Displaying 20 results from an estimated 200 matches similar to: "Restarting Named on CentOS-6 gives SE Error"
2015 Oct 27
0
CentOS-6.6 SELinux questions
we have remote server running as a guest instance on a kvm host. This
server acts as a public MX service for our domains along with
providing a backup for our Mailman mailing lists. It also has a slave
named service.
while tracking down a separate problem I discovered these avc
anomalies and ran audit2allow to see what was required to eliminate
them. All the software is either from CentOS or
2014 Dec 09
1
CentOS-6.6 - Selinux and Postfix-2.11.1
Applied policy update. Now I see these occasionally. But by the time I try and
see what the matter is the file is gone:
/var/log/maillog
. . .
Dec 9 15:12:08 inet08 postfix/smtp[3670]: fatal: shared lock
active/0A7EC60D8A: Resource temporarily unavailable
. . .
Dec 9 15:12:08 inet08 postfix/smtp[3758]: fatal: shared lock
active/8DD5060F81: Resource temporarily unavailable
. . .
Dec 9 15:12:09
2007 Aug 16
1
SELinux questions, upon restarting BIND
Hi all,
On my newly up-and-running nameserver (CentOS 5), I noticed the
following alerts in /var/log/messages after restarting BIND. (lines
inserted to aid in reading).
As I'm new to SELinux, I'm hoping for some pointers on 1) if this is an
issue which simply *must* be addressed, or if it's something I should
live with, and 2) how to eliminate the warming messages without
sacrificing
2009 Aug 15
1
Confused about named, chroot, and tmp files.
Any ideas why bind is putting the tmp files in the [chroot]/var/named directory
and not in /tmp or /var/tmp?
[root at devserver21 chroot]# Aug 15 14:08:21 devserver21 named[5101]: loading
configuration from '/etc/named.conf'
Aug 15 14:08:21 devserver21 named: named reload succeeded
Aug 15 14:08:21 devserver21 named[5101]: dumping master file: tmp-XXXXQ5X9mC:
open: permission denied
Aug 15
2014 May 05
2
Opendkim and SELinux
CentOS-6.5
OpenDKIM-2.9.0 (epel)
Postfix-2.6.6 (updates)
I am trying to get opendkim working with our mailing lists. In the course of
that endeavour I note that these messages are appearing in our syslog:
May 4 20:50:02 inet08 setroubleshoot: SELinux is preventing
/usr/sbin/opendkim from using the signull access on a process. For complete
SELinux messages. run sealert -l
2012 May 30
1
need assist with upstart config problem
I am trying, without success, to create an upstart config file to
automatically start and restart an ssh proxy. The command sting that
I use in the script has been checked and verified from the shell but
it fails in the upstart file.
The file contents are:
. . .
# proxy is used to authenticate smtp submissions
# so start it before the postfix service starts
start on starting postfix
# Take
2014 Nov 25
0
CentOS-5.10 Sendmail STARTTLS error
Am 25.11.2014 um 21:39 schrieb James B. Byrne:
> This morning I discovered this in the logwatch report for our external MX
> backup host.
>
>
> STARTTLS: write error=syscall error (-1), errno=32,
> get_error=error:00000000:lib(0):func(0):reason(0), retry=99, ssl_err=5: 206
> Time(s)
>
>
>
> I also see many entries similar to this:
>
>
>
> 8:
2014 Nov 25
2
CentOS-5.10 Sendmail STARTTLS error
This morning I discovered this in the logwatch report for our external MX
backup host.
STARTTLS: write error=syscall error (-1), errno=32,
get_error=error:00000000:lib(0):func(0):reason(0), retry=99, ssl_err=5: 206
Time(s)
I also see many entries similar to this:
8: fl=0x802, mode=140777: SOCK
inet04.mississauga.harte-lyne.ca/34091->(Transport endpoint is not connected):
1 Time(s)
2012 Mar 22
1
CentOS-6, Postfix and Mailman
We have a bunch of lists hosted on a CentOS-4.9 server
running sendmail and mailman that we are moving to a
CentOS-6 vm running postfix and mailman. I am testing the
setup and I am running into a problem no doubt caused by
my own ignorance wrt postfix.
Based on groking the web I discovered that the recommended
way to configure postfix to work with mailman is a script
called
2017 Feb 12
0
Centos7 and old Bind bug
On 02/11/2017 08:56 PM, Robert Moskowitz wrote:
> This seems to be bug 1103439 which was 'fixed' for Centos6.
>
> What should I do about this? Is there a SELinux policy to apply or
> should I the avoid upd-ports option in Bind?
It looks like that bug was assigned to the selinux-policy component,
where it was CLOSED NOTABUG, and then mistakenly marked CLOSED ERRATA.
The
2017 Feb 12
2
Centos7 and old Bind bug
On 02/12/2017 01:40 PM, Gordon Messmer wrote:
> On 02/11/2017 08:56 PM, Robert Moskowitz wrote:
>> This seems to be bug 1103439 which was 'fixed' for Centos6.
>>
>> What should I do about this? Is there a SELinux policy to apply or
>> should I the avoid upd-ports option in Bind?
>
>
> It looks like that bug was assigned to the selinux-policy
2007 Aug 17
2
repost: SELinux questions, upon restarting BIND
As this remains an issue for me, I'm reposting. Please forgive the redundancy, but I've been unable to find the answer and am hoping for some guidance.
Thanks in advance,
~Ray
==========Original Posts follow==========
(full output is in the original thread)
Ray Leventhal wrote:
> > Hi all,
> >
> > On my newly up-and-running nameserver (CentOS 5), I noticed the
>
2006 Aug 25
1
SELinux targeted - named, portmap and syslogd errors
Yesterday I activated SELinux in targeted mode, then I rebooted and started
receiving some error messages in the system services initialization:
======================================================================
audit(1156518721.252:2): avc: denied { read } for pid=2223 comm="syslogd"
name="libc-2.3.4.so" dev=dm-0 ino=50441 scontext=user_u:system_r:syslogd_t
2015 Jan 19
2
CentOS-6.6 Fail2Ban and Postfix Selinux AVCs
I am seeing these in the log of one of our off-site NX hosts running
CentOS-6.6.
type=AVC msg=audit(1421683972.786:4372): avc: denied { create } for
pid=22788 comm="iptables" scontext=system_u:system_r:fail2ban_t:s0
tcontext=system_u:system_r:fail2ban_t:s0 tclass=rawip_socket
Was caused by:
Missing type enforcement (TE) allow rule.
You can use
2014 Apr 23
1
SELInux and POSTFIX
Installed Packages
Name : postfix
Arch : x86_64
Epoch : 2
Version : 2.6.6
Release : 6.el6_5
Size : 9.7 M
Repo : installed
>From repo : updates
I am seeing several of these in our maillog file after a restart of the
Postfix service:
Apr 23 12:48:27 inet08 setroubleshoot: SELinux is preventing
/usr/libexec/postfix/smtp from 'read, write'
2014 May 12
1
OpenDKIM and SELinux
Following the most recent kernel updates I restarted our outgoing SMTP MTA
which was recently reconfigured to DKIM sign messages using OpenDKIM. This
morning I discovered that Postfix had stopped on that server. Whether it is
related to the Postfix issue or not is yet to be determined but, in the
process of getting things restarted I ran across this error with Open DKIM:
# service opendkim
2012 Nov 26
0
Installation and Setup of Samba4 AD DC on CentOS6
I have setup a Samba4 server and would like to report my experiences in
the hope that it may be helpful to others.
I basically followed the official Samba4 HowTo, which is very good.
Based on what I have seen, this is the only document I would recommend
people to follow. I will try not to repeat things that are covered in
the HowTo, but rather focus on what I did differently or additionally,
2014 Aug 21
1
Centos 7 lockup
A machine I set up to run OpenNMS stopped working last night - no
hardware alarm lights, but keyboard/monitor/network unresponsive.
After a reboot I see a large stack of messages like this in
/var/log/messages:
----
Aug 20 14:02:34 opennms-h-03 python: SELinux is preventing
/usr/sbin/monitor-get-edid-using-vbe from mmap
_zero access on the memprotect .
***** Plugin mmap_zero (53.1 confidence)
2012 Apr 30
1
SELinux is preventing /usr/libexec/postfix/pickup from module_request
Getting module_request errors from SELinux. Errors being thrown by
metacity
sendmail.postfix
cleanup
trivial-rewarite
local
postdrop
pickup
All errors are essentially the same
System was working well until I began to apply some basic security
hardening configuration.
Postfix started complaining when I made /tmp noexec, nodev, nosuid, and
then did a mount --bind of /var/tmp under
2012 May 28
0
mcelog SELinux errors
Prowling around in the system logs this morning I discover the
following entries:
May 27 09:48:27 vhost01 mcelog: Cannot open logfile /var/log/mcelog:
Permission
denied
May 27 09:48:27 vhost01 mcelog: failed to prefill DIMM database from
DMI data
May 27 09:48:27 vhost01 mcelog: Cannot bind to client unix socket
`/var/run/mcel
og-client': Permission denied
and later:
vhost01 setroubleshoot: