similar to: Very odd: /proc/sys/net/ipv6/conf/all/disable_ipv6

Displaying 20 results from an estimated 10000 matches similar to: "Very odd: /proc/sys/net/ipv6/conf/all/disable_ipv6"

2005 Jul 06
0
SELinux startup issue on FC4...
When using nat and the new 2.4.0 providers functionality, the following error is produced on boot with FC4: Cannot open "/proc/sys/net/ipv4/route/flush The box is running the latest update: selinux-policy-targeted-1.23.18-17 >From /var/log/audit/audit.log: type=PATH msg=audit(1120675555.415:78677): item=0 name="/sbin/ip" type=AVC_PATH msg=audit(1120675555.415:78677):
2009 Jan 12
1
Deliver *sometimes* delivers via /tmp?
Hi, I'm running dovecot (1.1.7) deliver and sieve (1.1.5) on a Fedora 9 platform, using selinux targetet mode. Most of the mail deliveries goes well, but once deliver tried to copy the mail to the /tmp directory, which it seems it not allowed by selinux. I guess that deliver wants to sanitize the mail or something and therefore copies it to /tmp. Before I ask for selinux to allow this, I
2007 Aug 16
1
SELinux questions, upon restarting BIND
Hi all, On my newly up-and-running nameserver (CentOS 5), I noticed the following alerts in /var/log/messages after restarting BIND. (lines inserted to aid in reading). As I'm new to SELinux, I'm hoping for some pointers on 1) if this is an issue which simply *must* be addressed, or if it's something I should live with, and 2) how to eliminate the warming messages without sacrificing
2014 Dec 03
0
SEtroubleshootd Crashing
Looks like turning on three booleans will solve most of the problem. httpd_execmem, httpd_run_stickshift, allow_httpd_anon_write On 12/03/2014 03:55 AM, John Beranek wrote: > Mark: Labels look OK, restorecon has nothing to do, and: > > -rwxr-xr-x. root root system_u:object_r:bin_t:s0 /bin/ps > > dr-xr-xr-x. root root system_u:object_r:proc_t:s0 /proc > > I'll
2012 Feb 24
0
SELinux killed my qemu-kvm
All of a sudden, Virtual Machine Manager (VMM) on a CentOS 5.7 load will no longer run any VMs. The VM worked A-OK on the morning of 23 Feb, when I brought it up, applied the Microsoft updates, rebooted it, installed an application, rebooted again and ran several tests. Later that day, it wouldn't run. I didn't have time to diagnose, so I did some investigation a few minutes ago. Working
2018 Oct 12
0
Restarting Named on CentOS-6 gives SE Error
Restarting one of our named services produces this entry in the system log file: Oct 12 08:47:45 inet08 setroubleshoot: SELinux is preventing /usr/sbin/named from search access on the directory . For complete SELinux messages. run sealert -l 9eabadb9-0e03-4238-bdb8-c5204333a0bf Checking the selinux incident reference shows this: # sealert -l 9eabadb9-0e03-4238-bdb8-c5204333a0bf SELinux is
2014 Dec 03
1
SEtroubleshootd Crashing
Indeed, thanks Dan - it doesn't get us to a completely clean running that would allow us to run our Node app as we are under Passenger with SELinux enforcing, but it at least has stopped the excessive amount of AVCs we were getting. John On 3 December 2014 at 10:01, Daniel J Walsh <dwalsh at redhat.com> wrote: > Looks like turning on three booleans will solve most of the problem.
2016 Apr 20
0
Cannot Run On The Command Line
$ R /usr/bin/R: line 238: /usr/lib64/R/etc/ldpaths: Permission denied $ rpm -q R R-3.2.3-2.fc23.x86_64 That /usr/bin/R#L238 is: . "${R_HOME}/etc${R_ARCH}/ldpaths" I noticed the error began bursting shortly after I ran dnf update. An excerpt from dnf's transaction logs: $ dnf history info <ID> Upgraded setroubleshoot-3.3.5-2.fc23.x86_64 @updates Upgrade
2007 Apr 20
2
Learning SELINUX management, help?
OK, so setup CENTOS-5 on a laptop to learn about Xen stuff. KDE Desktop, wanted to print the virt.108.com xen howto. Needed to setup printer first. Open KDE control center, go to printers. Hear error sound, message says "Unable to retrieve the printer list.... Connection to CUPS server failed. ..." So I check to see that cups is running (it is). I check /var/log/messages
2012 May 28
0
Another odd SELinux message
Does anyone recognize this sort of message or have any idea what might cause it? May 28 11:00:06 inet09 setroubleshoot: [avc.ERROR] Plugin Exception catchall #012Traceback (most recent call last):#012 File "/usr/lib64/python2.6/site-packages/setroubleshoot/analyze.py", line 191, in analyze_avc#012 report = plugin.analyze(avc)#012 File
2015 Jan 19
2
CentOS-6.6 Fail2Ban and Postfix Selinux AVCs
I am seeing these in the log of one of our off-site NX hosts running CentOS-6.6. type=AVC msg=audit(1421683972.786:4372): avc: denied { create } for pid=22788 comm="iptables" scontext=system_u:system_r:fail2ban_t:s0 tcontext=system_u:system_r:fail2ban_t:s0 tclass=rawip_socket Was caused by: Missing type enforcement (TE) allow rule. You can use
2014 Dec 03
2
SEtroubleshootd Crashing
Mark: Labels look OK, restorecon has nothing to do, and: -rwxr-xr-x. root root system_u:object_r:bin_t:s0 /bin/ps dr-xr-xr-x. root root system_u:object_r:proc_t:s0 /proc I'll send the audit log on to Dan. Cheers, John On 2 December 2014 at 16:10, Daniel J Walsh <dwalsh at redhat.com> wrote: > Could you send me a copy of your audit.log. > > You should not be
2013 Jun 03
3
puppet master fails to set selinux context on /etc/puppet/auth.conf
I am running puppet 3.2.1, using the puppetlabs repos, on centos 6.4. I keep getting these messages in the log: (every 30 minutes) Jun 3 11:24:55 yoda puppet-master[20292]: Failed to set SELinux context system_u:object_r:puppet_etc_t:s0 on /etc/puppet/auth.conf Jun 3 11:24:55 yoda puppet-master[20292]: Failed to set SELinux context system_u:object_r:puppet_etc_t:s0 on
2007 May 30
2
Centos 5 OpenVPN / SElinux
Hi, I'm running Centos 5 32bit and installed openvpn-2.0.9-1.el5.rf from Dag Wieers Repo. When OpenVPN is started during boot-up it just shows an SElinux related error message. When I start OpenVPN manually after the system has come up completely it works fine. Here are all the messages from /var/log/messages that are SElinux related: May 28 21:39:15 srsblnfw01 kernel:
2016 Dec 28
0
Help with httpd userdir recovery
Robert Moskowitz wrote: > > > On 12/28/2016 03:32 PM, J Martin Rushton wrote: >> >> On 28/12/16 20:11, Robert Moskowitz wrote: >>> >>> On 12/28/2016 01:53 PM, m.roth at 5-cent.us wrote: >>>> Robert Moskowitz wrote: >>>>> On 12/28/2016 05:11 AM, Todor Petkov wrote: >>>>>> On Wed, Dec 28, 2016 at 5:18 AM, Robert
2008 Mar 02
0
Odd AVC from tcpdump
Whenever tcpdump fills a savefile to capacity (-C option) and tries to open a new one, I get the following AVC denial: kernel: audit(1204485464.409:106): avc: denied { search } for pid=2702 comm="tcpdump" name="/" dev=hdb1 ino=2 scontext=system_u:system_r:netutils_t:s0 t context=system_u:object_r:default_t:s0 tclass=dir Any suggestions as the the proper fix to make this
2017 Sep 04
0
selinux denial of cgi script with httpd using ssl
On Tue, Sep 5, 2017 at 9:49 AM, Gregory P. Ennis <PoMec at pomec.net> wrote: > Thanks for your help. > > I did pick up an additional entry in the audit file : > > > type=AVC msg=audit(1504561395.709:10196): avc: denied { execute } for > pid=19163 comm="/usr/sbin/httpd" name="s.check.cgi" dev="dm-0" > ino=537182029
2016 Dec 28
0
Help with httpd userdir recovery
On 12/28/2016 06:05 PM, J Martin Rushton wrote: > > On 28/12/16 21:24, m.roth at 5-cent.us wrote: >> Robert Moskowitz wrote: >>> >>> On 12/28/2016 03:32 PM, J Martin Rushton wrote: >>>> On 28/12/16 20:11, Robert Moskowitz wrote: >>>>> On 12/28/2016 01:53 PM, m.roth at 5-cent.us wrote: >>>>>> Robert Moskowitz wrote:
2019 Jul 12
0
new dovecot, selinux Problem ?
Hello List, after the last update I have a selinux "Problem" with dovecot. My system is a centos 7. After a new start from dovecot selinux block a connection. Jul 12 16:24:24 mx01 systemd: Starting Dovecot IMAP/POP3 email server... Jul 12 16:24:54 mx01 systemd: Started Dovecot IMAP/POP3 email server. Jul 12 16:24:54 mx01 dovecot: Warning: Corrected permissions for login directory
2016 Feb 29
0
Odd selinux complaints on new, fully updated CentOS 7
Just installed 7.2, and I'm seeing this - is this a bug in the policy? ************************** SELinux is preventing systemd-readahe from add_name access on the directory .readahead.new. ***** Plugin catchall_labels (83.8 confidence) suggests ******************* If you want to allow systemd-readahe to have add_name access on the .readahead.new directory Then you need to change the