so try as Sam says and let us know if it is working! You can check also /var/log/audit for SELinux related messages
On Tue, 2008-07-08 at 10:10 +0100, Sharpe, Sam J wrote: > "setenforce Permissive" > > will turn it off, but to make it persistent, you need to edit that file. > > (it won't actually turn it off, but it will put it into permissive mode - so > warnings will be printed but nothing will actually be denied) > > > -----Original Message----- > > From: [EMAIL PROTECTED] [mailto:rhelv5-list- > > [EMAIL PROTECTED] On Behalf Of Schmidt, Florian > > Sent: 08 July 2008 10:08 > > To: Red Hat Enterprise Linux 5 (Tikanga) discussion mailing-list > > Subject: AW: AW: AW: AW: [rhelv5-list] named 9.3.3 start-script > > > > [EMAIL PROTECTED] named]# cat /etc/selinux/config > > # This file controls the state of SELinux on the system. > > # SELINUX= can take one of these three values: > > # enforcing - SELinux security policy is enforced. > > # permissive - SELinux prints warnings instead of enforcing. > > # disabled - SELinux is fully disabled. > > SELINUX=enforcing > > # SELINUXTYPE= type of policy in use. Possible values are: > > # targeted - Only targeted network daemons are protected. > > # strict - Full SELinux protection. > > SELINUXTYPE=targeted > > > > OK....seems to be enabled by default. > > So I have to disable it (or permissive state?) and restart which > > service or the whole machine? > > > > > > > -----Ursprüngliche Nachricht----- > > > Von: [EMAIL PROTECTED] [mailto:rhelv5-list- > > [EMAIL PROTECTED] Im > > > Auftrag von Gabriel Craciun > > > Gesendet: Dienstag, 8. Juli 2008 11:01 > > > An: Red Hat Enterprise Linux 5 (Tikanga) discussion mailing-list > > > Betreff: Re: AW: AW: AW: [rhelv5-list] named 9.3.3 start-script > > > > > > cat /etc/selinux/config? > > > > > > > > > > > > On Tue, 2008-07-08 at 10:56 +0200, Schmidt, Florian wrote: > > > > I _think_ no. > > > > I just googled around, to find out what SE is and If it isn't > > enabled by default in > > > RHEL5 I didn't enable it...hope this helps > > > > > > > > I just saw in /etc/passwd, that the home-dir of the named-user was > > /var/named. I > > > normaly would have created a symlink from /var/named to > > /configs/named, but now > > > I changed this into /configs/named. > > > > > > > > > -----Ursprüngliche Nachricht----- > > > > > Von: [EMAIL PROTECTED] [mailto:rhelv5-list- > > [EMAIL PROTECTED] > > > Im > > > > > Auftrag von Gabriel Craciun > > > > > Gesendet: Dienstag, 8. Juli 2008 10:45 > > > > > An: Red Hat Enterprise Linux 5 (Tikanga) discussion mailing-list > > > > > Betreff: Re: AW: AW: [rhelv5-list] named 9.3.3 start-script > > > > > > > > > > I forgot to ask; do you have SE enabled? > > > > > > > > > > On Tue, 2008-07-08 at 10:37 +0200, Schmidt, Florian wrote: > > > > > > Good Morning ;) > > > > > > > > > > > > With the following line in /etc/sysconfig/named: > > > > > > > > > > > > ROOTDIR="/configs" (the mountpoint of the replicated device) > > > > > > he throws this error: > > > > > > > > > > > > [EMAIL PROTECTED] named]# /etc/init.d/named start > > > > > > Locating /configs//etc/named.conf failed: > > > > > > > > [FAILED] > > > > > > (dunno, why there are two slashes) > > > > > > > > > > > > I moved named.conf to /configs/etc/named.conf and this comes > > out: > > > > > > > > > > > > [EMAIL PROTECTED] named]# /etc/init.d/named start > > > > > > Starting named: > > > > > > Error in named configuration: > > > > > > isc_dir_chroot: permission denied > > > > > > > > [FAILED] > > > > > > > > > > > > I think this is the point to install the bind-chroot-package? > > > > > > It isn't that important, if bind would not run in a chroot- > > jail, but if this makes > > > bind > > > > > starting with its configuration on the DRBD-disk, I'll install it > > > > > > > > > > > > Any more suggestions? > > > > > > > > > > > > Thanks for your help > > > > > > > > > > > > Florian > > > > > > > > > > > > > -----Ursprüngliche Nachricht----- > > > > > > > Von: [EMAIL PROTECTED] [mailto:rhelv5-list- > > > [EMAIL PROTECTED] > > > > > Im > > > > > > > Auftrag von Gabriel Craciun > > > > > > > Gesendet: Dienstag, 8. Juli 2008 10:14 > > > > > > > An: Red Hat Enterprise Linux 5 (Tikanga) discussion mailing- > > list > > > > > > > Betreff: Re: AW: [rhelv5-list] named 9.3.3 start-script > > > > > > > > > > > > > > So if you specify in /etc/sysconfig/named: > > > > > > > > > > > > > > > > > > > > > ROOTDIR=[file system onto replicated device (DRBD)] > > > > > > > > > > > > > > is not working? > > > > > > > > > > > > > > > > > > > > > On Mon, 2008-07-07 at 18:25 +0200, Schmidt, Florian wrote: > > > > > > > > /var/named-directory > > > > > > > > > > > > > > _______________________________________________ > > > > > > > rhelv5-list mailing list > > > > > > > [email protected] > > > > > > > https://www.redhat.com/mailman/listinfo/rhelv5-list > > > > > > > > > > > > _______________________________________________ > > > > > > rhelv5-list mailing list > > > > > > [email protected] > > > > > > https://www.redhat.com/mailman/listinfo/rhelv5-list > > > > > > > > > > > > > > > _______________________________________________ > > > > > rhelv5-list mailing list > > > > > [email protected] > > > > > https://www.redhat.com/mailman/listinfo/rhelv5-list > > > > > > > > _______________________________________________ > > > > rhelv5-list mailing list > > > > [email protected] > > > > https://www.redhat.com/mailman/listinfo/rhelv5-list > > > > > > > > > _______________________________________________ > > > rhelv5-list mailing list > > > [email protected] > > > https://www.redhat.com/mailman/listinfo/rhelv5-list > > > > _______________________________________________ > > rhelv5-list mailing list > > [email protected] > > https://www.redhat.com/mailman/listinfo/rhelv5-list > > _______________________________________________ > rhelv5-list mailing list > [email protected] > https://www.redhat.com/mailman/listinfo/rhelv5-list _______________________________________________ rhelv5-list mailing list [email protected] https://www.redhat.com/mailman/listinfo/rhelv5-list
