similar to: Restarting Named on CentOS-6 gives SE Error

we have remote server running as a guest instance on a kvm host. This server acts as a public MX service for our domains along with providing a backup for our Mailman mailing lists. It also has a slave named service. while tracking down a separate problem I discovered these avc anomalies and ran audit2allow to see what was required to eliminate them. All the software is either from CentOS or

Applied policy update. Now I see these occasionally. But by the time I try and see what the matter is the file is gone: /var/log/maillog . . . Dec 9 15:12:08 inet08 postfix/smtp[3670]: fatal: shared lock active/0A7EC60D8A: Resource temporarily unavailable . . . Dec 9 15:12:08 inet08 postfix/smtp[3758]: fatal: shared lock active/8DD5060F81: Resource temporarily unavailable . . . Dec 9 15:12:09

Hi all, On my newly up-and-running nameserver (CentOS 5), I noticed the following alerts in /var/log/messages after restarting BIND. (lines inserted to aid in reading). As I'm new to SELinux, I'm hoping for some pointers on 1) if this is an issue which simply *must* be addressed, or if it's something I should live with, and 2) how to eliminate the warming messages without sacrificing

Any ideas why bind is putting the tmp files in the [chroot]/var/named directory and not in /tmp or /var/tmp? [root at devserver21 chroot]# Aug 15 14:08:21 devserver21 named[5101]: loading configuration from '/etc/named.conf' Aug 15 14:08:21 devserver21 named: named reload succeeded Aug 15 14:08:21 devserver21 named[5101]: dumping master file: tmp-XXXXQ5X9mC: open: permission denied Aug 15

CentOS-6.5 OpenDKIM-2.9.0 (epel) Postfix-2.6.6 (updates) I am trying to get opendkim working with our mailing lists. In the course of that endeavour I note that these messages are appearing in our syslog: May 4 20:50:02 inet08 setroubleshoot: SELinux is preventing /usr/sbin/opendkim from using the signull access on a process. For complete SELinux messages. run sealert -l

I am trying, without success, to create an upstart config file to automatically start and restart an ssh proxy. The command sting that I use in the script has been checked and verified from the shell but it fails in the upstart file. The file contents are: . . . # proxy is used to authenticate smtp submissions # so start it before the postfix service starts start on starting postfix # Take

Am 25.11.2014 um 21:39 schrieb James B. Byrne: > This morning I discovered this in the logwatch report for our external MX > backup host. > > > STARTTLS: write error=syscall error (-1), errno=32, > get_error=error:00000000:lib(0):func(0):reason(0), retry=99, ssl_err=5: 206 > Time(s) > > > > I also see many entries similar to this: > > > > 8:

This morning I discovered this in the logwatch report for our external MX backup host. STARTTLS: write error=syscall error (-1), errno=32, get_error=error:00000000:lib(0):func(0):reason(0), retry=99, ssl_err=5: 206 Time(s) I also see many entries similar to this: 8: fl=0x802, mode=140777: SOCK inet04.mississauga.harte-lyne.ca/34091->(Transport endpoint is not connected): 1 Time(s)

We have a bunch of lists hosted on a CentOS-4.9 server running sendmail and mailman that we are moving to a CentOS-6 vm running postfix and mailman. I am testing the setup and I am running into a problem no doubt caused by my own ignorance wrt postfix. Based on groking the web I discovered that the recommended way to configure postfix to work with mailman is a script called

On 02/11/2017 08:56 PM, Robert Moskowitz wrote: > This seems to be bug 1103439 which was 'fixed' for Centos6. > > What should I do about this? Is there a SELinux policy to apply or > should I the avoid upd-ports option in Bind? It looks like that bug was assigned to the selinux-policy component, where it was CLOSED NOTABUG, and then mistakenly marked CLOSED ERRATA. The

On 02/12/2017 01:40 PM, Gordon Messmer wrote: > On 02/11/2017 08:56 PM, Robert Moskowitz wrote: >> This seems to be bug 1103439 which was 'fixed' for Centos6. >> >> What should I do about this? Is there a SELinux policy to apply or >> should I the avoid upd-ports option in Bind? > > > It looks like that bug was assigned to the selinux-policy

As this remains an issue for me, I'm reposting. Please forgive the redundancy, but I've been unable to find the answer and am hoping for some guidance. Thanks in advance, ~Ray ==========Original Posts follow========== (full output is in the original thread) Ray Leventhal wrote: > > Hi all, > > > > On my newly up-and-running nameserver (CentOS 5), I noticed the >

Yesterday I activated SELinux in targeted mode, then I rebooted and started receiving some error messages in the system services initialization: ====================================================================== audit(1156518721.252:2): avc: denied { read } for pid=2223 comm="syslogd" name="libc-2.3.4.so" dev=dm-0 ino=50441 scontext=user_u:system_r:syslogd_t

I am seeing these in the log of one of our off-site NX hosts running CentOS-6.6. type=AVC msg=audit(1421683972.786:4372): avc: denied { create } for pid=22788 comm="iptables" scontext=system_u:system_r:fail2ban_t:s0 tcontext=system_u:system_r:fail2ban_t:s0 tclass=rawip_socket Was caused by: Missing type enforcement (TE) allow rule. You can use

Installed Packages Name : postfix Arch : x86_64 Epoch : 2 Version : 2.6.6 Release : 6.el6_5 Size : 9.7 M Repo : installed >From repo : updates I am seeing several of these in our maillog file after a restart of the Postfix service: Apr 23 12:48:27 inet08 setroubleshoot: SELinux is preventing /usr/libexec/postfix/smtp from 'read, write'

Following the most recent kernel updates I restarted our outgoing SMTP MTA which was recently reconfigured to DKIM sign messages using OpenDKIM. This morning I discovered that Postfix had stopped on that server. Whether it is related to the Postfix issue or not is yet to be determined but, in the process of getting things restarted I ran across this error with Open DKIM: # service opendkim

I have setup a Samba4 server and would like to report my experiences in the hope that it may be helpful to others. I basically followed the official Samba4 HowTo, which is very good. Based on what I have seen, this is the only document I would recommend people to follow. I will try not to repeat things that are covered in the HowTo, but rather focus on what I did differently or additionally,

A machine I set up to run OpenNMS stopped working last night - no hardware alarm lights, but keyboard/monitor/network unresponsive. After a reboot I see a large stack of messages like this in /var/log/messages: ---- Aug 20 14:02:34 opennms-h-03 python: SELinux is preventing /usr/sbin/monitor-get-edid-using-vbe from mmap _zero access on the memprotect . ***** Plugin mmap_zero (53.1 confidence)

Getting module_request errors from SELinux. Errors being thrown by metacity sendmail.postfix cleanup trivial-rewarite local postdrop pickup All errors are essentially the same System was working well until I began to apply some basic security hardening configuration. Postfix started complaining when I made /tmp noexec, nodev, nosuid, and then did a mount --bind of /var/tmp under

Prowling around in the system logs this morning I discover the following entries: May 27 09:48:27 vhost01 mcelog: Cannot open logfile /var/log/mcelog: Permission denied May 27 09:48:27 vhost01 mcelog: failed to prefill DIMM database from DMI data May 27 09:48:27 vhost01 mcelog: Cannot bind to client unix socket `/var/run/mcel og-client': Permission denied and later: vhost01 setroubleshoot: