Am 26.07.20 um 17:23 schrieb Leon Fauster:
Am 26.07.20 um 12:23 schrieb Strahil Nikolov:
На 25 юли 2020 г. 14:20:19 GMT+03:00, Leon Fauster via CentOS
написа:
Hi all,
I have some AVC in the logs and wonder how to resolve this: Under
EL8 (enforcing SElinux) I have /var/lib/php/session
On Jul 25, 2020, at 07:20, Leon Fauster via CentOS wrote:
>
> I wonder about the "remount" and the comm="ostnamed".
>
> I do not found any ostnamed application, the closest is hostnamed.
You don’t happen to have snapd installed, do you? I can see several bugs
posted related to snapd and
Am 26.07.20 um 12:23 schrieb Strahil Nikolov:
На 25 юли 2020 г. 14:20:19 GMT+03:00, Leon Fauster via CentOS
написа:
Hi all,
I have some AVC in the logs and wonder how to resolve this: Under
EL8 (enforcing SElinux) I have /var/lib/php/session mounted as tmpfs.
# tail -1 /etc/fstab
tmpfs
Hi Leon,
have you tried mounting with 'httpd_sys_rw_content_t' instead of
'httpd_var_run_t' ?
Best Regards,
Strahil Nikolov
На 25 юли 2020 г. 14:20:19 GMT+03:00, Leon Fauster via CentOS
написа:
>Hi all,
>
>I have some AVC in the logs and wonder how to resolve this: Under
>EL8 (enforcing
Hi all,
I have some AVC in the logs and wonder how to resolve this: Under
EL8 (enforcing SElinux) I have /var/lib/php/session mounted as tmpfs.
# tail -1 /etc/fstab
tmpfs /var/lib/php/session tmpfs
CentUS 7.4
>From sealert:
SELinux is preventing /usr/sbin/sshd from read access on the file
/etc/ssh/moduli.
* Plugin restorecon (94.8 confidence) suggests
If you want to fix the label.
/etc/ssh/moduli default label should be etc_t.
Then you can run restorecon.
Can you attach one of the AVC's. Mos likely ssh-x509-auth needs to be
labeled sshd_key_t
or ssh_home_t
On 04/06/2016 02:54 PM, m.r...@5-cent.us wrote:
I'm seeing a lot of noise in the logs, to the effect of:
setroubleshoot: SELinux is preventing /bin/ksh93 from write access on the
directory
I'm seeing a lot of noise in the logs, to the effect of:
setroubleshoot: SELinux is preventing /bin/ksh93 from write access on the
directory /var/lib/ssh-x509-auth
as well as others related to find, cat, etc on .pem's in that directory.
Is this a policy bug, or just no policy covering this?
On 02/25/2016 07:23 AM, Brandon Vincent wrote:
On Thu, Feb 25, 2016 at 12:34 AM, Frank Cox wrote:
Turns out you get the "Could not downgrade policy file
/etc/selinux/targeted/policy/policy.24" error if you're running with SELinux
disabled and something tries to
On Thu, Feb 25, 2016 at 12:34 AM, Frank Cox wrote:
> Turns out you get the "Could not downgrade policy file
> /etc/selinux/targeted/policy/policy.24" error if you're running with SELinux
> disabled and something tries to install or reload policy: semodule -vR does
On 02/24/2016 11:34 PM, Frank Cox wrote:
On Wed, 24 Feb 2016 23:28:33 -0800
Alice Wonder wrote:
I don't ordinarily run SELinux and do not have it enabled.
https://lists.fedoraproject.org/pipermail/selinux/2012-May/014626.html
QUOTE:
Turns out you get the "Could not downgrade policy file
On Wed, 24 Feb 2016 23:28:33 -0800
Alice Wonder wrote:
> I don't ordinarily run SELinux and do not have it enabled.
https://lists.fedoraproject.org/pipermail/selinux/2012-May/014626.html
QUOTE:
Turns out you get the "Could not downgrade policy file
/etc/selinux/targeted/policy/policy.24" error
Trying to add SELinux support to my bitcoin package.
Keep getting this on install:
SELinux: Could not downgrade policy file
/etc/selinux/targeted/policy/policy.29, searching for an older version.
SELinux: Could not open policy file <=
/etc/selinux/targeted/policy/policy.29: No such file or
Hi list,
I'm new to Centos and I've a very small knowledge of selinux use.
I can disable it, but I prefer take it on for study.
I've a second mirrored device that I use for file sharing.
This is the scenario:
/dev/md2 mounted on /mnt/data
To make samba working I must set the file context to
Alessandro Baggi wrote:
Hi list,
I'm new to Centos and I've a very small knowledge of selinux use.
I can disable it, but I prefer take it on for study.
Ok, first thing you want to do is set it to permissive mode (setenforce 0,
and edit /etc/selinux/config to Permissive from Enforcing). That
On 3/31/2014 7:18 AM, Alessandro Baggi wrote:
It's a better choice mount /dev/md2 on /mnt/data, make to dirs, one for
pgsql and another for sambashare, set relative context and start services?
well, its not a good practice to have your postgres data directory in a
shared location, as nothing
Do you actually want the data to be available to both domains at the
same time? Or could you setup different directories?
If you want them to be both available you could label it
postgresql_db_t, and then turn on the samba_export_all_ro_boolean or
samba_export_all_rw_boolean. If this was to
17 matches
Mail list logo