Displaying 20 results from an estimated 7000 matches similar to: "Samba 4.12 SELinux context /var/run"
2020 Apr 04
1
Samba 4.12 SELinux context /var/run
On 3 Apr 2020, at 21:53, Rowland penny via samba wrote:
> On 03/04/2020 20:34, Tobias Kirchhofer via samba wrote:
>> Hi, since 4.12 Samba SELinux context for /var/run/samba is not
>> correct anymore:
>>
>> ```
>> root at files:~ # ls -la -Z /var/run/samba/
>> total 12
>> drwxr-xr-x.? 5 root root system_u:object_r:var_run_t:s0? 160 Apr 3
>>
2015 Jun 30
6
RPC server not available when windows client attempts to join samba AD
I am installing a new Samba 4.2 Active Directory server on CentOS 7. I
followed the Wiki instructions on how to create the server. I am using
sernet-samba 4.2 binaries. Everything seems to be OK on the Linux side but
I cannot get any windows client to successfully join the domain. Each
attempt returns the following error message "RPC Server in not available".
Below are the config file
2009 Feb 06
1
Darned thing is suddenly failing. We had a reboot last night, and I
changed a couple of files today too, so either one could somehow be
responsible. But I can''t figure out how from this crash. First I noticed
that my changes weren''t updating. Then I noticed that puppet wasn''t
running. Then I found that it won''t, in fact, run.
/selinux contains only a
2012 Oct 22
1
SELinux AVC problem postfix <-> dspam
Hi,
I guess this is a bit OT but perhaps someone has encountered this issue
before. On a CentOS 6.3 x86_64 box I have installed postfix and dspam
from EPEL. Dspam is configured to listen on port 10026. After having
configured dspam and postfix I start dspam and then postfix and I see
the following AVC message in audit.log:
type=AVC msg=audit(1350920492.936:400): avc: denied { name_bind }
2015 Apr 26
2
Broken Selinux Postfix Policy?
Trying to restart postfix installed from yum. Restart fails, I get:
type=AVC msg=audit(1430429813.721:12167): avc: denied { unlink } for
pid=31624 comm="master" name="defer" dev="dm-0" ino=981632
scontext=system_u:system_r:postfix_master_t:s0
tcontext=system_u:object_r:postfix_spool_maildrop_t:s0 tclass=sock_file
I guess it needs to remove the
2013 Jan 12
2
selinux + kvm virtualization + smartd problem
Hello,
I'm using HP homeserver where host system run CentOS 6.3 with KVM
virtualization with SELinux enabled, guests too run the same OS (but
without SELinux, but this does not matter).
Host system installed on mirrors based on sda and sdb physical disks.
sd{c..f} disks attached to KVM guest (whole disks, not partitions;
needed to use zfs (zfsonlinux) benefit features). Problem is that
disks
2019 May 01
1
Brasero/cdrecord/growisofs with selinux users confined to staff_u
Hello CentOS / RedHat / IBM folks!
I am wondering if I can get a communication channel opened with
someone who can affect changes win upstream RHEL? I don't have
support accounts with RHEL, and use CentOS almost exclusively. I did
have a direct email conversation with Mr. Daniel Walsh regarding these
problems, but his answer was to create custom policy to allow what's
being denied, as
2013 Nov 16
1
(no subject)
[root at ipa tftpboot]# semanage fcontext -l | grep tftp
/tftpboot directory
system_u:object_r:tftpdir_t:s0
/tftpboot/.* all files
system_u:object_r:tftpdir_t:s0
/usr/sbin/atftpd regular file
system_u:object_r:tftpd_exec_t:s0
/usr/sbin/in\.tftpd regular
2017 Mar 15
2
Having problem getting Asterisk to work on CentOS 7
What are you using for the database - SQLite?
I am using mysql (mariadb).
I am not familiar with SQLlite. Can you access the database from the
console - look up the list of tables - display the contents from a
table? Anything to see if your SQLite is working and has asterisk data
in it.
From your Asterisk console,
|CLI> core show help database|
should give you a list of commands that you
2013 Dec 19
1
quota and selinux on centos 6.5
??? Hi,
I'm facing a challenge with selinux and because I don't got an explanation elsewhere, I'm trying to explain here.
I have decided to mount /var/spool/cron on a separate partition? and apply quota for regular users. But quotacheck replyes with a "permission denied" .
quotacheck: Cannot create new quotafile /var/spool/cron/aquota.user.new: Permission denied
2018 Sep 09
2
Type enforcement / mechanism not clear
Any SElinux expert here - briefly:
# getenforce
Enforcing
# sesearch -ACR -s httpd_t -c file -p read |grep system_conf_t
<no output>
# sesearch -ACR -s httpd_t -c file -p read |grep syslog_conf_t
<no output>
# ls -laZ /etc/sysctl.conf /etc/rsyslog.conf
-rw-r--r--. root root system_u:object_r:syslog_conf_t:s0 /etc/rsyslog.conf
-rw-r--r--. root root
2014 Mar 05
2
CentOS 5 + Quagga + SELinux
Hello All,
Does anyone happen to be running Quagga on CentOS 5 with SELinux in
enforcing mode?
Have you had to create SELinux policies or did it "just work" out of the
box?
(I'll get around to building this out on CentOS 6 as well.)
I'm simply trying to write my config (for the zebra daemon) and it can't be
written...
Looks like this bug from Fedora 8 in 2008 [0] remains
2020 Jul 25
3
tmpfs / selinux issue
Hi all,
I have some AVC in the logs and wonder how to resolve this: Under
EL8 (enforcing SElinux) I have /var/lib/php/session mounted as tmpfs.
# tail -1 /etc/fstab
tmpfs /var/lib/php/session tmpfs
defaults,noatime,mode=770,gid=apache,size=16777216,context="system_u:object_r:httpd_var_run_t:s0"
0 0
# df -a |grep php
tmpfs 16384 0 16384 0%
2011 Nov 03
1
CentOS-5.7 + megaraid + SELinux : update problem
Hello,
After updating to CentOS-5.7, I have a (small) problem :
The context of /dev/megadev0 is now defined
(in /etc/selinux/targeted/contexts/files/file_contexts) as
system_u:object_r:removable_device_t:s0.
This cause smartmontools to fail :
avc: denied { read write } for pid=2847 comm="smartd"
name="megadev0" dev=tmpfs ino=8284
2020 Jul 26
1
tmpfs / selinux issue
Am 26.07.20 um 12:23 schrieb Strahil Nikolov:
>
> ?? 25 ??? 2020 ?. 14:20:19 GMT+03:00, Leon Fauster via CentOS <centos at centos.org> ??????:
>> Hi all,
>>
>> I have some AVC in the logs and wonder how to resolve this: Under
>> EL8 (enforcing SElinux) I have /var/lib/php/session mounted as tmpfs.
>>
>>
>> # tail -1 /etc/fstab
>> tmpfs
2008 Oct 30
1
nfs mounted /home and selinux
I'm trying to set the context on an nfs mounted /home. I believe
exactly like in Redhat's Deployment Guide at
http://www.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/5.2/html/Deployment_Guide/ch45s02s03.html
On my system running CentOS 5.2:
$ ls -alZ /home
drwxr-xr-x root root system_u:object_r:home_root_t .
drwxr-xr-x root root system_u:object_r:root_t ..
$ mount -t
2014 Aug 14
2
SELinux vs. logwatch and virsh
Hello everyone -
I am stumped ... Does anyone have suggestions on how to proceed? Is there a way
to get what I want?
The environment: CentOS 7.0 with latest patches.
The goal: I want logwatch to include a report on the status of kvm virtual computers.
The problem: When run from anacron, SELinux denies permission for the virsh utility.
Here is a portion of the logwatch output:
2017 Oct 23
2
Unable to apply mysqld_db_t to mysql directory
Interesting to see the Equivalence. As a first thing, I tried:
semanage fcontext -a -e /var/lib/mysql.old /var/lib/mysql
then
restorecon -R /var/lib/mysql
# semanage fcontext -lC
SELinux fcontext type
Context
/home/users(/.*)? all files
system_u:object_r:user_home_dir_t:s0
/var/lib/mysql all
2018 Sep 09
3
Type enforcement / mechanism not clear
Am 09.09.2018 um 14:49 schrieb Daniel Walsh <dwalsh at redhat.com>:
>
> On 09/08/2018 09:50 PM, Leon Fauster via CentOS wrote:
>> Any SElinux expert here - briefly:
>>
>> # getenforce
>> Enforcing
>>
>> # sesearch -ACR -s httpd_t -c file -p read |grep system_conf_t
>> <no output>
>>
>> # sesearch -ACR -s httpd_t -c file
2017 Sep 23
2
more selinux problems ...
Hi,
how do I allow lighttpd access to a directory like this:
dr-xrwxr-x. lighttpd example unconfined_u:object_r:samba_share_t:s0 files_articles
I tried to create and install a selinux module, and it didn?t work.
The non-working module can not be removed, either:
semodule -r lighttpd-files_articles.pp
libsemanage.semanage_direct_remove_key: Unable to remove module lighttpd-files_articles.pp at