Displaying 20 results from an estimated 10000 matches similar to: "motion"
2016 Sep 16
2
SELinux module
Hello everyone,
I have a problem with oddjob_mkhomedir on a NFS mount point. The actual
context is nfs_t
drwxr-xr-x. root root system_u:object_r:nfs_t:s0 users/
With this type, oddjob_mkhomedir cannot do is job of creating home user
directories.
In the logs, I found about creating a new module with audi2allow and
semodule:
[root@ audit]# sealert -l fe2d7f60-d3ff-405b-b518-38d0cf021598
2016 Sep 16
0
SELinux module
I do not want to disable SELinux at large but only for a directory and its
sub-directories.
On Fri, Sep 16, 2016 at 8:31 AM, Eddie G. O'Connor Jr. <eoconnor25 at gmail.com
> wrote:
> Not sure about most others, but I was always told that you never disable
> Selina. Of course that is in a business/corporate setting. If it's just
> you at home with a few servers? Then
2012 Feb 16
3
Baffled by selinux
Apache DocumentRoot on an NFS directory:
[root at localhost ~]# service httpd start
Starting httpd: Warning: DocumentRoot [/home/www/html] does not exist
Syntax error on line 292 of /etc/httpd/conf/httpd.conf:
DocumentRoot must be a directory
[FAILED]
[root at localhost ~]#
After some research, I found this (dated) link
2008 Oct 30
1
nfs mounted /home and selinux
I'm trying to set the context on an nfs mounted /home. I believe
exactly like in Redhat's Deployment Guide at
http://www.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/5.2/html/Deployment_Guide/ch45s02s03.html
On my system running CentOS 5.2:
$ ls -alZ /home
drwxr-xr-x root root system_u:object_r:home_root_t .
drwxr-xr-x root root system_u:object_r:root_t ..
$ mount -t
2007 Dec 07
0
mounting nfs as httpd_sys_content_t under selinux
I have a NFS mount that I want apache to be able to serve
files from.
According to this doc:
http://www.centos.org/docs/5/html/5.1/Deployment_Guide/rhlcommon-section-0097.html
I should be able to mount it with a context that will allow
apache to access it.
But when I try the command they suggest:
[root at vm-37:~] mount -t nfs -o \
context=system_u:object_r:httpd_sys_content_t \
2009 Jan 12
1
Deliver *sometimes* delivers via /tmp?
Hi,
I'm running dovecot (1.1.7) deliver and sieve (1.1.5) on a Fedora 9
platform, using selinux targetet mode.
Most of the mail deliveries goes well, but once deliver tried to copy
the mail to the /tmp directory, which it seems it not allowed by
selinux. I guess that deliver wants to sanitize the mail or something
and therefore copies it to /tmp.
Before I ask for selinux to allow this, I
2017 Apr 25
2
NOT Solved - Re: SELinux policy to allow Dovecot to connect to Mysql
On 04/25/2017 06:45 PM, Gordon Messmer wrote:
> On 04/25/2017 01:58 AM, Laurent Wandrebeck wrote:
>> Quick?n?(really) dirty SELinux howto:
>
>
> Alternate process:
>
> 1: setenforce permissive
> 2: tail -f /var/log/audit/audit.log | grep AVC
> 3: use the service, exercise each function that's constrained by the
> existing policy
> 4: copy and paste the
2010 Sep 26
1
Bugzilla 3.6.2 + sendmail + SELinux
Hello,
I have deployed Bugzilla 3.6.2 on CentOS 5 (with rpmforge perl-*
packages) and I have a problem with SELinux preventing mail being sent
via sendmail.
(see SELinux reports below, especially the second one)
When SELinux is in permissive mode, mail sending from Bugzilla is
working properly.
Has anybody got recent Bugzilla to work with SELinux on CentOS?
Thanks in advance!
Mathieu
2012 Mar 06
0
NFS Selinux issues
I'm having a strange problem with selinux and the mounting of a nfs
directory.
I'm specifying the security context as part of the mount command, yet the
security context still shows nfs.
The mount shows what the security context should be:
[root at clienthost ~]# mount
serverhost:/usr/local on /usr/local type nfs4
2015 Jun 20
2
puppet files denied by SELinux
Hey folks,
Ok so I'm having another issue with SELinux. However I think I'm pretty
close to a solution and just need a nudge in the right directtion.
I wrote a puppet module that gets systems into bacula backups. Part of the
formula is to distribute key/cert pairs with permissions that allow bacula
to read them so that bacula can talk to the host over TLS. It's pretty
slick, I must
2007 Dec 17
2
Digest Subcriber needs help with SELinux file context setting
CentOS-5.1
I need some help with setting up the SELinux context for a custom httpd
directory so that I can write log files into it. This is what I have:
In my virtual host config file:
RewriteEngine on
RewriteLog /etc/httpd/virtual.d/trac-rewrite.log
# RewriteLogLevel 0=off 1=basic 2=verbose 3+=module developer debuging
RewriteLogLevel 0
If /etc/httpd/virtual.d/trac-rewrite.log does
2013 Nov 16
1
(no subject)
[root at ipa tftpboot]# semanage fcontext -l | grep tftp
/tftpboot directory
system_u:object_r:tftpdir_t:s0
/tftpboot/.* all files
system_u:object_r:tftpdir_t:s0
/usr/sbin/atftpd regular file
system_u:object_r:tftpd_exec_t:s0
/usr/sbin/in\.tftpd regular
2013 Dec 19
1
quota and selinux on centos 6.5
??? Hi,
I'm facing a challenge with selinux and because I don't got an explanation elsewhere, I'm trying to explain here.
I have decided to mount /var/spool/cron on a separate partition? and apply quota for regular users. But quotacheck replyes with a "permission denied" .
quotacheck: Cannot create new quotafile /var/spool/cron/aquota.user.new: Permission denied
2009 Apr 03
2
clamav and selinux
after cleaning up a bunch or selinux alerts, I update and wham,
clamav/clamd/clamav-db make me assert contexts again to /var/clamav
like...
chcon -t clamd_t clamav -R
which temporarily solves the problem but it would be better if it were
policy and not file contexts. So I search and see for some
reason, /var/clamav is ignored...
# grep clam /etc/selinux/targeted/contexts/files/file_contexts
2013 Jan 12
2
selinux + kvm virtualization + smartd problem
Hello,
I'm using HP homeserver where host system run CentOS 6.3 with KVM
virtualization with SELinux enabled, guests too run the same OS (but
without SELinux, but this does not matter).
Host system installed on mirrors based on sda and sdb physical disks.
sd{c..f} disks attached to KVM guest (whole disks, not partitions;
needed to use zfs (zfsonlinux) benefit features). Problem is that
disks
2010 Oct 15
1
NFS4 + SELinux
All test machines are CentOS 5.5 (RHEL subscriptions purchased).
We've had NFS3 storage working fine and decided to try NFS4.
We can mount an NFS4 share on our KVM host, but the SELinux file context on the mountpoint directory is magically changed from virt_image_t to nfs_t. Restorecon refuses to change it back.
Adding the mount option context=system_u:object_r:virt_image_t on either server
2012 Mar 22
1
Does libvirt check MCS labels during hot-add disk image ?
Libvirt doesn't care about security during hot add disk images. It even
accepts addition of disk images of other guest running on the host.
Steps followed to create this scenario :
Started two VMs with following security configurations:
vm1:
<seclabel type='dynamic' model='selinux' relabel='yes'>
2015 Feb 09
2
SELinux context for ssh host keys?
I generated a new host key for one of our systems using:
ssh-keygen -t rsa -b 4096 -f ssh_host_rsa_key_4096
I then ran 'ls -Z on the keys'
ll -Z *key*
-rw-------. root root system_u:object_r:sshd_key_t:s0 ssh_host_dsa_key
-rw-r--r--. root root system_u:object_r:sshd_key_t:s0
ssh_host_dsa_key.pub
-rw-------. root root system_u:object_r:sshd_key_t:s0 ssh_host_key
-rw-r--r--. root
2020 Apr 03
2
Samba 4.12 SELinux context /var/run
Hi, since 4.12 Samba SELinux context for /var/run/samba is not correct
anymore:
```
root at files:~ # ls -la -Z /var/run/samba/
total 12
drwxr-xr-x. 5 root root system_u:object_r:var_run_t:s0 160 Apr 3
20:42 .
drwxr-xr-x. 30 root root system_u:object_r:var_run_t:s0 1000 Apr 3
18:39 ..
drwxr-xr-x. 3 root root system_u:object_r:var_run_t:s0 60 Apr 3
18:39 ncalrpc
drwxr-xr-x. 2 root
2020 Apr 04
1
Samba 4.12 SELinux context /var/run
On 3 Apr 2020, at 21:53, Rowland penny via samba wrote:
> On 03/04/2020 20:34, Tobias Kirchhofer via samba wrote:
>> Hi, since 4.12 Samba SELinux context for /var/run/samba is not
>> correct anymore:
>>
>> ```
>> root at files:~ # ls -la -Z /var/run/samba/
>> total 12
>> drwxr-xr-x.? 5 root root system_u:object_r:var_run_t:s0? 160 Apr 3
>>