similar to: Please criticize my smb.conf

On 10/03/2017 11:32 AM, ToddAndMargo via samba wrote: > On 10/03/2017 05:33 AM, Rowland Penny via samba wrote: >> Sorry if some of these sound like teaching your grandmother to suck >> eggs, but it is better to say them than not;-) >> >> Rowland > > Hi Rowland, > >    I appreciate the the help!  You did exactly what I > ask for, which was to let it rip.

See inline comments On Mon, 2 Oct 2017 14:01:29 -0700 ToddAndMargo via samba <samba at lists.samba.org> wrote: > On 10/02/2017 01:06 PM, Rowland Penny via samba wrote: > > On Mon, 2 Oct 2017 12:38:19 -0700 > > ToddAndMargo via samba <samba at lists.samba.org> wrote: > > > >> Hi All, > >> > >> You please look over my smb.conf and make

On 10/03/2017 05:33 AM, Rowland Penny via samba wrote: > Sorry if some of these sound like teaching your grandmother to suck > eggs, but it is better to say them than not;-) > > Rowland Hi Rowland, I appreciate the the help! You did exactly what I ask for, which was to let it rip. I will have to read over slowly several times. Be nice to disable winbind too. My ego

Hey, all, I had a lot of trouble getting login working for Active Directory users on a Red Hat Enterprise Linux Samba 4 Active Directory domain controller. Here are some things I learned that I hope will be useful to someone: 1. The official build and deployment guidance (https://wiki.samba.org/index.php/Samba_AD_DC_HOWTO) does not address SELinux. Every other guide I read on the web said to

Le 26/02/2020 ? 11:51, Nicolas Kovacs a ?crit?: > SELinux is preventing /usr/bin/python2.7 from read access on the file disable. > > *****? Plugin catchall (100. confidence) suggests?? ***** > > If you believe that python2.7 should be allowed read access on the disable file > by default. > Then you should report this as a bug. > You can generate a local policy module to

On Wed, 26 Feb 2020 at 14:06, Jonathan Billings <billings at negate.org> wrote: > On Feb 26, 2020, at 08:52, Nicolas Kovacs <info at microlinux.fr> wrote: > > > >> Le 26/02/2020 ? 11:51, Nicolas Kovacs a ?crit : > >> SELinux is preventing /usr/bin/python2.7 from read access on the file > disable. > >> ***** Plugin catchall (100. confidence)

Hi, I just installed SpamAssassin on two servers running CentOS 7 and Postfix. One is my sandbox server for experimenting, the other one is the server that hosts my company's web site, blog, mail, etc. So far, SpamAssassin seems to work as expected. I sent a test mail, which was duly flagges as [SPAM], and I already see the odd incoming spam message correctly flagged as [SPAM]. For testing

Hi, I'm running CentOS 7 on an Internet-facing server. SELinux is in permissive mode for debugging. I've removed FirewallD and replaced it with a custom-made Iptables script. I've also installed and configured Fail2ban (fail2ban-server package) to protect the server from brute force attacks. Out of the box, Fail2ban doesn't seem to play well with SELinux. Here's what I

On Feb 26, 2020, at 08:52, Nicolas Kovacs <info at microlinux.fr> wrote: > >> Le 26/02/2020 ? 11:51, Nicolas Kovacs a ?crit : >> SELinux is preventing /usr/bin/python2.7 from read access on the file disable. >> ***** Plugin catchall (100. confidence) suggests ***** >> If you believe that python2.7 should be allowed read access on the disable file by default.

On 10/02/2017 01:06 PM, Rowland Penny via samba wrote: > On Mon, 2 Oct 2017 12:38:19 -0700 > ToddAndMargo via samba <samba at lists.samba.org> wrote: > >> Hi All, >> >> You please look over my smb.conf and make >> criticism as appropriate? >> >> This is a workgroup server. >> winbind is running >> DDNS is also running (DNS [bind]

Daniel Walsh wrote: > On 09/22/2017 06:58 AM, hw wrote: >> >> PS: Now I found this: >> >> >> type=PROCTITLE msg=audit(09/22/2017 12:08:29.911:1023) : proctitle=/usr/lib/sendmail -t -oi -oem -fwawi-genimp >> type=SYSCALL msg=audit(09/22/2017 12:08:29.911:1023) : arch=x86_64 syscall=setgroups success=no exit=EPERM(Operation not permitted) a0=0x1

Hi Leon, I don't have access to a CentOS 6.10 system handy, but it looks like a policy issue. If I take you're ausearch output and pipe it to audit2allow on my CentOS 7.6 system, I get the following: #============= httpd_t ============== #!!!! This avc is allowed in the current policy allow httpd_t httpd_sys_script_t:process signull; Noting that on my 7.6 system with selinux enforcing

On 09/22/2017 06:58 AM, hw wrote: > > PS: Now I found this: > > > type=PROCTITLE msg=audit(09/22/2017 12:08:29.911:1023) : > proctitle=/usr/lib/sendmail -t -oi -oem -fwawi-genimp > type=SYSCALL msg=audit(09/22/2017 12:08:29.911:1023) : arch=x86_64 > syscall=setgroups success=no exit=EPERM(Operation not permitted) > a0=0x1 a1=0x7ffc1df3b0d0 a2=0x0 a3=0x7f5d77c3a300

I`m having trouble running some games (JadeDynasty,War Of The Immortals) after I have installed them and I need to determine if this is the problem. Is anyone famaliar with the following msg: SELinux is preventing wine-preloader from mmap_zero access on the memprotect . ***** Plugin mmap_zero (53.1 confidence) suggests ************************** If you do not think wine-preloader should need

Getting module_request errors from SELinux. Errors being thrown by metacity sendmail.postfix cleanup trivial-rewarite local postdrop pickup All errors are essentially the same System was working well until I began to apply some basic security hardening configuration. Postfix started complaining when I made /tmp noexec, nodev, nosuid, and then did a mount --bind of /var/tmp under

A machine I set up to run OpenNMS stopped working last night - no hardware alarm lights, but keyboard/monitor/network unresponsive. After a reboot I see a large stack of messages like this in /var/log/messages: ---- Aug 20 14:02:34 opennms-h-03 python: SELinux is preventing /usr/sbin/monitor-get-edid-using-vbe from mmap _zero access on the memprotect . ***** Plugin mmap_zero (53.1 confidence)

Hello everyone, I have a problem with oddjob_mkhomedir on a NFS mount point. The actual context is nfs_t drwxr-xr-x. root root system_u:object_r:nfs_t:s0 users/ With this type, oddjob_mkhomedir cannot do is job of creating home user directories. In the logs, I found about creating a new module with audi2allow and semodule: [root@ audit]# sealert -l fe2d7f60-d3ff-405b-b518-38d0cf021598

On Wed, December 17, 2014 05:07, Patrick Bervoets wrote: > Hi, > > On an internal webserver (latest C6) I want smb-access to /var/www/html/ > In april I did > chcon -R -t public_content_rw_t /var/www/html/ > setsebool -P allow_smbd_anon_write 1 > setsebool -P allow_httpd_anon_write 1 > echo "/var/www/html/ --

Hey guys, Quick update. I grepped through the output of getsebool -a to see that related to puppet. And I found this setting: puppetagent_manage_all_files. So I tried running this command: setsebool -P puppetagent_manage_all_files 0 And did a restorecon on my modules directory: restorecon -R -v environments/production/moudles So there's good news and bad news to report! It seems that

I do not want to disable SELinux at large but only for a directory and its sub-directories. On Fri, Sep 16, 2016 at 8:31 AM, Eddie G. O'Connor Jr. <eoconnor25 at gmail.com > wrote: > Not sure about most others, but I was always told that you never disable > Selina. Of course that is in a business/corporate setting. If it's just > you at home with a few servers? Then