similar to: ntp/chrony on AD DC and SELinux

On 11/3/20 10:02 AM, Matthias Leopold via samba wrote: > Hi, > > the instructions for "Time Synchronisation - SELinux Labeling and > Policy" on > https://wiki.samba.org/index.php/Time_Synchronisation_-_SELinux_Labeling_and_Policy > don't seem to work on CentOS 8. Using chrony I tried to adapt them (with > very limited SELinux knowledge) like this: > >

hi, i want set selinux to usw with ntpd but when i run (as described in wiki) semanage -a -t ntpd_t "/usr/local/samba/var/lib/ntp_signd" i have that error " usage: semanage [-h] {import,export,login,user,port,ibpkey,ibendport,interface,module,node,fcontext,boolean,permissive,dontaudit} ... semanage: error: argument subcommand: invalid choice:

Hi I'm running samba 4.7.6 on ubuntu 18.04 as (backup / secondary) domain controller that joined to an Existing Active Directory (Windows 2012R2 server). The question is about Time Synchronization across the domain. How should I configure chrony v3.2 in order to provide time synchronization: 1. between main Windows DC and Samba DC 2. Between Samba DC and windows clients in case when

I want my XP clients to update their clocks from my samba server. I have time server = yes in smb.conf, and running ntpd on the server, but my clients aren't updating their clocks. I tried running the command manually logged in as a domain user: net time /setsntp:10.8.2.3 but it just says "System error 5 has occurred. Access is denied". Any ideas?

Just prior to the time change, I made sure that ntpd and my timezone files were properly setup. Since this time, I've noticed the following errors: audit(1173310084.404:5): avc: denied { read } for pid=8634 comm="ntpd" name="unexpected.tdb" dev=md1 ino=147662 scontext=root:system_r:ntpd_t tcontext=root:object_r:samba_var_t tclass=file I've not successfully (so

On 4/16/19 12:47 PM, Marco Gemignani via samba wrote: > hi, i want set selinux to usw with ntpd > > > but when i run (as described in wiki) > > semanage -a -t ntpd_t "/usr/local/samba/var/lib/ntp_signd" > > > i have that error > " > usage: semanage [-h] > > >

Hi, I guess this is a bit OT but perhaps someone has encountered this issue before. On a CentOS 6.3 x86_64 box I have installed postfix and dspam from EPEL. Dspam is configured to listen on port 10026. After having configured dspam and postfix I start dspam and then postfix and I see the following AVC message in audit.log: type=AVC msg=audit(1350920492.936:400): avc: denied { name_bind }

Trying to restart postfix installed from yum. Restart fails, I get: type=AVC msg=audit(1430429813.721:12167): avc: denied { unlink } for pid=31624 comm="master" name="defer" dev="dm-0" ino=981632 scontext=system_u:system_r:postfix_master_t:s0 tcontext=system_u:object_r:postfix_spool_maildrop_t:s0 tclass=sock_file I guess it needs to remove the

Hi. I've installed BackupPC 3.1.0 from Testing repository, to Cent OS 5.2 x86_64, and I am hitting an SE Linux denial - the httpd cannot talk to the BackupPC socket: type=AVC msg=audit(07/31/2008 17:18:53.623:410) : avc: denied { connectto } for pid=11767 comm=httpd path=/var/log/BackupPC/BackupPC.sock scontext=user_u:system_r:httpd_t:s0 tcontext=user_u:system_r:initrc_t:s0

Hi, since 4.12 Samba SELinux context for /var/run/samba is not correct anymore: ``` root at files:~ # ls -la -Z /var/run/samba/ total 12 drwxr-xr-x. 5 root root system_u:object_r:var_run_t:s0 160 Apr 3 20:42 . drwxr-xr-x. 30 root root system_u:object_r:var_run_t:s0 1000 Apr 3 18:39 .. drwxr-xr-x. 3 root root system_u:object_r:var_run_t:s0 60 Apr 3 18:39 ncalrpc drwxr-xr-x. 2 root

Hi, does anyone know if aide should have access to this socket? SELinux is preventing /usr/sbin/aide from write access on the sock_file /var/run/winbindd/pipe. Thanks Patrick (on CentOS6 if that matters)

Hello! I have samba 3.0.23c-2 installed on Fedora Core 7. Smbd and nmbd daemons start automotically with computer via commands in rc.local: smbd -D nmbd -D But there is one problem. When smbd starts via rc.local, it can't write files to the disk. And when I start it myself, everything is fine. smbd.log: [2007/05/21 09:49:06, 0] lib/util_sock.c:write_data(562) write_data: write failure

On May 4, 2018, at 5:13 PM, Gordon Messmer <gordon.messmer at gmail.com> wrote: > > On 05/04/2018 12:03 PM, Warren Young wrote: >> ?there is a command down in section 2 that gives an error here on CentOS 7: >> >> $ sudo semanage fcontext ?at samba_share_t /path/to/share >> ?noise noise noise? >> semanage: error: unrecognized arguments:

Hi: I have been using Dovecot for well over a year now and it has always worked with few problems. The mail setup is not simple... Postfix+MailScanner+ClamAV+Docvecot+MySql+postfix.admin... just to mention the major things. The system is CentOS 5.3 on VMware. The maildir is on an NFS share, index and control is local. About a month ago I thought I upgraded from 1.1.x to 1.2.x. by doing an

Hi Volker, It would be useful if your 3.3.9 build (currently in recent) included the /var/spool/samba directory - it just took me a while to figure out why Samba printing wasn't working on a new EL5 server ;-) Moray. "To err is human.? To purr, feline"

On 3 Apr 2020, at 21:53, Rowland penny via samba wrote: > On 03/04/2020 20:34, Tobias Kirchhofer via samba wrote: >> Hi, since 4.12 Samba SELinux context for /var/run/samba is not >> correct anymore: >> >> ``` >> root at files:~ # ls -la -Z /var/run/samba/ >> total 12 >> drwxr-xr-x.? 5 root root system_u:object_r:var_run_t:s0? 160 Apr 3 >>

He Rowland/list, Not that im pro chrony, i still preffer ntp. If everybody with an os below test this, and report back like below, then all settings are findable through the list. Please review / check it. Requirements, chrony 3.x+, this is depends on distro version. Debian 9 : 3.0 checked - done - OK Ubuntu 17.10 : 3.1 Ubuntu 18.04 : 3.2 checked - done - OK Fedora 26 : 3.2 Mageia

On 02/05/2017 11:58 AM, J Martin Rushton wrote: > On 05/02/17 16:15, Richard wrote: >>> Date: Sunday, February 05, 2017 10:26:05 -0500 >>> From: Robert Moskowitz <rgm at htt-consult.com> >>> >>> I have read: >>> http://thegeekdiary.com/centos-rhel-7-chrony-vs-ntp-differences-bet >>> ween-ntpd-and-chronyd/ >>> >>> My

Quick check shows. Debian 9+, Ubuntu 17.04+, RH7+, Centos7+, Fedora 26+. OpenSuse 15.0, Mageia Cauldron, ( maybe more ) But these all support Chrony with samba AD. ( MS-SNTP ) out of the box. Greetz, Louis > -----Oorspronkelijk bericht----- > Van: samba [mailto:samba-bounces at lists.samba.org] Namens > Andrew Bartlett via samba > Verzonden: maandag 4 juni 2018 10:59 >

On Mon, 4 Jun 2018 17:45:20 +0200 Miroslav Lichvar <mlichvar at redhat.com> wrote: > On Mon, Jun 04, 2018 at 04:54:36PM +0200, Andreas Schneider wrote: > > On Monday, 4 June 2018 14:52:34 CEST Rowland Penny wrote: > > > In ntp.conf you set a line like this: > > > > > > restrict default kod nomodify notrap nopeer mssntp > > > > > > I