similar to: SELinux - different context on subdirectories

In this wiki article: https://wiki.centos.org/HowTos/SetUpSamba ?there is a command down in section 2 that gives an error here on CentOS 7: $ sudo semanage fcontext ?at samba_share_t /path/to/share ?noise noise noise? semanage: error: unrecognized arguments: samba_share_t /path/to/share That and the following restorecon command can be replaced by a single shorter command, which

On May 4, 2018, at 5:13 PM, Gordon Messmer <gordon.messmer at gmail.com> wrote: > > On 05/04/2018 12:03 PM, Warren Young wrote: >> ?there is a command down in section 2 that gives an error here on CentOS 7: >> >> $ sudo semanage fcontext ?at samba_share_t /path/to/share >> ?noise noise noise? >> semanage: error: unrecognized arguments:

On Fri, 2018-05-04 at 14:55 -0700, Akemi Yagi wrote: > On Fri, May 4, 2018 at 2:26 PM, Warren Young <warren at etr-usa.com> > wrote: > > On May 4, 2018, at 3:03 PM, Akemi Yagi <amyagi at gmail.com> wrote: > > > > > > On Fri, May 4, 2018 at 12:03 PM, Warren Young <warren at etr-usa.com > > > > wrote: > > > > > > > >

On 05/04/2018 04:05 PM, Warren Young wrote: > On May 4, 2018, at 4:11 PM, Louis Lagendijk <louis at fazant.net> wrote: >> The comment is correct: chcon will not survive a relabel. You need to >> update the database first (semanage fcontext) and then let a relabel >> apply the new context. > Alright, then why do I get that error when I give the command from this

Hi All, Fedora Core 24, x64 samba-4.4.5-1.fc24.x86_64 I am using the following direction to set up SELinux with Samba: https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Managing_Confined_Services/sect-Managing_Confined_Services-Samba-Configuration_examples.html to set up SELinux with Samba 1) I created a directory called /export # ls -al /export total 28

On May 4, 2018, at 3:03 PM, Akemi Yagi <amyagi at gmail.com> wrote: > > On Fri, May 4, 2018 at 12:03 PM, Warren Young <warren at etr-usa.com> wrote: >> >> $ sudo chcon -R -t samba_share_t /path/to/share > > Updated the page as suggested. Thanks. Thanks! I now see another instance of this in section 3. Instead of copying the text verbatim, it should

Ok, I was able to fix both of my problems and they are both related to SELinux problems First: I am assuming that you are like me and that you have an excellent background in systems administration (I teach it at a university for a living.) So you've configured chmod permissions and chown user and group ownerships on directories and files to correctly allow the desired access. You have

Interesting to see the Equivalence. As a first thing, I tried: semanage fcontext -a -e /var/lib/mysql.old /var/lib/mysql then restorecon -R /var/lib/mysql # semanage fcontext -lC SELinux fcontext type Context /home/users(/.*)? all files system_u:object_r:user_home_dir_t:s0 /var/lib/mysql all

Thanks, I managed to fix /var/lib/mysql # ls -ldZ /var/lib/mysql drwxr-xr-x. mysql mysql system_u:object_r:mysqld_db_t:s0 /var/lib/mysql To fix it, I tried: semanage fcontext -d -e /var/lib/mysql this command returned: KeyError: /var/lib/mysql I tried restorecon anyway: restorecon -Rv /var/lib/mysql But not better: ls -ldZ /var/lib/mysql drwxr-xr-x. mysql mysql system_u:object_r:var_lib_t:s0

Hello everyone, If create a folder called "whatever" under /var, the context is: root:object_r:var_t /var/whatever/ That's expected as it is under /var. If I then change its type: chcont -t httpd_sys_content_t /var/whatever The context looks like: root:object_r:httpd_sys_content_t /var/whatever/ My question is...Shouldn't a relabeling of the filesystem change the type

Hi, I tried to apply a security context on a directory with the following commands: [root@ local]# semanage fcontext -a -t httpd_sys_rw_content_t "netdot(/.*)?" [root@ local]# restorecon -R netdot/ When I list the contexts, it is part of the list.... [root@ local]# semanage fcontext -l | grep netdot ./netdot(/.*)? all files

Hello everyone - I am stumped ... Does anyone have suggestions on how to proceed? Is there a way to get what I want? The environment: CentOS 7.0 with latest patches. The goal: I want logwatch to include a report on the status of kvm virtual computers. The problem: When run from anacron, SELinux denies permission for the virsh utility. Here is a portion of the logwatch output:

Hello, A server was configured in /var/lib/myslq in the root fs. I added a LV specifically for mysql. I stopped myql and renamed /var/lib/mysql to /var/lib/mysql.old. I created a new dir /var/lib/mysql and mounted the LV on /var/lib/mysql. I then copied with "cp -prZ" all mysql files in /var/lib/mysql.old to /var/lib/mysql. But then I got a selinux problem: # ls -ldZ mysql.old/

Warren Young wrote: > On May 8, 2019, at 9:31 AM, mark <m.roth at 5-cent.us> wrote: > >> semanage -fcontext -a -t lib_t "/<elided>/smwa/webagent/bin(/.*).so? > > [snip] > >> What am I doing wrong? >> <snip> > Also, I?m confused by the parens in your file path. Whether your shell > is or not is a different question. I'm following

We're forced to use Siteminder, by CA, who have no clue what they're doing in *nix. No packages, tarballs... Anyway, I'm trying clean up some stuff, and in /*/smwa/webagent/bin (all their binaries, including .so's, are in there, duh... I'm trying to set the .so's to lib_t. semanage -fcontext -a -t lib_t "/<elided>/smwa/webagent/bin(/.*).so" gives me the

hi, i want set selinux to usw with ntpd but when i run (as described in wiki) semanage -a -t ntpd_t "/usr/local/samba/var/lib/ntp_signd" i have that error " usage: semanage [-h] {import,export,login,user,port,ibpkey,ibendport,interface,module,node,fcontext,boolean,permissive,dontaudit} ... semanage: error: argument subcommand: invalid choice:

Hi list, I'm new to Centos and I've a very small knowledge of selinux use. I can disable it, but I prefer take it on for study. I've a second mirrored device that I use for file sharing. This is the scenario: /dev/md2 mounted on /mnt/data To make samba working I must set the file context to the path at samba_share_t on /mnt/data. After this samba works. Now I'm setting up

OS: CentosOS 7 I have installed samba + openldap + smbldap-tools + pam by: yum --enablerepo=extras install -y epel-release yum install -y smbldap-tools yum install -y samba openldap openldap-clients openldap-servers migrationtools yum install -y nss-pam* I know that smbldap-tools is a dead project, but I'm interested in it and would like research on it. I create users and

On 4 May 2018 at 19:49, Warren Young <warren at etr-usa.com> wrote: > On May 4, 2018, at 5:13 PM, Gordon Messmer <gordon.messmer at gmail.com> > wrote: > > > > On 05/04/2018 12:03 PM, Warren Young wrote: > >> ?there is a command down in section 2 that gives an error here on > CentOS 7: > >> > >> $ sudo semanage fcontext ?at

Hello, On Sonntag, 30. April 2017 18:40:23 CEST Gordon Messmer wrote: > On 04/30/2017 07:03 AM, G?nther J. Niederwimmer wrote: > > I write this! > > > > semanage fcontext -a -t httpd_sys_rw_content_t "/var/www/html(/.*)?/ > > typo3conf(/.*)?" > > OK. Did you get an error? I have only Errors ;-). when I like to set this Rule ? semanage fcontext -a