similar to: Centos7 - SELinux messing with my named.conf

On 02/09/2017 01:36 PM, Robert Moskowitz wrote: > So what SELinux magic do I need here restorecon /etc/named.conf

Gordon, Thank you for your help on this. Still not working... On 04/26/2017 06:27 PM, Gordon Messmer wrote: > On 04/26/2017 12:29 AM, Robert Moskowitz wrote: >> But the policy generates errors. I will have to submit a bug report, >> it seems > > > A bug report would probably be helpful. > > I'm looking back at the message you wrote describing errors in >

On 04/25/2017 06:45 PM, Gordon Messmer wrote: > On 04/25/2017 01:58 AM, Laurent Wandrebeck wrote: >> Quick?n?(really) dirty SELinux howto: > > > Alternate process: > > 1: setenforce permissive > 2: tail -f /var/log/audit/audit.log | grep AVC > 3: use the service, exercise each function that's constrained by the > existing policy > 4: copy and paste the

postfixadmin setup.php is claiming: *Error: Smarty template compile directory templates_c is not writable.* *Please make it writable.* *If you are using SELinux or AppArmor, you might need to adjust their setup to allow write access.* This goes away with 'setenforce 0', so it is an SELinux issue. I have tried both: restorecon -Rv /usr/share/postfixadmin and chcon -R -t

On 02/21/2017 11:46 AM, Zdenek Sedlak wrote: > On 2017-02-21 17:30, Robert Moskowitz wrote: >> postfixadmin setup.php is claiming: >> >> *Error: Smarty template compile directory templates_c is not writable.* >> *Please make it writable.* >> *If you are using SELinux or AppArmor, you might need to adjust their >> setup to allow write access.* >>

Hello, I need to communicate with windows 10 guest from cent os host. Following this docs - https://access.redhat.com/solutions/732773, https://wiki.libvirt.org/page/Qemu_guest_agent I add new device in my Win10 guest <channel type='unix'> <target type='virtio' name='org.qemu.guest_agent.0'/> </channel> and install gemu-ga x64 from this iso -

Pulling out what little hair I have here, but stumbled onto a possible problem. I have a server running C6 apache that is set up with personal directories and no problem showing the files. You can see it at: medon.htt-consult.com/~rgm/pogo So I have a C7 apache server I am building. Files I create on the new server are listing fine. Files I have copied (with cp -avr ...) get permission

I generated a new host key for one of our systems using: ssh-keygen -t rsa -b 4096 -f ssh_host_rsa_key_4096 I then ran 'ls -Z on the keys' ll -Z *key* -rw-------. root root system_u:object_r:sshd_key_t:s0 ssh_host_dsa_key -rw-r--r--. root root system_u:object_r:sshd_key_t:s0 ssh_host_dsa_key.pub -rw-------. root root system_u:object_r:sshd_key_t:s0 ssh_host_key -rw-r--r--. root

Hi, I'm trying to grant dovecot the ability to manage its socket within the postfix spool directory. I have added the below to file_contexts.local : /var/spool/postfix/private/dovecot-auth system_u:system_r:dovecot_t:s0 However, running "restorecon -v /var/spool/postfix/private/dovecot-auth" gives me the following error : restorecon:

Hi, I've been debugging this for a day now and I am on the edge of my understanding and could use some help. I have a smbd 3.5.6 running as a PDC (smb.conf below) with an openldap backend. If I run `getent passwd` I get all the users (local and Domain) and computer accounts that I've imported into the ldap tree. If I run `getent group`, I only see local groups: root:x:0: daemon:x:1:

Il giorno sab, 02/04/2016 alle 18.04 -0600, Frank Cox ha scritto: > On Sun, 03 Apr 2016 01:58:42 +0200 > Dario Lesca wrote: > > > > > Please, someone can help me to resolve this systemd issue? > systemctl reset-failed Thanks Frank, but I have try this command, none is changed: > [root at s-virt ~]#? > [root at s-virt ~]#? > [root at s-virt ~]# journalctl -f

??? Hi, I'm facing a challenge with selinux and because I don't got an explanation elsewhere, I'm trying to explain here. I have decided to mount /var/spool/cron on a separate partition? and apply quota for regular users. But quotacheck replyes with a "permission denied" . quotacheck: Cannot create new quotafile /var/spool/cron/aquota.user.new: Permission denied

Hi, I tried to apply a security context on a directory with the following commands: [root@ local]# semanage fcontext -a -t httpd_sys_rw_content_t "netdot(/.*)?" [root@ local]# restorecon -R netdot/ When I list the contexts, it is part of the list.... [root@ local]# semanage fcontext -l | grep netdot ./netdot(/.*)? all files

Hi. CentOS 5.4 64-bit with SELinux, happily running for over a year, suddenly httpd fails to start up, getting an error message like: Starting httpd: Syntax error on line X of /etc/httpd/conf.d/php.conf: Cannot load /etc/httpd/modules/libphp5.so into server: libxml2.so.2: failed to map segment from shared object: Permission denied I turned off SELinux and was able to start httpd. But what went

I am running puppet 3.2.1, using the puppetlabs repos, on centos 6.4. I keep getting these messages in the log: (every 30 minutes) Jun 3 11:24:55 yoda puppet-master[20292]: Failed to set SELinux context system_u:object_r:puppet_etc_t:s0 on /etc/puppet/auth.conf Jun 3 11:24:55 yoda puppet-master[20292]: Failed to set SELinux context system_u:object_r:puppet_etc_t:s0 on

Actually it is running: netstat -tuln | grep 590 tcp 0 0 0.0.0.0:5901 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:5902 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:5903 0.0.0.0:* LISTEN tcp6 0 0 :::5901 :::* LISTEN tcp6 0 0 :::5902 :::* LISTEN tcp6 0 0 :::5903 :::* LISTEN

http://bugzilla.mindrot.org/show_bug.cgi?id=880 ------- Comment #3 from djm at mindrot.org 2006-04-03 21:45 ------- Created an attachment (id=1110) --> (http://bugzilla.mindrot.org/attachment.cgi?id=1110&action=view) Revised diff ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.

I was upgrading a system remotely from Centos 6.3 to 6.5 via VNC. Now the system will not boot. Or at least without bringing up the console and switching to the older kernel. The last messages I see in /var/log/messages are: Jul 1 14:53:51 rigel yum[3220]: Updated: scl-utils-20120927-8.el6.i686 Jul 1 14:53:53 rigel gnome-keyring-daemon[2710]: dbus failure unregistering from session:

> On Feb 9, 2015, at 12:27 PM, Robert Nichols <rnicholsNOSPAM at comcast.net> wrote: > > On 02/09/2015 11:14 AM, James B. Byrne wrote: >> So, I decided to run restorecon -v to >> ... >> restorecon reset /etc/ssh/ssh_host_rsa_key_4096 context >> unconfined_u:object_r:sshd_key_t:s0->unconfined_u:object_r:etc_t:s0 >> ... >> There is no

Hi, I could use some confirmation on my approach to configuring my BDC. I want the user to be able to access shares on the BDC and have their domain credentials stamped on any files they create. I do not want to add domain users to the /etc/passwd file. At the moment users can authenticate onto the domain but once they try and access a share on the BDC, these XP users get a dialogue box asking