Re: [CentOS] New selinux-policy breaks logwatch emails?

2010-01-13 Thread Dianne Yumul
On Jan 8, 2010, at 4:54 PM, James Rankin wrote: For anyone else finding this: https://bugzilla.redhat.com/show_bug.cgi?id=553492 Here's a stupid question, can we install the rpm provided on the link above (see comment 12)? Or is the correct way to modify the local policy? Thanks,

Re: [CentOS] New selinux-policy breaks logwatch emails?

2010-01-08 Thread ken
On 01/08/2010 08:28 AM James Rankin wrote: Hello, After a yum update last night, I had a CenOS 5.4 i386 system pull in the following selinux updates: Jan 07 21:39:14 Updated: selinux-policy-2.4.6-255.el5_4.3.noarch Jan 07 21:39:31 Updated: selinux-policy-targeted-2.4.6-255.el5_4.3.noarch

Re: [CentOS] New selinux-policy breaks logwatch emails?

2010-01-08 Thread Kwan Lowe
On Fri, Jan 8, 2010 at 8:28 AM, James Rankin rankin.ja...@gmail.com wrote: Frankly, this error message means little to mean... in the course of troubleshooting, I tried this: # setenforce Permissive # /etc/cron.daily/0logwatch And it worked! The logwatch email sends without error. If I turn

Re: [CentOS] New selinux-policy breaks logwatch emails?

2010-01-08 Thread James Rankin
By setting selinux to permissive, you've, in effect, turned it off. SElinux will still provide messages about infractions, but won't prevent things from running... i.e., it is no longer guarding your system. hth, ken Thanks for the reply; the fact that the error only occurs when Enforcing is

Re: [CentOS] New selinux-policy breaks logwatch emails?

2010-01-08 Thread James Rankin
That's interesting... Have you tried increasing the loglevel? It's a kernel option, unfortunately, and enabled with an audit=xx on the grub boot. It might give you more than you're seeing in the audit log. You may also want to try a relabel and manually check the context of all associated

Re: [CentOS] New selinux-policy breaks logwatch emails?

2010-01-08 Thread James Rankin
For anyone else finding this: https://bugzilla.redhat.com/show_bug.cgi?id=553492 and also https://bugzilla.redhat.com/show_bug.cgi?id=553277 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] New selinux-policy breaks logwatch emails?

2010-01-08 Thread Kwan Lowe
On Fri, Jan 8, 2010 at 7:54 PM, James Rankin rankin.ja...@gmail.com wrote: For anyone else finding this: https://bugzilla.redhat.com/show_bug.cgi?id=553492 and also https://bugzilla.redhat.com/show_bug.cgi?id=553277 Oh whew...From the other thread it looks like this bit a few people.

Re: [CentOS] New selinux-policy breaks logwatch emails?

2010-01-08 Thread Les Bell
Kwan Lowe kwan.l...@gmail.com wrote: Oh whew...From the other thread it looks like this bit a few people. Sorry - I came in late and missed the earlier discussion (so many emails to skim, so little time . . . ). Around October, a Centos 5.3 web server here also stopped updating Webalizer