Re: [389-users] dirsrv-admin stat not working
On 01/20/2012 09:16 AM, Dan Whitmire wrote: I am having a terrible time attempting to get dirsrv-admin working on Fedora 15. Can someone please help me? I have selinux in permissive mode. I have tried all that I know to do, so any advice is welcome. I get the following: # service dirsrv-admin start Starting dirsrv-admin: /usr/sbin/start-ds-admin: line 105: 2275 Segmentation fault $SELINUX_CMD $HTTPD $OMIT_DEFLATE -k start -f /etc/dirsrv/admin-serv/httpd.conf $@ The logs are as follows: /var/log/messages Jan 20 10:12:42 SonshineServer kernel: [ 1779.299009] httpd.worker[2275]: segfault at 10 ip 7fdc0f5019b0 sp 7fff855d6528 error 4 in libpthread-2.14.1.so[7fdc0f4f8000+16000] rpm -qa |grep 389 /var/log/dirsrv/admin-serv/error [Fri Jan 20 10:12:42 2012] [error] Could not bind as []: ldap error -1: Can't contact LDAP server [Fri Jan 20 10:12:42 2012] [error] Could not bind as []: ldap error -1: Can't contact LDAP server [Fri Jan 20 10:12:42 2012] [warn] Unable to bind as LocalAdmin to populate LocalAdmin tasks into cache. [Fri Jan 20 10:12:42 2012] [notice] Access Host filter is: *.SonshineAccess.com [Fri Jan 20 10:12:42 2012] [notice] Access Address filter is: * /var/log/audit/audit.log type=CRED_DISP msg=audit(1327075262.337:65): user pid=2144 uid=0 auid=0 ses=2 subj=system_u:system_r:crond_t:s0-s0:c0.c1023 msg='op=PAM:setcred acct=root exe=/usr/sbin/crond hostname=? addr=? terminal=cron res=success' type=USER_END msg=audit(1327075262.373:66): user pid=2144 uid=0 auid=0 ses=2 subj=system_u:system_r:crond_t:s0-s0:c0.c1023 msg='op=PAM:session_close acct=root exe=/usr/sbin/crond hostname=? addr=? terminal=cron res=success' type=ANOM_ABEND msg=audit(1327075962.009:67): auid=500 uid=0 gid=0 ses=1 subj=unconfined_u:system_r:httpd_t:s0 pid=2275 comm=httpd.worker sig=11 -- 389 users mailing list 389-users@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users -- 389 users mailing list 389-users@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users
[389-users] 389 DS on RHEL 6.2 - invalid pointer.
Anyone have any suggestions? rpm -qa | grep 389 389-admin-console-doc-1.1.8-1.el6.noarch 389-ds-base-1.2.9.14-1.el6.x86_64 389-ds-1.2.2-1.el6.noarch 389-ds-base-libs-1.2.9.14-1.el6.x86_64 389-ds-console-1.2.6-1.el6.noarch 389-console-1.1.7-1.el6.noarch 389-adminutil-1.1.14-2.el6.x86_64 389-admin-console-1.1.8-1.el6.noarch 389-dsgw-1.1.7-2.el6.x86_64 389-adminutil-devel-1.1.14-2.el6.x86_64 389-admin-1.1.25-1.el6.x86_64 389-ds-base-devel-1.2.9.14-1.el6.x86_64 389-ds-console-doc-1.2.6-1.el6.noarch Creating directory server . . . Warning: Hostname abcd.abcd.edu is valid, but none of the IP addresses resolve back to abcd.adcd.edu address 172.18.0.4 resolves to host abcd Your new DS instance 'abcd' was successfully created. Creating the configuration directory server . . . Beginning Admin Server creation . . . Creating Admin Server files and directories . . . Updating adm.conf . . . Updating admpw . . . Registering admin server with the configuration directory server . . . Updating adm.conf with information from configuration directory server . . . Updating the configuration for the httpd engine . . . *** glibc detected *** /usr/lib64/dirsrv/cgi-bin/config: free(): invalid pointer: 0x0040423c *** === Backtrace: = /lib64/libc.so.6[0x339f8750c6] /usr/lib64/dirsrv/cgi-bin/config[0x40271f] /usr/lib64/dirsrv/cgi-bin/config[0x40381c] /lib64/libc.so.6(__libc_start_main+0xfd)[0x339f81ecdd] /usr/lib64/dirsrv/cgi-bin/config[0x401de9] === Memory map: 0040-00405000 r-xp fd:00 412081 /usr/lib64/dirsrv/cgi-bin/config 00605000-00606000 rw-p 5000 fd:00 412081 /usr/lib64/dirsrv/cgi-bin/config 00606000-00609000 rw-p 00:00 0 019ac000-01a31000 rw-p 00:00 0 [heap] 339f00-339f02 r-xp fd:00 262543 /lib64/ld-2.12.so 339f21f000-339f22 r--p 0001f000 fd:00 262543 /lib64/ld-2.12.so 339f22-339f221000 rw-p 0002 fd:00 262543 /lib64/ld-2.12.so 339f221000-339f222000 rw-p 00:00 0 339f40-339f402000 r-xp fd:00 262551 /lib64/libdl-2.12.so 339f402000-339f602000 ---p 2000 fd:00 262551 /lib64/libdl-2.12.so 339f602000-339f603000 r--p 2000 fd:00 262551 /lib64/libdl-2.12.so 339f603000-339f604000 rw-p 3000 fd:00 262551 /lib64/libdl-2.12.so 339f80-339f997000 r-xp fd:00 262544 /lib64/libc-2.12.so 339f997000-339fb97000 ---p 00197000 fd:00 262544 /lib64/libc-2.12.so 339fb97000-339fb9b000 r--p 00197000 fd:00 262544 /lib64/libc-2.12.so 339fb9b000-339fb9c000 rw-p 0019b000 fd:00 262544 /lib64/libc-2.12.so 339fb9c000-339fba1000 rw-p 00:00 0 339fc0-339fc17000 r-xp fd:00 262549 /lib64/libpthread-2.12.so 339fc17000-339fe16000 ---p 00017000 fd:00 262549 /lib64/libpthread-2.12.so 339fe16000-339fe17000 r--p 00016000 fd:00 262549 /lib64/libpthread-2.12.so 339fe17000-339fe18000 rw-p 00017000 fd:00 262549 /lib64/libpthread-2.12.so 339fe18000-339fe1c000 rw-p 00:00 0 33a000-33a0026000 r-xp fd:00 407469 /usr/lib64/libnssdbm3.so 33a0026000-33a0226000 ---p 00026000 fd:00 407469 /usr/lib64/libnssdbm3.so 33a0226000-33a0227000 r--p 00026000 fd:00 407469 /usr/lib64/libnssdbm3.so 33a0227000-33a0228000 rw-p 00027000 fd:00 407469 /usr/lib64/libnssdbm3.so 33a040-33a0483000 r-xp fd:00 262275 /lib64/libm-2.12.so 33a0483000-33a0682000 ---p 00083000 fd:00 262275 /lib64/libm-2.12.so 33a0682000-33a0683000 r--p 00082000 fd:00 262275 /lib64/libm-2.12.so 33a0683000-33a0684000 rw-p 00083000 fd:00 262275 /lib64/libm-2.12.so 33a0c0-33a0c15000 r-xp fd:00 262546 /lib64/libz.so.1.2.3 33a0c15000-33a0e14000 ---p 00015000 fd:00 262546 /lib64/libz.so.1.2.3 33a0e14000-33a0e15000 r--p 00014000 fd:00 262546 /lib64/libz.so.1.2.3 33a0e15000-33a0e16000 rw-p 00015000 fd:00 262546 /lib64/libz.so.1.2.3 33a180-33a1816000 r-xp fd:00 262559 /lib64/libresolv-2.12.so 33a1816000-33a1a16000 ---p 00016000 fd:00 262559 /lib64/libresolv-2.12.so 33a1a16000-33a1a17000 r--p 00016000 fd:00 262559 /lib64/libresolv-2.12.so 33a1a17000-33a1a18000 rw-p 00017000 fd:00 262559 /lib64/libresolv-2.12.so 33a1a18000-33a1a1a000 rw-p 00:00 0
Re: [389-users] dirsrv-admin stat not working
Hi, i've already given a solution for this problem days ago : http://lists.fedoraproject.org/pipermail/389-users/2012-January/013960.html And the original thread is here (i made a mistake while answering to the list, so it appears disconnected from the rest of the thread). http://lists.fedoraproject.org/pipermail/389-users/2012-January/013948.html Good luck ! Guillaume On 01/20/2012 09:16 AM, Dan Whitmire wrote: I am having a terrible time attempting to get dirsrv-admin working on Fedora 15. Can someone please help me? I have selinux in permissive mode. I have tried all that I know to do, so any advice is welcome. I get the following: # service dirsrv-admin start Starting dirsrv-admin: /usr/sbin/start-ds-admin: line 105: 2275 Segmentation fault $SELINUX_CMD $HTTPD $OMIT_DEFLATE -k start -f /etc/dirsrv/admin-serv/httpd.conf $@ The logs are as follows: /var/log/messages Jan 20 10:12:42 SonshineServer kernel: [ 1779.299009] httpd.worker[2275]: segfault at 10 ip 7fdc0f5019b0 sp 7fff855d6528 error 4 in libpthread-2.14.1.so[7fdc0f4f8000+16000] rpm -qa |grep 389 /var/log/dirsrv/admin-serv/error [Fri Jan 20 10:12:42 2012] [error] Could not bind as []: ldap error -1: Can't contact LDAP server [Fri Jan 20 10:12:42 2012] [error] Could not bind as []: ldap error -1: Can't contact LDAP server [Fri Jan 20 10:12:42 2012] [warn] Unable to bind as LocalAdmin to populate LocalAdmin tasks into cache. [Fri Jan 20 10:12:42 2012] [notice] Access Host filter is: *.SonshineAccess.com [Fri Jan 20 10:12:42 2012] [notice] Access Address filter is: * /var/log/audit/audit.log type=CRED_DISP msg=audit(1327075262.337:65): user pid=2144 uid=0 auid=0 ses=2 subj=system_u:system_r:crond_t:s0-s0:c0.c1023 msg='op=PAM:setcred acct=root exe=/usr/sbin/crond hostname=? addr=? terminal=cron res=success' type=USER_END msg=audit(1327075262.373:66): user pid=2144 uid=0 auid=0 ses=2 subj=system_u:system_r:crond_t:s0-s0:c0.c1023 msg='op=PAM:session_close acct=root exe=/usr/sbin/crond hostname=? addr=? terminal=cron res=success' type=ANOM_ABEND msg=audit(1327075962.009:67): auid=500 uid=0 gid=0 ses=1 subj=unconfined_u:system_r:httpd_t:s0 pid=2275 comm=httpd.worker sig=11 -- 389 users mailing list 389-users@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users -- 389 users mailing list 389-users@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users -- 389 users mailing list 389-users@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users
Re: [389-users] dirsrv-admin stat not working
On 01/20/2012 11:32 AM, Guillaume Chanaud wrote: Hi, i've already given a solution for this problem days ago : http://lists.fedoraproject.org/pipermail/389-users/2012-January/013960.html And the original thread is here (i made a mistake while answering to the list, so it appears disconnected from the rest of the thread). http://lists.fedoraproject.org/pipermail/389-users/2012-January/013948.html Good luck ! Guillaume On 01/20/2012 09:16 AM, Dan Whitmire wrote: I am having a terrible time attempting to get dirsrv-admin working on Fedora 15. Can someone please help me? I have selinux in permissive mode. I have tried all that I know to do, so any advice is welcome. I get the following: # service dirsrv-admin start Starting dirsrv-admin: /usr/sbin/start-ds-admin: line 105: 2275 Segmentation fault $SELINUX_CMD $HTTPD $OMIT_DEFLATE -k start -f /etc/dirsrv/admin-serv/httpd.conf $@ The logs are as follows: /var/log/messages Jan 20 10:12:42 SonshineServer kernel: [ 1779.299009] httpd.worker[2275]: segfault at 10 ip 7fdc0f5019b0 sp 7fff855d6528 error 4 in libpthread-2.14.1.so[7fdc0f4f8000+16000] rpm -qa |grep 389 /var/log/dirsrv/admin-serv/error [Fri Jan 20 10:12:42 2012] [error] Could not bind as []: ldap error -1: Can't contact LDAP server [Fri Jan 20 10:12:42 2012] [error] Could not bind as []: ldap error -1: Can't contact LDAP server [Fri Jan 20 10:12:42 2012] [warn] Unable to bind as LocalAdmin to populate LocalAdmin tasks into cache. [Fri Jan 20 10:12:42 2012] [notice] Access Host filter is: *.SonshineAccess.com [Fri Jan 20 10:12:42 2012] [notice] Access Address filter is: * /var/log/audit/audit.log type=CRED_DISP msg=audit(1327075262.337:65): user pid=2144 uid=0 auid=0 ses=2 subj=system_u:system_r:crond_t:s0-s0:c0.c1023 msg='op=PAM:setcred acct=root exe=/usr/sbin/crond hostname=? addr=? terminal=cron res=success' type=USER_END msg=audit(1327075262.373:66): user pid=2144 uid=0 auid=0 ses=2 subj=system_u:system_r:crond_t:s0-s0:c0.c1023 msg='op=PAM:session_close acct=root exe=/usr/sbin/crond hostname=? addr=? terminal=cron res=success' type=ANOM_ABEND msg=audit(1327075962.009:67): auid=500 uid=0 gid=0 ses=1 subj=unconfined_u:system_r:httpd_t:s0 pid=2275 comm=httpd.worker sig=11 -- 389 users mailing list 389-users@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users -- 389 users mailing list 389-users@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users -- 389 users mailing list 389-users@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users Awesome...Thanks. My next step is to setup Dogtag. Is this going to affect my certificate at some point? -- 389 users mailing list 389-users@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users
Re: Only desktop wallpaper after login F15
In my case, I could never log onto the new F16 install, graphically. Just got that crappy oh no graphic, with no way to get any further. However, I was lucky in that I could CTRL+ALT+F2 (or one of the other terminals), and log into a command line. I let a yum update do its thing, and after that I could log into a graphical system. That sort of thing would be one of my first things to try if a new install wasn't working right. Certainly not reformatting and re-installing, this isn't Windows. If the install seemed to work without any errors, the first time around, then I'd be fairly sure that the install had worked. And that another attempt wouldn't be any different. #yum update does it for me as well Gnome 3 is now working fine. Thanks! -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
Re: [ why i do not like base64]
On 19 January 2012 22:09, g gel...@bellsouth.net wrote: On 01/19/2012 12:56 PM, Tim wrote: On Thu, 2012-01-19 at 03:52 +, g wrote: but the (obvious) spam (simply by looking at the list of recipients) this is true. because it was sent to a 'tsl' also. viewing source, header can be read, but not able to read body because of 'base64'. to view body, opened as 'email'. saw link. thought. what the heck. possible a subscriber messed up. wondered what. clicked link. using firefox and NoScript, running firewall, rkhunter, backed up. why not. firefox displayed a 404. i broke link. Don't know why you conclude that, spam links can have a short lifetime as they get shut down. FWIW I do agree base64 is an unfriendly way to send email text bodies. -- imalone -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
[OT] how to share a directory under ntfs mount point with selinux enabled?
Hello, using Fedora 16 and its samba 3.6 stack I would like to share a directory that is under a local ntfs mounted (with ntfs-3g) path... For normal dirs I'm able to share after chcon -t samba_share_t /dir/to/share/path But for dirs under ntfs? Is there any directive to tell samba to skip selinux protection for particular shares? Thanks in advance, Gianluca -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
Re: [OT] how to share a directory under ntfs mount point with selinux enabled?
On 01/20/2012 07:40, Gianluca Cecchi wrote: Hello, using Fedora 16 and its samba 3.6 stack I would like to share a directory that is under a local ntfs mounted (with ntfs-3g) path... For normal dirs I'm able to share after chcon -t samba_share_t /dir/to/share/path But for dirs under ntfs? Is there any directive to tell samba to skip selinux protection for particular shares? Thanks in advance, Gianluca So from what I understand ntfs-3g is a fuse filesystem. I would assume that when you do ls -Z on any file on your ntfs-3g mount that it comes back with the type fuse_t. Unfortunately fuse doesn't support finer-grained labeling with SELinux. The best thing that you will be able to do is make it so your entire ntfs-3g mount is labeled samba_share_t and then just export the folders you want. You should be able to do this by adding -o context=system_u:object_r:samba_share_t to your mount command for your ntfs-3g mount. Dave -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
Re: Looking for beautiful themes, application settings, fonts, etc. (KDE)
On Thu, 2012-01-19 at 09:31 -0700, linux guy wrote: If I start a KDE session in twinview mode, according to the nVidia configuration GUI, under X screen, my resolution is 128 x 130 dots per inch. I find those numbers a bit odd. You can work it out for yourself. Measure the screen, divide it by the number of pixels (hint - that's why it's called pixels per inch). If you can see the screen, you might be able to see that the pixels are probably rectangular. And you should probably regard the red+green+blue triple as a single pixel, as all three are required (as a group) to draw a colour. As a group, they're close to square (how close will depend on the panel). Some things make presumptions, and will just adopt a (sometimes inappropriate) default value if no proper information is provided (the graphics card should poll the display device for its specifications). And it has been known for some devices to return wrong information. With dual display modes, it can get really messy. If they're different displays, they really need different settings. But if you're trying to clone displays, you're trying to implement conflicting settings. I think this change alone increased the crispness of displayed text. I'm not too surprised that setting up the display to the correct parameters would help (not that I've confirmed yours are wrong or correct, I just mean the principle of the thing). Rendering without the right settings is prone to errors. Once you have a display set up to run properly, you can then do other things to make it look nicer (font styles and sizes), and have it do what you expect. -- [tim@localhost ~]$ uname -r 2.6.27.25-78.2.56.fc9.i686 Don't send private replies to my address, the mailbox is ignored. I read messages from the public lists. -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
Re: Operating a laptop when closed. Disabling the lid switch ?
On Thu, 2012-01-19 at 19:08 +0100, Reindl Harald wrote: you do not really want this because the machine will OVERHEAT! *May* overheat... It depends on the design of the laptop's ventilation. Some depend on vents around the keyboard, that will be blocked off by the screen. Others have ventilation that uses grills in the bottom and/or the sides. Some laptops can run cooler with the lid down. Why? Because they can: * Turn the screen off, or into low power mode. * Turn the graphics chips off, or into low power mode. Neither need to be on when there's no display visible. Running a laptop with an external display may be a cause for heat generation from the graphics chips, they may not be the same chips used to drive the internal display. Monitor the temperature when you try this. Listen to the fans, notice if they speed up (to force more cooling). -- [tim@localhost ~]$ uname -r 2.6.27.25-78.2.56.fc9.i686 Don't send private replies to my address, the mailbox is ignored. I read messages from the public lists. -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
Re: system programming related query
On Thu, 2012-01-19 at 20:46 +0530, shreyas m wrote: I am developing a c based application which needs authenticating the user as a root- user. I'm wiling to provide the responsibility of password verification to fedora os, as in the case of built in applications such as NFS,HTTP. I have a sense of deja vu... Isn't this the same question asked just a few days ago? Is it the start of a new computing course somewhere? -- [tim@localhost ~]$ uname -r 2.6.27.25-78.2.56.fc9.i686 Don't send private replies to my address, the mailbox is ignored. I read messages from the public lists. -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
Re: [ why i do not like base64]
Tim: you replied to was not received as base64 encoded, here. g: that is because it has enigmail sig. note source of this post. My point was that the spam that you were complaining about as an example of why you don't like base64 was *not* base64 encoded (the original spam mail, not your reply to it). At least it wasn't, *here*... None of it was. But having another look at that message, I see I overlooked a mail header stating that it had been converted (and it's quite possible that some server may do the opposite conversion to you, converting stuff into 8bit). X-MIME-Autoconverted: from base64 to 8bit by mailserver.lan.example.com If I can get the message /as text/, then so you can you, one way or another. And your problem (I think it was you that asked about converting mail, last week), about using tools to filter mail, but not encoded mail, can be simplified. In my case, I use fetchmail to drag in mail from various internet servers. I access that mail through Dovecot, as a local IMAP server. And post out through sendmail, as a local SMTP server. (Which isn't as hard, or complicated, as that might seem at first glance). I don't know which of them is doing it, because I haven't deliberately configured it to do so. Though I notice some mention of conversion options in the fetchmail man file. -- [tim@localhost ~]$ uname -r 2.6.27.25-78.2.56.fc9.i686 Don't send private replies to my address, the mailbox is ignored. I read messages from the public lists. -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
Re: [ why i do not like base64]
Am 20.01.2012 16:18, schrieb Tim: X-MIME-Autoconverted: from base64 to 8bit by mailserver.lan.example.com If I can get the message /as text/, then so you can you, one way or another. And your problem (I think it was you that asked about converting mail, last week), about using tools to filter mail, but not encoded mail, can be simplified. be careful with rewrite mailbody this will break all sorts of signed mails signature.asc Description: OpenPGP digital signature -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
Re: [OT] how to share a directory under ntfs mount point with selinux enabled?
On 01/20/2012 09:13, David Quigley wrote: On 01/20/2012 07:40, Gianluca Cecchi wrote: Hello, using Fedora 16 and its samba 3.6 stack I would like to share a directory that is under a local ntfs mounted (with ntfs-3g) path... For normal dirs I'm able to share after chcon -t samba_share_t /dir/to/share/path But for dirs under ntfs? Is there any directive to tell samba to skip selinux protection for particular shares? Thanks in advance, Gianluca So from what I understand ntfs-3g is a fuse filesystem. I would assume that when you do ls -Z on any file on your ntfs-3g mount that it comes back with the type fuse_t. Unfortunately fuse doesn't support finer-grained labeling with SELinux. The best thing that you will be able to do is make it so your entire ntfs-3g mount is labeled samba_share_t and then just export the folders you want. You should be able to do this by adding -o context=system_u:object_r:samba_share_t to your mount command for your ntfs-3g mount. Dave I just looked back at an old post I made on this very issue and it seems that there might be a problem. Unless it has been fixed the fuse mount program doesn't necessarially pass the context mount option down to the kernel to be handled. So the fix I suggested above might not work. They may have fixed that problem so give it a try anyway but if the mount option is not passed down there isn't much you can do about it. Dave -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
[389-users] dirsrv-admin stat not working
I am having a terrible time attempting to get dirsrv-admin working on Fedora 15. Can someone please help me? I have selinux in permissive mode. I have tried all that I know to do, so any advice is welcome. I get the following: # service dirsrv-admin start Starting dirsrv-admin: /usr/sbin/start-ds-admin: line 105: 2275 Segmentation fault $SELINUX_CMD $HTTPD $OMIT_DEFLATE -k start -f /etc/dirsrv/admin-serv/httpd.conf $@ The logs are as follows: /var/log/messages Jan 20 10:12:42 SonshineServer kernel: [ 1779.299009] httpd.worker[2275]: segfault at 10 ip 7fdc0f5019b0 sp 7fff855d6528 error 4 in libpthread-2.14.1.so[7fdc0f4f8000+16000] /var/log/dirsrv/admin-serv/error [Fri Jan 20 10:12:42 2012] [error] Could not bind as []: ldap error -1: Can't contact LDAP server [Fri Jan 20 10:12:42 2012] [error] Could not bind as []: ldap error -1: Can't contact LDAP server [Fri Jan 20 10:12:42 2012] [warn] Unable to bind as LocalAdmin to populate LocalAdmin tasks into cache. [Fri Jan 20 10:12:42 2012] [notice] Access Host filter is: *.SonshineAccess.com [Fri Jan 20 10:12:42 2012] [notice] Access Address filter is: * /var/log/audit/audit.log type=CRED_DISP msg=audit(1327075262.337:65): user pid=2144 uid=0 auid=0 ses=2 subj=system_u:system_r:crond_t:s0-s0:c0.c1023 msg='op=PAM:setcred acct=root exe=/usr/sbin/crond hostname=? addr=? terminal=cron res=success' type=USER_END msg=audit(1327075262.373:66): user pid=2144 uid=0 auid=0 ses=2 subj=system_u:system_r:crond_t:s0-s0:c0.c1023 msg='op=PAM:session_close acct=root exe=/usr/sbin/crond hostname=? addr=? terminal=cron res=success' type=ANOM_ABEND msg=audit(1327075962.009:67): auid=500 uid=0 gid=0 ses=1 subj=unconfined_u:system_r:httpd_t:s0 pid=2275 comm=httpd.worker sig=11 -- 389 users mailing list 389-us...@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users
Announcement: Piranha being retired in Fedora 17
The time has come to retire the piranha package from Fedora. This will take effect in Fedora 17. Piranha is an old project, and is currently lacking in features that can be found in other open source load balancers. Users of piranha are encouraged to look at other solutions, such as keepalived. Ryan -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
Re: [ why i do not like base64]
On 01/20/2012 03:31 PM, Reindl Harald wrote: be careful with rewrite mailbody this will break all sorts of signed mails -=- and, as you know, thunderbird gives you a friendly notification banner. -- peace out. tc.hago, g . *please reply plain text only. html text are deleted* signature.asc Description: OpenPGP digital signature -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
Re: [ why i do not like base64]
On 01/20/2012 03:18 PM, Tim wrote: Tim: you replied to was not received as base64 encoded, here. g: that is because it has enigmail sig. note source of this post. My point was that the spam that you were complaining about as an example of why you don't like base64 was *not* base64 encoded (the original spam mail, not your reply to it). At least it wasn't, *here*... None of it was. -=- } X-Mailer: Evolution 2.22.3.1 (2.22.3.1-1.fc9) dose Evolution convert 'base64' to 'text' during view source? or, convert to text when email receive? tricked handlers between inet connection and email client? But having another look at that message, I see I overlooked a mail header stating that it had been converted (and it's quite possible that some server may do the opposite conversion to you, converting stuff into 8bit). -=- intelligent email 'handlers', 'servers', 'clients', do not convert enigmail to 'base64'. as of this time, 1818 utc, the thread contains; 7 post: 2-enig, 5-b64 my post: 1-enig, 1-b64 b64 posters: op, tim, g, ibmalone enig posters: g, h.reindl when i post enigmail, there is not conversion of my post. when i post unsigned, my post arrives base64. X-MIME-Autoconverted: from base64 to 8bit by mailserver.lan.example.com -=- where and with what is above being inserted? it would appear X-MIME-Autoconverted: is/may be a config within _your_ email handler?? If I can get the message /as text/, then so you can you, one way or another. -=- this is true. and i would if my email client had ability to convert base64 to text. And your problem (I think it was you that asked about converting mail, last week), about using tools to filter mail, but not encoded mail, can be simplified. -=- convert base64 to text, yes. filter, no. other than filter for base64 and convert to text. In my case, I use fetchmail to drag in mail from various internet servers. I access that mail through Dovecot, as a local IMAP server. And post out through sendmail, as a local SMTP server. (Which isn't as hard, or complicated, as that might seem at first glance). -=- i am in research and reading of 'dovecot/*'. now have a 'dovecot' 'chapter' in bookmarks and a local 'dovecot' url icon to a local 'dovecot' html page which is a/an inet and local 'map'. I don't know which of them is doing it, because I haven't deliberately configured it to do so. Though I notice some mention of conversion options in the fetchmail man file. -=- i already have 'fetchmail chapter'. built over several years. added to while writing 'dovecot chapter'. fetchmail is installed. not configed. never run. setting up server will not be a problem. problem is a box to put it in. 8-(. which is 'r2i' new power supply. plus side, another box can/will be used as file server also. ;) -- peace out. tc.hago, g . *please reply plain text only. html text are deleted* in a free world without fences, who needs gates. ** help microsoft stamp out piracy - give linux to a friend today. ** to mess up a linux box, you need to work at it. to mess up an ms windows box, you just need to *look* at it. ** The installation instructions stated to install Windows 2000 or better. So I installed Linux. ** learn linux: 'Rute User's Tutorial and Exposition' http://rute.2038bug.com/index.html 'The Linux Documentation Project' http://www.tldp.org/ 'LDP HOWTO-index' http://www.tldp.org/HOWTO/HOWTO-INDEX/index.html 'HowtoForge' http://howtoforge.com/ signature.asc Description: OpenPGP digital signature -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
Re: [ why i do not like base64]
On 01/20/2012 10:48 AM, Ian Malone wrote: Don't know why you conclude that, spam links can have a short lifetime as they get shut down. -=- i must be smoking something stronger than you. B=D i do not recall, nor see where i made such statement, or imply. FWIW I do agree base64 is an unfriendly way to send email text bodies. -=- supposed reasoning is base64 compresses. adverse - can not be searched by some email clients. example - thunderbird 2.0.0.24 (2008) -- peace out. tc.hago, g . *please reply plain text only. html text are deleted* in a free world without fences, who needs gates. ** help microsoft stamp out piracy - give linux to a friend today. ** to mess up a linux box, you need to work at it. to mess up an ms windows box, you just need to *look* at it. ** The installation instructions stated to install Windows 2000 or better. So I installed Linux. ** learn linux: 'Rute User's Tutorial and Exposition' http://rute.2038bug.com/index.html 'The Linux Documentation Project' http://www.tldp.org/ 'LDP HOWTO-index' http://www.tldp.org/HOWTO/HOWTO-INDEX/index.html 'HowtoForge' http://howtoforge.com/ signature.asc Description: OpenPGP digital signature -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
Re: [ why i do not like base64]
Am 20.01.2012 20:47, schrieb g: On 01/20/2012 03:31 PM, Reindl Harald wrote: be careful with rewrite mailbody this will break all sorts of signed mails -=- and, as you know, thunderbird gives you a friendly notification banner and what does this change? if something BEFORE the mail client manipulates mail-contents which are signed they are no longer trustable - do this for you if you do not care, but do not call it smart signature.asc Description: OpenPGP digital signature -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
Re: [ why i do not like base64]
On 01/20/2012 07:51 PM, Reindl Harald wrote: Am 20.01.2012 20:47, schrieb g: On 01/20/2012 03:31 PM, Reindl Harald wrote: be careful with rewrite mailbody this will break all sorts of signed mails -=- and, as you know, thunderbird gives you a friendly notification banner and what does this change? -=- it does not change anything. it was a comment to what happens with with thunderbird as email client. if anything, it was not meant to change. other than knowledge. if something BEFORE the mail client manipulates mail-contents which are signed they are no longer trustable - do this for you if you do not care, but do not call it smart -=- i am not, nor stated, that i am interested in making changes to enigmail emails. nor, have i ever made comment that it is smart. fact is as far as converting of anything, it is to convert base64. better yet, convert base64 and html to text and it be a feature of email client. -- peace out. tc.hago, g . *please reply plain text only. html text are deleted* in a free world without fences, who needs gates. ** help microsoft stamp out piracy - give linux to a friend today. ** to mess up a linux box, you need to work at it. to mess up an ms windows box, you just need to *look* at it. ** The installation instructions stated to install Windows 2000 or better. So I installed Linux. ** learn linux: 'Rute User's Tutorial and Exposition' http://rute.2038bug.com/index.html 'The Linux Documentation Project' http://www.tldp.org/ 'LDP HOWTO-index' http://www.tldp.org/HOWTO/HOWTO-INDEX/index.html 'HowtoForge' http://howtoforge.com/ signature.asc Description: OpenPGP digital signature -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
Re: Moodle on Fedora 16
Regarding comments on Fedora: even most of people use cutting edge thing I will only express BIG disagreement. (with all politeness even usually use ) I'm using Fedora for my production systems for a long long time ago. Without any problems. From F8 if i remember well. cutting edge could be only rawhide. Last few releases from 14 especially there is a lack of ... seriousness about Quality Assurance if I may say. About longer life cycle ... it is easier to upgrade installation nor install latest php on RHEL-based distributions. this is only my point of view. I can not remember when one of my production system lived longer than two years. Nevertheless ... Regarding moodle on Fedora: (I hope that Daniel will read this :) ) there is a several modifications that have to do to make it operate properly - default moodle package make 2 dirs under /var/www/moodle: web and data. data dir have httpd_sys_content_t context. This context prevent writing under data dir. moodle use this dir intensively for writing. - first: change context to httpd_sys_rrw_content_t on data dir and, and for better security change owner and group to apache. - second: change httpd_can_network_connect_db to on, depending on cache model in moodle httpd_can_network_memcache to on, and httpd_can_sendmail to on for sending emails directly from moodle. After these changes moodle works as a charm on Fedora. My first production moodle setup was on F12. Latest on F15. On 14 January 2012 10:37, Roger are...@bigpond.com wrote: Thank you Daniel, Roger and Edik. I will try your suggestions as soon as I can. Regarding the cutting edge thing, this is just my desktop machine, and I love Fedora. The production server will be somewhere else and will not be managed by me (it's a government training project). And surely it won't be Fedora, they have very competent people there to take care of it (most surely Red Hat server but it is not my decision). I only have a development site so I can work locally on developing the materials, so that when production is set up, we will already know what works for the project and what not (I mean for the training). I'll let you know how it goes. Ester Trouble is one can spend a lot of time fixing cutting edge OSes, time that may be better spent on dev work. Been There, Done That. Was going to try F16 on my home pc but the list discussions have kyboshed that because I haven't got the time to play nowadays. Flat out developing Drupal Multi sites for a nonprofit organisation. CentOS is, very stable Fedora. I truly reccomend using it rather than cutting edge apps for development work. I've got Fedora 14, it's smooth and trouble free but as it is now unsupported am moving to CentOS soon. I use CentOS on the server and because I know Fedora it's home territory. It also has the advantage that, because it's so familiar, it's easy to use Virtualbox, VmWare or similar to set up other Osses like F16, Ubuntu. windows, etc to play with and you won't break your workbench apps. You can use xfce or any GUI desktop that suits your needs. As an aside, My daughter developed a Moodle site for a school project and wants her school to move to Moodle but they are fixated on something called a VLA, which is not a patch on Moodle and has few if any of Moodle's capabilities. Please let us know how you are progressing. Roger -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
Re: [OT] how to share a directory under ntfs mount point with selinux enabled?
On Fri Jan 20 16:08:49 UTC 2012 David Quigley wrote: The best thing that you will be able to do is make it so your entire ntfs-3g mount is labeled samba_share_t and then just export the folders you want. You should be able to do this by adding -o context=system_u:object_r:samba_share_t to your mount command for your ntfs-3g mount. I just looked back at an old post I made on this very issue and it seems that there might be a problem. Unless it has been fixed the fuse mount program doesn't necessarially pass the context mount option down to the kernel to be handled. So the fix I suggested above might not work. They may have fixed that problem so give it a try anyway but if the mount option is not passed down there isn't much you can do about it. Dave Unfortunately putting the line /dev/sda1 /w7 ntfs-3g context=system_u:object_r:samba_share_t 1 0 I get this when trying to mount: ntfs-3g-mount: mount failed: Invalid argument And in messages: kernel: [14596.016616] SELinux: security_context_to_sid(system_u:object_r:samba_share_t) failed for (dev sda1, type fuseblk) errno=-22 -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
Re: [OT] how to share a directory under ntfs mount point with selinux enabled?
On Fri, Jan 20, 2012 at 11:23 PM, Gianluca Cecchi gianluca.cec...@gmail.com wrote: Unfortunately putting the line /dev/sda1 /w7 ntfs-3g context=system_u:object_r:samba_share_t 1 0 I get this when trying to mount: ntfs-3g-mount: mount failed: Invalid argument And in messages: kernel: [14596.016616] SELinux: security_context_to_sid(system_u:object_r:samba_share_t) failed for (dev sda1, type fuseblk) errno=-22 OK. Walking through other documents I found that the correct syntax is with a :s0 at the end of the option, and also add defaults at the end, like: context=system_u:object_r:samba_share_t:s0,defaults This way I can correctly mount a share against a directory under the ntfs tree ALso, creating a test.txt file from the windows network attached machine, the context properties are correctly managed from a linux point of view: $ getfattr -n security.selinux /w7/test_share/test.txt getfattr: Removing leading '/' from absolute path names # file: w7/test_share/test.txt security.selinux=system_u:object_r:samba_share_t:s0 Thanks, Gianluca -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
Re: [OT] how to share a directory under ntfs mount point with selinux enabled?
On 1/20/2012 5:45 PM, Gianluca Cecchi wrote: On Fri, Jan 20, 2012 at 11:23 PM, Gianluca Cecchi gianluca.cec...@gmail.com wrote: Unfortunately putting the line /dev/sda1 /w7 ntfs-3g context=system_u:object_r:samba_share_t 1 0 I get this when trying to mount: ntfs-3g-mount: mount failed: Invalid argument And in messages: kernel: [14596.016616] SELinux: security_context_to_sid(system_u:object_r:samba_share_t) failed for (dev sda1, type fuseblk) errno=-22 OK. Walking through other documents I found that the correct syntax is with a :s0 at the end of the option, and also add defaults at the end, like: context=system_u:object_r:samba_share_t:s0,defaults This way I can correctly mount a share against a directory under the ntfs tree ALso, creating a test.txt file from the windows network attached machine, the context properties are correctly managed from a linux point of view: $ getfattr -n security.selinux /w7/test_share/test.txt getfattr: Removing leading '/' from absolute path names # file: w7/test_share/test.txt security.selinux=system_u:object_r:samba_share_t:s0 Thanks, Gianluca Its good to hear that those options are getting passed into the kernel now. Sorry about forgetting the s0 I copied and pasted the context from another post (and changed the type). I'm glad things worked out for you. Dave -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org