On 02/21/2017 11:52 AM, Robert Moskowitz wrote:
>
>
> On 02/21/2017 11:46 AM, Zdenek Sedlak wrote:
>> On 2017-02-21 17:30, Robert Moskowitz wrote:
>>> postfixadmin setup.php is claiming:
>>>
>>> *Error: Smarty template compile directory templates_c is not writable.*
>>> *Please make it
On 01/19/2017 08:57 AM, Marcin Trendota wrote:
> W dniu 19.01.2017 o 14:54, Johnny Hughes pisze:
>
>>> So, it looks like something with docker-selinux and container-selinux...
>> Right, I wanted to mention that docker-selinux was replaced with
>> container-selinux in the lasest version.
>
Best label available I can see is sshd_var_run_t. Not exactly named
well but it would work.
chcon -R -t sshd_var_run_t /var/lib/ssh-x509-auth
On 04/26/2016 11:31 AM, m.r...@5-cent.us wrote:
Hi, folks,
Our system gets/creates /var/lib/ssh-x509-auth/,pem, then
deletes it when the log
Can you attach one of the AVC's. Mos likely ssh-x509-auth needs to be
labeled sshd_key_t
or ssh_home_t
On 04/06/2016 02:54 PM, m.r...@5-cent.us wrote:
I'm seeing a lot of noise in the logs, to the effect of:
setroubleshoot: SELinux is preventing /bin/ksh93 from write access on the
directory
I have no idea of the current dependency problem. I think your original
problem was caused by mv'ing files from an nfs share to /etc which
maintained the context. And SELinux prevented puppet from accessing
nfs_t type. If you had just run restorecon on the object it would have
set it back to
On 06/11/2015 05:27 PM, m.r...@5-cent.us wrote:
Kay Schenk wrote:
On 06/11/2015 08:28 AM, m.r...@5-cent.us wrote:
Kay Schenk wrote:
On 06/10/2015 10:06 PM, Gordon Messmer wrote:
On 06/10/2015 05:25 PM, Kay Schenk wrote:
I get /home/username not found when it's there and
setup with correct
On 06/17/2015 04:03 PM, Jonathan Billings wrote:
On Wed, Jun 17, 2015 at 03:30:51PM -0400, Tim Dunphy wrote:
No prob! Thanks for all the help! But in searching my system I don't find
anything of the sort.
[root@monitor2:~] #updatedb
[root@monitor2:~] #locate myzabbix.te
[root@monitor2:~]
On 06/02/2015 11:30 AM, m.r...@5-cent.us wrote:
Tried just the selinux list yesterday, no answers, so I'm trying again.
I partitioned GPT, and formatted, as xfs, a large (3TB) drive on a CentOS
6 system, which has selinux in permissive mode. I then moved the drive to
a CentOS 5 system.
On 05/29/2015 09:20 AM, m.r...@5-cent.us wrote:
Hi, folks,
CentOS 7.1. Selinux policy, and targetted, updated two days ago.
May 28 17:02:41 servername python: SELinux is preventing /usr/bin/bash
from execute access on the file /usr/bin/bash.#012#012* ...
May 28 17:02:45 servername
You should be able to modify the definition of a port. Or create a new
port type and modify the existing
port to use it.
http_port_t is just a name (type) that we can use to group a number of
ports together. Sadly we do not separate
the port types of incoming and outgoing connections. So if you
On 01/23/2015 06:01 PM, Stephen Harris wrote:
At work I'm used to tools like eTrust Access Control (aka SEOS). eTrust
takes away the ability to manage the eTrust config from root and puts it
in the hands of security admin. So there's a good separation of duties;
security admin control the
On 01/22/2015 05:40 AM, Andrew Holway wrote:
Hello,
Im trying to find some good info on building RPMs that set the correct
SELinux contexts for the installed packages.
Any ideas?
Thanks,
Andrew
___
CentOS mailing list
CentOS@centos.org
On 01/21/2015 04:11 AM, Emmanuel Noobadmin wrote:
Just to follow up to myself and leave a record, the problem is SELinux
blocking the driver from creating/reading/writing temporary files
under CUPS.
___
CentOS mailing list
CentOS@centos.org
On 01/19/2015 01:59 PM, James B. Byrne wrote:
On Mon, January 19, 2015 11:50, James B. Byrne wrote:
I am seeing these in the log of one of our off-site NX hosts running
CentOS-6.6.
type=AVC msg=audit(1421683972.786:4372): avc: denied { create } for
pid=22788 comm=iptables
On 01/13/2015 05:09 AM, Patrick Bervoets wrote:
Hi,
does anyone know if aide should have access to this socket?
SELinux is preventing /usr/sbin/aide from write access on the
sock_file /var/run/winbindd/pipe.
Thanks
Patrick
Looks like it is doing some call to getpw* which is using
This is actually an old problem with pulseaudio processes no dying
properly on exit.
I think if you remove the exclusive flag from
/etc/security/sepermit.conf
This will work in all situations. The exclussive flag is there to make
sure two different users can not login at the same time.
On
On 12/09/2014 02:39 PM, James B. Byrne wrote:
On Mon, December 8, 2014 21:12, David McGuffey wrote:
I've installed CentOS 6.6 on a workstation at a local non-profit as a
kiosk machine. I used xguest. Works great, except now the customer
wants the Firefox homepage to be one pointing to a
On 12/17/2014 05:07 AM, Patrick Bervoets wrote:
Hi,
On an internal webserver (latest C6) I want smb-access to /var/www/html/
In april I did
chcon -R -t public_content_rw_t /var/www/html/
setsebool -P allow_smbd_anon_write 1
setsebool -P allow_httpd_anon_write 1
echo
On 12/05/2014 01:24 PM, James B. Byrne wrote:
On Fri, December 5, 2014 04:53, Daniel J Walsh wrote:
On 12/04/2014 03:22 PM, James B. Byrne wrote:
On Thu, December 4, 2014 12:29, James B. Byrne wrote:
Re: SELinux. Do I just build a local policy or is there some boolean
setting
needed
On 12/04/2014 03:22 PM, James B. Byrne wrote:
On Thu, December 4, 2014 12:29, James B. Byrne wrote:
Re: SELinux. Do I just build a local policy or is there some boolean setting
needed to handle this? I could not find one if there is but. . .
Anyone see any problem with generating a custom
getting.
John
On 3 December 2014 at 10:01, Daniel J Walsh dwa...@redhat.com wrote:
Looks like turning on three booleans will solve most of the problem.
httpd_execmem, httpd_run_stickshift, allow_httpd_anon_write
On 12/03/2014 03:55 AM, John Beranek wrote:
Mark: Labels look OK
dr-xr-xr-x. root root system_u:object_r:proc_t:s0 /proc
I'll send the audit log on to Dan.
Cheers,
John
On 2 December 2014 at 16:10, Daniel J Walsh dwa...@redhat.com wrote:
Could you send me a copy of your audit.log.
You should not be getting hundreds of AVC's a day.
ausearch
server sedispatch: last message repeated 3 times
Cheers,
John
On 1 December 2014 at 17:19, Daniel J Walsh dwa...@redhat.com wrote:
On 12/01/2014 10:39 AM, Gary Smithson wrote:
We are currently running libxml2-2.7.6-14.el6_5.2.x86_64
How far back would you suggest we go? would
libxml2
This seems to be a problem with an updated version of libxml.
On 11/28/2014 09:04 AM, Gary Smithson wrote:
When running Node.js through Phusion Passenger on Centos 6.5 ( Linux
2.6.32-431.23.3.el6.x86_64 #1 SMP Thu Jul 31 17:20:51 UTC 2014 x86_64 x86_64
x86_64 GNU/Linux), with SELinux enabled
released that will fix it.
-Original Message-
From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On Behalf
Of Daniel J Walsh
Sent: 01 December 2014 14:58
To: CentOS mailing list
Subject: Re: [CentOS] SEtroubleshootd Crashing
This seems to be a problem with an updated
if there
was something in the database that was causing it problems.
Make sure there is no setroubleshootd running and
/var/lib/setroubleshoot/setroubleshoot_database.xml
-Original Message-
From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On Behalf
Of Daniel J Walsh
Sent: 01
On 11/12/2014 10:54 PM, Peter wrote:
On 11/13/2014 12:10 PM, Negative wrote:
I have a Brother MFC 7360N, and it is refusing to print.
I have a DCP-540CN which is a similar but I think older network printer.
I haven't tried it on CentOS 7 yet, but got it to work with Fedora 18
and 19 which
On 11/11/2014 12:11 PM, Jim Perrin wrote:
On 11/11/2014 04:51 AM, Wander Costa wrote:
Hi,
I have been trying to build a docker image to run unit tests for the B2G
project [1]. However when I try to install Xorg I get this error [2].
I have been searching on web but is still not clear for
On 11/11/2014 02:17 PM, Jim Perrin wrote:
On 11/11/2014 12:45 PM, Daniel J Walsh wrote:
We need to get systemd-container into the default centos image.
We are working on this for RHEL7 also. That way these problems
can be prevented and we can make it easier for people to run systemd
On 11/05/2014 09:41 PM, Philip Gardner, Jr. wrote:
Has anyone attempted to make SFTP on ProFTPD with SELinux work? I'd
like to keep SELinux enabled on this particular system, but I prefer
ProFTPD's SFTP solution over OpenSSH. The aureport tool reports the
following:
28. 11/05/2014 12:58:58
I see nothing about tape_device_t in bacula policy in Fedora, so I
please create a local policy and then send it to us, so it can get
merged into the upstream and back ported for RHEL/Centos.
On 10/30/2014 03:01 PM, Paul Heinlein wrote:
I updated my backup server to CentOS 6.6 this morning. As
On 10/31/2014 06:06 AM, Chris wrote:
On 10/31/2014 10:47 AM, Karanbir Singh wrote:
can you post the relevant selinux audit.log entries that were preventing
kvm's ko to be loaded ?
Sure.
type=VIRT_CONTROL msg=audit(1414739214.851:62): user pid=2911 uid=0
auid=4294967295 ses=4294967295
On 11/01/2014 12:12 AM, Chris wrote:
On 10/31/2014 08:12 PM, Jonathan Billings wrote:
Is there an AVC entry in
the audit logs for when you try to load the module?
I cannot say for sure if those entries were created when starting the vm
or when rebooting the physical host.
These avc's have
On 11/02/2014 02:45 PM, John R Pierce wrote:
On 11/2/2014 11:37 AM, Barry Brimer wrote:
I just installed 6.5 and am trying to bring up DHCP.
service dhcpd start fails with Can't chown new lease file:
Operation not
permitted in /var/log/messages
Check the permissions in /var/lib/dhcp
On 10/26/2014 12:10 AM, admin wrote:
I've just recreated the module and enabled it, yet I can't seem to
allow fping to be used by the httpd process. It seems that the last
error was just a byproduct of a bad module I had not properly removed.
Are there any additional troubleshooting steps I
On 09/16/2014 10:50 AM, Markus Steinborn wrote:
Hi Daniel,
Daniel J Walsh wrote:
What AVC's is SELinux giving you?
Policy has been enforcing - and I see the folloqwing AVCs at the end
of my audit log - but those repeated several times:
type=AVC msg=audit(1410628837.928:422): avc: denied
What AVC's is SELinux giving you?
On 09/15/2014 02:48 AM, Markus Steinborn wrote:
Hi Miguel,
Miguel Medalha wrote:
Anyway, Sernet also provides a source rpm. Why not build up from
that base?
CentOS 7 is using systemd - that would cause problems.
And anyway, I've used the package samba
What AVC messages are you seeing? What does the setroubleshoot alert
message show?
On 09/10/2014 07:04 PM, Sven Kieske wrote:
On 10.09.2014 10:40, dE wrote:
I bet this has to do with troubleshootd (is it there in CentOS? I'm
not sure but in Fedora 19 it was there).
I bet this has to do
On 08/23/2014 10:45 AM, Bill Gee wrote:
On Friday, August 22, 2014 08:50:26 Daniel J Walsh wrote:
On 08/21/2014 10:03 AM, Bill Gee wrote:
On Thursday, August 21, 2014 12:00:03 centos-requ...@centos.org wrote:
Re: [CentOS] SELinux vs. logwatch and virsh
From: Daniel J Walsh dwa...@redhat.com
On 08/21/2014 10:03 AM, Bill Gee wrote:
On Thursday, August 21, 2014 12:00:03 centos-requ...@centos.org wrote:
Re: [CentOS] SELinux vs. logwatch and virsh
From: Daniel J Walsh dwa...@redhat.com
To: CentOS mailing list centos@centos.org
On 08/18/2014 02:13 PM, Bill Gee wrote:
Hi Dan
On 08/21/2014 02:09 PM, Les Mikesell wrote:
On Thu, Aug 21, 2014 at 12:23 PM, m.r...@5-cent.us wrote:
Les Mikesell wrote:
A machine I set up to run OpenNMS stopped working last night - no
hardware alarm lights, but keyboard/monitor/network unresponsive.
After a reboot I see a large stack of
the machine in permissive mode, run your tests and then add
the allow rules using
audit2allow -M mylogwatch
Message: 8
Date: Fri, 15 Aug 2014 11:22:40 -0400
From: Daniel J Walsh dwa...@redhat.com
Subject: Re: [CentOS] SELinux vs. logwatch and virsh
To: CentOS mailing list centos@centos.org
On 08/14/2014 11:02 AM, Bill Gee wrote:
Hello everyone -
I am stumped ... Does anyone have suggestions on how to proceed? Is there a
way
to get what I want?
The environment: CentOS 7.0 with latest patches.
The goal: I want logwatch to include a report on the status of kvm virtual
On 08/14/2014 11:02 AM, Bill Gee wrote:
Hello everyone -
I am stumped ... Does anyone have suggestions on how to proceed? Is there a
way
to get what I want?
The environment: CentOS 7.0 with latest patches.
The goal: I want logwatch to include a report on the status of kvm virtual
We are working on an update to docker within RHEL7. First we are
releasing it to our High Touch Beta process. If you are on HTB you
should see a release in the next week.
On 08/12/2014 08:54 AM, Jim Perrin wrote:
On 08/11/2014 07:02 PM, Dennis Jacobfeuerborn wrote:
Looks like
On 08/07/2014 05:48 AM, Arun Khan wrote:
SOLVED
On Wed, Aug 6, 2014 at 10:28 PM, James A. Peltier jpelt...@sfu.ca wrote:
- Original Message -
| On Wed, Aug 06, 2014 at 04:50:41PM +, Tony Mountifield wrote:
|
| Probably rsyslog is being started before /var/log is mounted, and
On 06/27/2014 11:47 AM, James B. Byrne wrote:
CentOS-6.5
We deploy web applications written with the Ruby on Rails framework using
Capistrano (2.x). Each 'family' of web applications are 'owned' by a
dedicated user id. The present httpd service is Apache 2.2.15 and we use
Passenger
On 06/20/2014 03:15 PM, Chuck Campbell wrote:
I've built a new mail system with Centos 6.5, and I'm running fetchmail -
sendmail - procmail to maildir. I have all of this working at the moment.(I
know, postfix was the default, but for lots of other reasons, I switched, and
that isn't an
On 06/16/2014 11:13 AM, m.r...@5-cent.us wrote:
Chuck Campbell wrote:
I've recently built a new mail server with centos6.5, and decided to bite
the bullet and leave SELinux running. I've stumbled through making
things work
and am mostly there.
I've got my own spam and ham corpus as mbox
On 05/28/2014 12:55 PM, James B. Byrne wrote:
I did a yum update to my desktop machine as root this morning and now my
regular logon account sees this whenever I press the enter key:
etc/audisp/audispd.conf: Permission denied
etc/audisp/plugins.d/af_unix.conf: Permission denied
On 05/20/2014 12:50 PM, Michael McNulty wrote:
I read about this bug in the Centos 6.2 faq and the link showing it fixed in
https://bugzilla.redhat.com/show_bug.cgi?id=769859
but I am still getting it updating on a Centos 6.5 server that had selinux
disabled. I want to run selinux as
Was the system running out of memory.
semodule is very memory intensive.
On 05/20/2014 01:57 PM, Zynda, Bradley V. (GSFC-423.0)[ADNET SYSTEMS
INC] wrote:
Hi all,
Note: selinux was in permissive prior to error
Got this with a yum update:
abrt_version: 2.0.8
cgroup:
cmdline:
On 05/13/2014 09:56 AM, James B. Byrne wrote:
On Mon, May 12, 2014 14:05, Daniel J Walsh wrote:
dac_read_search and dac_override are usually bad to add. They typically
mean the permission flags on the file in question is two tight for a
root process to read/use.
Loosing up the group/other
On 05/12/2014 09:17 AM, James B. Byrne wrote:
Following the most recent kernel updates I restarted our outgoing SMTP MTA
which was recently reconfigured to DKIM sign messages using OpenDKIM. This
morning I discovered that Postfix had stopped on that server. Whether it is
related to the
On 05/12/2014 01:26 PM, Daniel J Walsh wrote:
On 05/12/2014 09:17 AM, James B. Byrne wrote:
Following the most recent kernel updates I restarted our outgoing SMTP MTA
which was recently reconfigured to DKIM sign messages using OpenDKIM. This
morning I discovered that Postfix had stopped
On 05/05/2014 11:22 AM, James B. Byrne wrote:
CentOS-6.5
OpenDKIM-2.9.0 (epel)
Postfix-2.6.6 (updates)
I am trying to get opendkim working with our mailing lists. In the course of
that endeavour I note that these messages are appearing in our syslog:
May 4 20:50:02 inet08
On 04/25/2014 10:52 AM, James B. Byrne wrote:
On Wed, April 23, 2014 16:44, Daniel J Walsh wrote:
Looks like this is allowed in rhel6.5 policy. You could try
selinux-policy-3.7.19-235.el6
on people.redhat.com/dwalsh/SELinux/RHEL6
yum --enablerepo=localfile update selinux\*
Loaded plugins
Looks like this is allowed in rhel6.5 policy. You could try
selinux-policy-3.7.19-235.el6
on people.redhat.com/dwalsh/SELinux/RHEL6
On 04/23/2014 01:51 PM, James B. Byrne wrote:
Installed Packages
Name: postfix
Arch: x86_64
Epoch : 2
Version : 2.6.6
Release :
On 04/19/2014 05:03 PM, Derrik Walker v2.0 wrote:
On 04/19/2014 04:47 PM, Les Mikesell wrote:
On Sat, Apr 19, 2014 at 10:40 AM, Derrik Walker v2.0 dwal...@doomd.net
wrote:
I've installed backuppc from the EPEL repository. It does backups just
fine, BUT, when the backups are done, the
Do you actually want the data to be available to both domains at the
same time? Or could you setup different directories?
If you want them to be both available you could label it
postgresql_db_t, and then turn on the samba_export_all_ro_boolean or
samba_export_all_rw_boolean. If this was to
On 03/28/2014 03:19 PM, Mauricio Tavares wrote:
On Mon, Nov 4, 2013 at 5:08 PM, Mauricio Tavares raubvo...@gmail.com wrote:
On Mon, Nov 4, 2013 at 9:59 AM, Stephen Harris li...@spuddy.org wrote:
On Mon, Nov 04, 2013 at 09:49:37AM -0500, Mauricio Tavares wrote:
I really have nobody else
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 03/14/2014 05:24 PM, Eero Volotinen wrote:
Please provide complete kickstart, not just a snippet of it. 14.3.2014
22.47 kirjoitti EljiUdia eljiu...@yahoo.com:
Hi,
I have make a kickstart file to automate the installation from cdrom and
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 03/12/2014 04:52 PM, m.r...@5-cent.us wrote:
Peter Brady wrote:
On 13/03/14 5:02 AM, m.r...@5-cent.us wrote:
(Besides Paul, who's busy?)
I just need one question answered: I keep reading the docs, and given
the old traditional /var/www I
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 03/06/2014 07:07 PM, SilverTip257 wrote:
On Wed, Mar 5, 2014 at 10:19 AM, Daniel J Walsh dwa...@redhat.com wrote:
man zebra_selinux
Thank you for the quick reply.
~]# man zebra_selinux No manual entry for zebra_selinux
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 03/05/2014 02:11 PM, Les Mikesell wrote:
On Wed, Mar 5, 2014 at 9:19 AM, Daniel J Walsh dwa...@redhat.com wrote:
man zebra_selinux ... If you want to allow zebra daemon to write it
configuration files, you must turn on the zebra_write_config
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 03/06/2014 10:39 AM, Les Mikesell wrote:
On Thu, Mar 6, 2014 at 8:02 AM, Daniel J Walsh dwa...@redhat.com wrote:
setsebool -P zebra_write_config 1
Is there some global registration facility for selinux context names or
are you the only one
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 03/06/2014 01:15 PM, Les Mikesell wrote:
On Thu, Mar 6, 2014 at 11:03 AM, Daniel J Walsh dwa...@redhat.com wrote:
All in the world, or all that have been created for currently
installed packages? Is this as bad as rpm packaging where any two
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 03/04/2014 07:56 PM, SilverTip257 wrote:
Hello All,
Does anyone happen to be running Quagga on CentOS 5 with SELinux in
enforcing mode? Have you had to create SELinux policies or did it just
work out of the box?
(I'll get around to
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 03/04/2014 07:56 PM, SilverTip257 wrote:
Hello All,
Does anyone happen to be running Quagga on CentOS 5 with SELinux in
enforcing mode? Have you had to create SELinux policies or did it just
work out of the box?
(I'll get around to
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 02/17/2014 09:08 AM, John R Pierce wrote:
On 2/17/2014 5:36 AM, Styma, Robert E (Robert) wrote:
Researching showed that there are a number of little selinux flags to set
to get samba to work. I went into /etc/selinux/config and turned off
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 02/08/2014 11:05 PM, Markus Falb wrote:
# ipsec verify ... If you encounter network related SElinux errors,
especially when using KLIPS, try disabling SElinux ...
Well, it is not running KLIPS but netkey, anyways I feel not comfortable
about
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 12/20/2013 03:23 PM, EljiUdia wrote:
With semanage it works.
The new rule will be included in next release?
Miroslav can you back port this role to RHEL 6.6.
On Friday, December 20, 2013 7:29 PM, Daniel J Walsh dwa...@redhat.com
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 12/19/2013 02:31 PM, EljiUdia wrote:
Hi,
I'm facing a challenge with selinux and because I don't got an explanation
elsewhere, I'm trying to explain here. I have decided to mount
/var/spool/cron on a separate partition and apply quota for
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 12/12/2013 03:26 PM, Peter wrote:
On 12/13/2013 08:20 AM, Daniel J Walsh wrote:
On 12/12/2013 01:49 PM, Peter wrote:
On 12/13/2013 02:45 AM, Daniel J Walsh wrote:
What SELInux issue did you have? What policy did you need to add
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 12/12/2013 06:03 AM, Peter wrote:
On 12/12/2013 11:05 PM, Karanbir Singh wrote:
The overall aim is to have as many people as possible test the rhel7 beta
and file bugs at bugzilla.redhat.com; that way everyone is testing anf
doing feedback
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 12/12/2013 01:49 PM, Peter wrote:
On 12/13/2013 02:45 AM, Daniel J Walsh wrote:
What SELInux issue did you have? What policy did you need to add?
Unfortunately I've misplaced the audit logs and report of the problem, but
this is the policy
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 11/25/2013 08:50 AM, James B. Byrne wrote:
On Sun, November 24, 2013 20:08, Timothy Murphy wrote:
I'd like to run SELinux on my CentOS server in enforcing mode, but I get
the above message when I run sealert. I assume this is because I am
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 11/25/2013 07:26 AM, Johan Vermeulen wrote:
Hello All,
I set up ltsp regulary, on Centos6 machines.
This morning I have a Selinux problem that usualy does not occur: after
setting everything up, the thinclients boot, but nobody can login.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 11/25/2013 09:03 AM, ? wrote:
The message I'm now seeing in /var/log/audit/audit.log :
type=AVC msg=audit(1385112688.399:67769): avc: denied { write } for
pid=8218 comm=xauth name=caw dev=md1 ino=262145
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 11/18/2013 08:20 AM, Tris Hoar wrote:
On 16/11/2013 21:46, Andrew Holway wrote:
[root@ipa tftpboot]# semanage fcontext -l | grep tftp /tftpboot
directory system_u:object_r:tftpdir_t:s0 /tftpboot/.*
all files system_u:object_r:tftpdir_t:s0
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 11/06/2013 12:55 PM, Les Mikesell wrote:
On Wed, Nov 6, 2013 at 11:01 AM, Daniel J Walsh dwa...@redhat.com wrote:
SELinux blocks confined processes, but usually does not block the
administrator who is running as unconfined_t, and is allowed
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 11/05/2013 05:13 PM, Wes James wrote:
First you should use setenforce 0/setenforce 1.
Theoretically never. It should really be discouraged. It is like the
Enterprise bringing it Shields down.
SELinux in permissive mode will continue to do
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 11/05/2013 05:13 PM, Wes James wrote:
When does echo 0 /selinux/inforce need to be used? I.e., where is
selinux enforcing itself on the system to protect it? When I do yum
install of some package, it seems to work (not being blocked). When
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 11/06/2013 11:55 AM, Les Mikesell wrote:
On Wed, Nov 6, 2013 at 9:23 AM, Daniel J Walsh dwa...@redhat.com wrote:
SELinux blocks confined processes, but usually does not block the
administrator who is running as unconfined_t, and is allowed
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 11/01/2013 06:55 PM, Mark LaPierre wrote:
On 11/01/2013 06:36 PM, Wes James wrote:
I have installed emacs with yum and now I'm trying to create a .emacs
file and put some commands in it, but I can't type anything in the emacs
buffer. It says
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 09/25/2013 12:35 PM, James A. Peltier wrote:
Hi All,
I'm looking for input as to how I may restrict some post commit hooks by
way of SELinux or some other mechanism. Here's a description of the
problem that I need to solve.
I have a
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 08/09/2013 05:47 PM, Ljubomir Ljubojevic wrote:
On 08/09/2013 04:06 PM, m.r...@5-cent.us wrote:
Robert Moskowitz wrote:
On 08/09/2013 08:48 AM, Mike Burger wrote:
Simply put, it's likely not in RHEL, either. CentOS is, essentially,
a clone
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 07/23/2013 07:15 AM, Ken Smith wrote:
James Hogarth wrote:
On 23 Jul 2013 07:42, Ken Smithk...@kensnet.org wrote:
For some reason auditd wasn't running or enabled. I'm now seeing the
messages I needed in /var/log/messages. I'm running
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 07/22/2013 10:55 AM, Paul Norton wrote:
Hello Ken Try this search term site:danwalsh.livejournal.com in your
searches. Also this is a good book
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 06/11/2013 03:28 PM, Michael Hennebry wrote:
On Tue, 11 Jun 2013, Daniel J Walsh wrote:
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1
On 06/10/2013 03:31 PM, Michael Hennebry wrote:
On Mon, 10 Jun 2013, m.r...@5-cent.us wrote:
Michael
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 06/10/2013 03:31 PM, Michael Hennebry wrote:
On Mon, 10 Jun 2013, m.r...@5-cent.us wrote:
Michael Hennebry wrote:
On Mon, 10 Jun 2013, Michael Hennebry wrote:
On Mon, 10 Jun 2013, m.r...@5-cent.us wrote:
Michael Hennebry wrote:
On Mon, 10
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 05/28/2013 10:06 AM, m.r...@5-cent.us wrote:
Johan Vermeulen wrote:
Op 25-04-13 19:41, m.r...@5-cent.us schreef:
John R Pierce wrote:
On 4/25/2013 5:01 AM, mark wrote:
Two things: unless this is a laptop, shut down NetworkManager -
there is
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 04/25/2013 04:54 AM, Johan Vermeulen wrote:
Op 24-04-13 22:53, m.r...@5-cent.us schreef:
John R. Dennison wrote:
On Wed, Apr 24, 2013 at 03:06:11PM -0400, Daniel J Walsh wrote:
Disabling SELinux is not going to fix your problem. Since
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 04/24/2013 02:57 PM, Johan Vermeulen wrote:
Dear All,
thanks for the responses.
Indeed, on machine A, Selinux is disabled.
-bash-4.1# selinuxenabled echo enabled || echo disabled disabled
and on machine B, it's enabled.
I will test
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 03/27/2013 10:01 AM, Paul Norton wrote:
On 27 March 2013 13:09, ign...@vault13.lt ign...@vault13.lt wrote:
Hello,
how do people cope with constant SELinux errors like this from Fusion
Passenger:
36886. 03/27/2013 14:20:05 ps
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 03/22/2013 04:25 PM, Robert Heller wrote:
At Thu, 21 Mar 2013 20:54:04 -0400 Robert Heller hel...@deepsoft.com
wrote:
At Thu, 21 Mar 2013 16:04:22 -0700 CentOS mailing list
centos@centos.org wrote:
On 3/21/2013 3:42 PM, Robert Heller
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 03/13/2013 05:52 PM, Nux! wrote:
On 12.03.2013 20:41, Emmett Culley wrote:
After successfully updating three CentOS 6.3 VM guests to 6.4 I decided
to update the host as well. And it failed to boot.
Kernel panic - Not syncing: Attempted to
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 03/14/2013 01:03 AM, Kahlil Hodgson wrote:
On 14/03/13 06:23, Gordon Messmer wrote:
On 03/12/2013 04:07 PM, Kahlil Hodgson wrote:
If you are upgrading from 6.3 to 6.4 and you use shorewall, you will
want to run
restorecon -Rv /sbin
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 03/10/2013 09:11 AM, Ilyas -- wrote:
Dear Daniel,
BTW This will be fixed in the RHEL6.4 version of policy.
is new policy already available in rhel6.4?
Yes I believe so.
On Mon, Jan 14, 2013 at 9:33 PM, Daniel J Walsh dwa...@redhat.com
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 03/10/2013 09:11 AM, Ilyas -- wrote:
Yes.
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.13 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iEYEARECAAYFAlE96q4ACgkQrlYvE4MpobNeIgCg333iYi55Q09gtyXYJ07RB8le
1 - 100 of 215 matches
Mail list logo
