similar to: An selinux issue

Karsten M. Self wrote: > on Thu, Dec 15, 2005 at 01:38:29PM -0500, Steve Brueckner > (steve@atc-nycorp.com) wrote: >> I''m using Fedora Core 4. I need to create an ssh port forwarding >> tunnel to my xen0 domain when my xenU domain starts up, so I added >> this to the xenU''s /etc/rc.d/rc.local: >> >> ssh -v -f -L 5500:localhost:5501 xen0_ip

I recently setup my Puppetmaster server to run through Passenger via Apache instead of on the default webrick web server. SELinux made that not work and I've found some documentation on making rules to allow it however mine won't load. This is the policy I found via this website, http://sandcat.nl/~stijn/2012/01/20/selinux-passenger-and-puppet-oh-my/comment-page-1/ . module

Hi All, I have this following issue in SELinux. I did what instruction said but the security context has still never changed. Do I need to create local SELinux module? I hope anyone could help me out of this. Thank you. ------------------------------------------------------- # sealert -b ........................................ Summary: SELinux is preventing postmaster (postgresql_t)

On 2/4/20 9:59 AM, Sergio Belkin wrote: > Hi, > I've done the following: > - Copy usr content with rsync to another partition: > > rsync -av --partial --progress /usr/ /mnt > > Then, unmounted, added to fstab a line for /usr, then deleted /usr/* (not > the directory itself). But I've found that is bad labeled: > > ls -Z /usr >

Hi, I've done the following: - Copy usr content with rsync to another partition: rsync -av --partial --progress /usr/ /mnt Then, unmounted, added to fstab a line for /usr, then deleted /usr/* (not the directory itself). But I've found that is bad labeled: ls -Z /usr unconfined_u:object_r:unlabeled_t:s0 bin unconfined_u:object_r:unlabeled_t:s0 local unconfined_u:object_r:unlabeled_t:s0

On 02/09/2015 11:14 AM, James B. Byrne wrote: > So, I decided to run restorecon -v to > presumably set the SELinux user correctly for the new keys: But that > is not what happened: > > restorecon -v * > > restorecon reset /etc/ssh/ssh_host_rsa_key_4096 context > unconfined_u:object_r:sshd_key_t:s0->unconfined_u:object_r:etc_t:s0 > > restorecon reset

In-Reply-To: <f4e013870805211022r36194b29gb74ca4421dc2ee77 at mail.gmail.com> On: Wed, 21 May 2008 10:22:19 -0700, MHR <mhullrich at gmail.com> wrote: >> On Wed, May 21, 2008 at 8:37 AM, James B. Byrne <byrnejb at harte-lyne.ca> >> wrote: >> >> This indeed turned out to be an SELinux policy problem which I have since >> resolved. > > Whoa,

I generated a new host key for one of our systems using: ssh-keygen -t rsa -b 4096 -f ssh_host_rsa_key_4096 I then ran 'ls -Z on the keys' ll -Z *key* -rw-------. root root system_u:object_r:sshd_key_t:s0 ssh_host_dsa_key -rw-r--r--. root root system_u:object_r:sshd_key_t:s0 ssh_host_dsa_key.pub -rw-------. root root system_u:object_r:sshd_key_t:s0 ssh_host_key -rw-r--r--. root

> On Feb 9, 2015, at 12:27 PM, Robert Nichols <rnicholsNOSPAM at comcast.net> wrote: > > On 02/09/2015 11:14 AM, James B. Byrne wrote: >> So, I decided to run restorecon -v to >> ... >> restorecon reset /etc/ssh/ssh_host_rsa_key_4096 context >> unconfined_u:object_r:sshd_key_t:s0->unconfined_u:object_r:etc_t:s0 >> ... >> There is no

OK, so setup CENTOS-5 on a laptop to learn about Xen stuff. KDE Desktop, wanted to print the virt.108.com xen howto. Needed to setup printer first. Open KDE control center, go to printers. Hear error sound, message says "Unable to retrieve the printer list.... Connection to CUPS server failed. ..." So I check to see that cups is running (it is). I check /var/log/messages

All of a sudden, Virtual Machine Manager (VMM) on a CentOS 5.7 load will no longer run any VMs. The VM worked A-OK on the morning of 23 Feb, when I brought it up, applied the Microsoft updates, rebooted it, installed an application, rebooted again and ran several tests. Later that day, it wouldn't run. I didn't have time to diagnose, so I did some investigation a few minutes ago. Working

Hi, folks, Our system gets/creates /var/lib/ssh-x509-auth/<username>,pem, then deletes it when the log out. selinux (in permissive mode) complains. First, I changed the context to cert_t, and *now* it complains that ksh93 wants write, etc access on the directory. grep ssh-x509-auth /var/log/audit/audit.log | audit2allow offers me this: #============= sshd_t ============== allow sshd_t

CentOS-5.1 I need some help with setting up the SELinux context for a custom httpd directory so that I can write log files into it. This is what I have: In my virtual host config file: RewriteEngine on RewriteLog /etc/httpd/virtual.d/trac-rewrite.log # RewriteLogLevel 0=off 1=basic 2=verbose 3+=module developer debuging RewriteLogLevel 0 If /etc/httpd/virtual.d/trac-rewrite.log does

Hi, on an up to date CentOS 5.4 x86_64 (test machine), I systematically get the following SELinux denial when I start a QEMU/KVM virtual machine via virt-manager: SELinux is preventing qemu-kvm (qemu_t) "execute" to /dev/zero (zero_device_t). (full alert below) Running the command suggested by the alert (restorecon -v '/dev/zero') does not solve the problem. This does not

Every now and then I get an alert like this one. I have no clue what this "rear" subsystem is, or why madam would be trying to write to its log file. Can anyone enlighten me? thanks in advance! ------------------------- SELinux is preventing /usr/sbin/mdadm from write access on the file /var/log/rear/rear-fcshome.log.lockless. ***** Plugin restorecon (93.9 confidence) suggests

Hello, On CentOS-6.2, these two commands (on the same machine) give me different results : # restorecon -r /var/www/html/Centos/ # (as root) $ sudo restorecon -r /var/www/html/Centos/ # (as an unprivileged user) /var/www/html/Centos/ is a symlink to /mnt/packages/Centos/ In the first case, I get : # ls -Z /var/www/html/Centos/ drwxr-xr-x. naudin biom system_u:object_r:httpd_sys_content_t

https://bugzilla.samba.org/show_bug.cgi?id=12199 Bug ID: 12199 Summary: multiple link-dest dirs not working Product: rsync Version: 3.0.6 Hardware: All OS: All Status: NEW Severity: major Priority: P5 Component: core Assignee: wayned at samba.org Reporter: brian at

Hi! I'm getting these frequently. several times I've done the steps listed there to suppress the messages, but I keep getting them. Anyone got a good idea how to deal with this? Thanks in advance! ---------------------------- SELinux is preventing mdadm from 'read, open' accesses on the file /var/log/rear/rear-fcshome.log.lockless. ***** Plugin restorecon (99.5 confidence)

Hello, I have a strange (for me) problem with these two machines : - Client, a CentOS-5.7 workstation ; - Server, a CentOS-6.2 headless, up-to-date server. From Client, I want to use xauth on Server with the help of rsh (yes, I know, ssh and all this sort of things... another time.) When SELinux is in permissive mode on Server, all these commands perform as expected : rsh Server

Hi All, Thanks for the information. But after resetting the semanage User/login, and moving the targeted folder to old one and then install the default target. then also its still showing the Id context as context=*system_u:system_r:unconfined_t:s0-s0:c0.c1023.* *What I observed is after changing the permission using semanage command also, its still showing the system_u:system_r. * *Check the