 but i am not sure if i am on the good track (and it is time expensive to make many try-outs).. So, i would be grateful if someone with experience can spot if i have problems with my planning.. (the actual purpose is that after installation i have access for my ansible provisioning) first make sure ssh is started services

Why bother with */1? Wouldn't that be the same as just *? On Apr 22, 2016 5:48 PM, "Marcin Trendota" <moonwolf.rh at gmail.com> wrote: > On Friday 22 of April 2016 11:40:33 PM Marcin Trendota wrote: > > What the heck is wrong with cron? > > > > */1 * * * * nobody /usr/bin/php /var/www/html/osticket/api/cron.php > > > > in /etc/cron.d

Hello everybody. Recently i moved external interface to zone "external" on my home server/router. And something strange is hapening. From my router (chamber, CentOS7) everything is fine: [root at chamber ~]# firewall-cmd --list-all home (default, active) interfaces: enp3s0 tun0 virbr0 sources: services: dhcp dhcpv6-client dns http https imaps ipp-client mdns nfs samba

W dniu 20.08.2015 o 13:52, Mauricio Tavares pisze: > On Thu, Aug 20, 2015 at 7:34 AM, Marcin Trendota <moonwolf.rh at gmail.com> wrote: >> W dniu 20.08.2015 o 13:26, Mauricio Tavares pisze: >>> On Aug 20, 2015 6:54 AM, "ken" <gebser at mousecar.com> wrote: >>>> >>>> One of the build options for a laptop I'm looking at buying is

On Thursday 21 of April 2016 9:08:09 AM Gordon Messmer wrote: > On 04/21/2016 03:11 AM, Marcin Trendota wrote: > > But from host in another location (connected through VPN): > What host serves the VPN? If it's another host, how is that host > connected to the router? If it's "chamber," what type of VPN is it? It's OpenVPN on chamber. I've just noticed

On Thursday 21 of April 2016 2:37:49 PM Gordon Messmer wrote: > On 04/21/2016 01:33 PM, Marcin Trendota wrote: > > It's OpenVPN on chamber. > What port is it using? I don't see the standard port listed in your > firewalld rules in either zone. 1194/udp. I added service openvpn and port 1194/udp (just to be sure) to both zones - no change. [root at chamber openvpn]#

What the heck is wrong with cron? */1 * * * * nobody /usr/bin/php /var/www/html/osticket/api/cron.php in /etc/cron.d doesn't get executed at all (ran from console works of course!). But the SAME file in /tmp runs flawlessly: */1 * * * * nobody /usr/bin/php /tmp/cron.php It's CentOS7 on VPS with no SELinux. I've noticed similiar behavior before (on bare metal server with

On Mon, Apr 11, 2016 at 05:22:43PM +0200, Leon Fauster wrote: > Am 11.04.2016 um 15:44 schrieb Marcin Trendota <moonwolf.rh at gmail.com>: > > > > Any ideas? > > > DNS? Is LDAP listed in the /etc/nsswitch.conf? -- Scott Robbins PGP keyID EB3467D6 ( 1B48 077D 66F6 9DB0 FDC2 A409 FA54 EB34 67D6 ) gpg --keyserver pgp.mit.edu --recv-keys EB3467D6

W dniu 20.08.2015 o 13:26, Mauricio Tavares pisze: > On Aug 20, 2015 6:54 AM, "ken" <gebser at mousecar.com> wrote: >> >> One of the build options for a laptop I'm looking at buying is DVD vs > Blu-Ray. I've never used Blue-ray before, so is there some compelling > reason, as a Linux guy, to want to get Blu-ray? > First of all, is this going

Seemed strange is all. Can the nobody user read down into /var/www/html/osticket/api? If it works in tmp, maybe permissions are the issue. On Apr 22, 2016 7:57 PM, "Marcin Trendota" <moonwolf.rh at gmail.com> wrote: > On Friday 22 of April 2016 5:58:39 PM Steven Ford wrote: > > Why bother with */1? Wouldn't that be the same as just *? > > That's for

Recently i've migrated our SVN server (virtual machine) from C6 to C7 (more precisely - migrated data to freshly installed virtual machine). And we have problem with very slow authentication. Server is configured with SSSD, user data are fetching from our LDAP server. SVN is configured with apache (pwauth for authentication + LDAP search for Require ldap-group). It takes pwauth even 10

W dniu 13.09.2018 o?22:19, Oleg Cherkasov pisze: > On 13. sep. 2018 21:02, Marcin Trendota wrote: >> >> There is nginx on port 80. >> I've turned off SELinux for testing purposes. >> >> [root at chamber ~]# nmap chamber -p80 >> [...] >> PORT?? STATE SERVICE >> 80/tcp open? http >> >> [root at chamber ~]# nmap -p80

Dnia sobota, 7 marca 2015 12:16:14 AM John R Pierce pisze: > I maintain a local mirror of the centos repository with a simple lftp > script, and configure my clients to get updates from this mirror via > the /etc/yum.repos.d files.... And why not rsync? -- Over And Out MoonWolf

Hello all I have weird problem i can't understand and don't know where to look. [root at chamber ~]# ip addr 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host

Howdy I'm trying to run FTP server behind firewall. And i can't enable passive mode from the Internet. There are plenty howtos but there aren't many with my combination. For now i have configured port forwarding and ftp server itself. On the router: # firewall-cmd --list-all --zone=external external (active) interfaces: enp3s1 sources: services: openvpn ssh ports: 1194/tcp