Hi All,
Currently Working on Cent OS 7.3 and login as a root User and my Id command
output is :
*id*
*uid=0(root) gid=0(root) groups=0(root)
context=system_u:system_r:unconfined_t:s0-s0:c0.c1023*
I want to change *System_u:system_r:unconfined_t to sysadm_u:sysadm_r or *
testing you can try setting the bool value if
> you are logging via ssh.
>
> setsebool -P ssh_sysadm_login 1
>
>
>
> Regards,
> Ravi
>
> On Fri, Nov 24, 2017 at 10:47 AM, Aman Sharma <amansh.shar...@gmail.com>
> wrote:
>
>>
>>
>> Hi All,
&
e:
> On Fri, 2017-11-24 at 10:47 +0530, Aman Sharma wrote:
> >
> >
> > Hi All,
> >
> > Currently Working on Cent OS 7.3 and login as a root User and my Id
> > command output is :
> >
> > id
> > uid=0(root) gid=0(root) groups=0(root)
> &g
te:
> On Wed, Nov 29, 2017 at 09:33:31AM +0530, Aman Sharma wrote:
> > Hi Stephen,
> >
> > Below is the output of command :
> >
> > * sestatus -v output*
> > *SELinux status: enabled*
> > *SELinuxfs mount:/sys/fs/selin
Hi All,
During System boot up, I am running some semanage commands to change the
User to sysadm_u. But in Cent OS 7.3 , Below error message is coming
i.e. *ValueError:
Login mapping for __default__ is not defined.*
/usr/sbin/semanage login -m -S targeted -s user_u -r s0 __default__
No, I am not using 3rd party SSH client. This is normal ssh .
On Wed, Nov 29, 2017 at 8:59 PM, Simon Sekidde <sseki...@redhat.com> wrote:
> Aman,
>
> - Original Message -----
> > From: "Aman Sharma" <amansh.shar...@gmail.com>
> > To: "Stephe
ipsec_exec_t '/root/.security/ipsec(/.*)?'
fcontext -a -f a -t tomcat_exec_t
'/root/.security/tomcat/tomcat_diagnostics.sh'
module -d unconfined
On Wed, Nov 29, 2017 at 9:10 PM, Stephen Smalley <s...@tycho.nsa.gov> wrote:
> On Wed, 2017-11-29 at 20:47 +0530, Aman Sharma wrote:
>
Actually I am using Cent OS version 7.3. i.e
cat /etc/centos-release
CentOS Linux release 7.3.1611 (Core)
On Wed, Nov 29, 2017 at 9:04 PM, Aman Sharma <amansh.shar...@gmail.com>
wrote:
> No, I am not using 3rd party SSH client. This is normal ssh .
>
> On Wed, Nov 29, 2017 at
t;s...@tycho.nsa.gov> wrote:
> On Wed, 2017-11-29 at 08:56 -0500, Stephen Smalley wrote:
> > On Wed, 2017-11-29 at 17:19 +0530, Aman Sharma wrote:
> > > Hi All,
> > >
> > > During System boot up, I am running some semanage commands to
> > > change
>
**
*Please let me know if any comments are there.*
*Thanks*
*Aman*
On Wed, Nov 29, 2017 at 7:21 PM, Stephen Smalley <s...@tycho.nsa.gov> wrote:
> On Wed, 2017-11-29 at 09:33 +0530, Aman Sharma wrote:
> > Hi Stephen,
> >
> > Below is the output of command :
nks*
*Aman*
On Wed, Nov 29, 2017 at 8:17 PM, Stephen Smalley <s...@tycho.nsa.gov> wrote:
> On Wed, 2017-11-29 at 20:11 +0530, Aman Sharma wrote:
> > Hi Stephen,
> >
> > Thanks for the reply.
> >
> > Can you please let me know how to delete all local cu
After resetting boolean also, showing the same id context.
On Wed, Nov 29, 2017 at 9:50 PM, Stephen Smalley <s...@tycho.nsa.gov> wrote:
> On Wed, 2017-11-29 at 21:39 +0530, Aman Sharma wrote:
> > Hi Stephen,
> >
> > After enabling the unconfined module and after reb
at 21:26 +0530, Aman Sharma wrote:
> > Hi Stephen,
> >
> > The output of semanage export is :
> >
> > cat localchanges
> > boolean -D
> > login -D
> > interface -D
> > user -D
> > port -D
> > node -D
> > fcontext -D
> > mo
*
*system_u:system_r:unconfined_t:s0-s0:c0.c1023*
*And semanage login -l is showing blank output. *
*Do you have any idea about this.*
*Thanks*
*Aman*
On Wed, Nov 29, 2017 at 11:04 PM, Stephen Smalley <s...@tycho.nsa.gov> wrote:
> On Wed, 2017-11-29 at 22:01 +0530, Aman Sharma wrote:
> > After resetti
17 at 1:49 AM, Dominick Grift <dac.overr...@gmail.com>
wrote:
> On Thu, Nov 30, 2017 at 11:10:43AM +0530, Aman Sharma wrote:
> > Hi Stephen,
> >
> > After reseting Selinux targeted folder also (the steps you mentioned in
> the
> > earlier mail), Still it
eset this System_u to Unconfined_u i.e. to the default
behavior.
Thanks for the help.
Aman
On Sat, Nov 25, 2017 at 10:55 PM, Simon Sekidde <sseki...@redhat.com> wrote:
>
>
> - Original Message -
> > From: "Aman Sharma" <amansh.shar...@gmail.com>
>
Hi Stephen,
Do you have any other way to change the context from id command ?
Thanks
Aman
On Thu, Nov 30, 2017 at 11:10 AM, Aman Sharma <amansh.shar...@gmail.com>
wrote:
> Hi Stephen,
>
> After reseting Selinux targeted folder also (the steps you mentioned in
> the earlie
. What you think about this.
Thanks
Aman
On Sat, Dec 2, 2017 at 1:05 AM, Simon Sekidde <sseki...@redhat.com> wrote:
>
>
> - Original Message -
> > From: "Stephen Smalley" <s...@tycho.nsa.gov>
> > To: "Simon Sekidde" <sseki...@redhat.
sessioninclude system-auth
-session optional pam_ck_connector.so
Please Let me know if any comments are there.
On Mon, Dec 4, 2017 at 10:08 PM, Stephen Smalley <s...@tycho.nsa.gov> wrote:
> On Mon, 2017-12-04 at 22:04 +0530, Aman Sharma wrote:
> > Hi Stephen,
>
Is this a bug in cent OS 7.3 ?
On Tue, Dec 5, 2017 at 2:10 PM, Dominick Grift <dac.overr...@gmail.com>
wrote:
> On Tue, Dec 05, 2017 at 02:02:37PM +0530, Aman Sharma wrote:
> > Hi Stephen,
> >
> > Below is the changes which I made in Login and ssh file :
> >
>
:17 AM, Aman Sharma <amansh.shar...@gmail.com>
wrote:
> Hi All,
>
> just wanted to know the meaning of line *sessionrequired
> pam_selinux.so open env_params *added in */etc/pam.d/sshd *file.
> Actually I am facing one issue related to this. When I changed this
>
system_u:system_r:sshd_t:s0*
*/usr/sbin/selinuxdefcon: Invalid argument*
*Please let me know your comments on this.*
*Thanks*
*Aman*
On Thu, Dec 14, 2017 at 12:45 AM, Stephen Smalley <s...@tycho.nsa.gov> wrote:
> On Wed, 2017-12-13 at 21:40 +0530, Aman Sharma wrote:
> > Hi Stephen,
): session
opened for user sftpuser by (uid=0)
Please let me know if you have any idea on this.
On Wed, Dec 13, 2017 at 8:54 PM, Stephen Smalley <s...@tycho.nsa.gov> wrote:
> On Tue, 2017-12-12 at 23:47 -0500, Aman Sharma wrote:
> > Hi All,
> >
> > just wanted to know
Hi All,
just wanted to know the meaning of line *sessionrequired
pam_selinux.so open env_params *added in */etc/pam.d/sshd *file. Actually
I am facing one issue related to this. When I changed this *env_params to
restore *then my Sftp is not working.
Can anybody Please guide me on this.
..@tycho.nsa.gov> wrote:
> On Sat, 2017-12-02 at 09:29 +0530, Aman Sharma wrote:
> > Hi All,
> >
> > Thanks for the information.
> >
> > But after resetting the semanage User/login, and moving the targeted
> > folder to old one and then inst
elinux-2.5-6.el7.i686
libselinux-2.5-6.el7.x86_64
Please let me know if you want any other details .
Thanks
On Mon, Dec 4, 2017 at 9:30 PM, Stephen Smalley <s...@tycho.nsa.gov> wrote:
> On Mon, 2017-12-04 at 10:44 -0500, Stephen Smalley wrote:
> > On Mon, 2017-12-04 at 15:15 +0530,
Hi All,
I am seeing a number of su core files after a fresh install of Cent OS 7
Machine. In this particular case I have 622 cores files found. The
backtrace is given below
Reading symbols from /usr/bin/su...Reading symbols from /usr/bin/su...(no
debugging symbols found)...done.
(no debugging
, Dec 4, 2017 at 9:31 PM, Aman Sharma <amansh.shar...@gmail.com>
wrote:
> Hi Stephen,
>
> I got the below logs from the file .Can you please if these logs are fine
> or not :
>
> journalctl | grep selinux
> Dec 05 02:55:46 localhost.localdomain kernel: EVM: security.sel
Hi All,
I am getting one issue while running the command *audit2allow *and below is
the
logs for the same :
After switching back to lower version, running "audit2allow -a" command
show below errors repeteadly and the command does not return:
libsepol.context_from_record: invalid security
29 matches
Mail list logo