Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [selinux]

NSA Security-Enhanced Linux (SELinux) is an implementation of a flexible mandatory access control architecture in the Linux operating system.

The SELinux architecture provides general support for the enforcement of many kinds of mandatory access control policies, including those based on the concepts of Type Enforcement®, Role- Based Access Control, and Multi-Level Security. Background information and technical documentation about SELinux can be found at http://www.nsa.gov/selinux.

681 questions
2
votes
3 answers

centos7 xfs lmv cloning on smaller device

I'm going to repropose a question posted on stackoverflow a week ago, I'm sorry if someone found this spam but I still need help to solve this issue. I thought it could be useful also for others. First of all, I have a server based on Centos7 which…
rivaldid
  • 23
  • 3
2
votes
1 answer

Setting a port number inside my selinux module file

I'm trying to put together a small selinux module to further my understanding of selinux. I've defined a small daemon-like application type with its own port_type. The following code is a condensed version, replacing my own application type with…
briconaut
  • 125
  • 6
2
votes
1 answer

SELinux - Allow system_u and new SELinux user to log in via SSH

I am new to SELinux and I am still trying to figure out how everything works but my goal is to create a Linux account associated with either system_u or a new SELinux user and try to ssh to my machine using that account. However, when I try to ssh…
Jose
  • 21
  • 3
2
votes
2 answers

Opening a firewall port in RHEL 6.8

I am struggling to determine if a specific port is open according to the firewall in Redhat 6.8 I want to open port 2222. I have tried the following: system-config-firewall, running as sudo , and I have port 2222 described as a specific port to be…
RenegadeAndy
  • 121
  • 2
  • 9
2
votes
1 answer

Unable to access CentOS 7 Postgresql Server from another CentOS7 using PHP and PDO

The Beginning Server 1 is my CentOS 7 production server. It contains Apache, ssh and a Postgresql database. Server 2 is my CentOS 7 test server. It contains Apache, ssh and a test database. Both servers are set with firewalld to accept 22, 80 and…
ikel
  • 123
  • 1
  • 6
2
votes
2 answers

Network Administrator

I often need to deploy linux rpm style servers set up as templates for clients at remote sites around the world. Before selinux I would have a remote admin make a basic server at the same kernel level and with similar partitions to my template.…
Jim Grot
  • 21
  • 2
2
votes
3 answers

How do I modify SELinux to allow OpenDKIM to write to /var/tmp?

I tried this answer (https://serverfault.com/a/744756/123651) but it still gives an error. Jan 7 23:56:33 ip-172-31-15-65 opendkim[24223]: AF15521407: dkim_eoh(): resource unavailable: can't create temporary file at…
Chloe
  • 1,164
  • 4
  • 19
  • 35
2
votes
2 answers

Spamassassin: failed to open file /usr/local/spamassassin/spamfilter.log: Permission denied

I'm trying to follow this tutorial https://www.rosehosting.com/blog/how-to-install-and-integrate-spamassassin-with-postfix-on-a-centos-6-vps/ But Spamassassin is giving an error [root@ip-172-99-99-99 ~]# service spamassassin restart Stopping spamd: …
Chloe
  • 1,164
  • 4
  • 19
  • 35
2
votes
0 answers

Creating multiple SFTP users in Centos (installed in AWS EC2) with SELinux

I am having difficulty letting others FTP/SFTP to our site. I have multiple Virtual Name Servers created and each of them running their own website. So , I would like to give FTP/SFTP access to users. I followed the same steps as described in this…
Vic85
  • 83
  • 1
  • 3
2
votes
1 answer

CentOs 7 & SELInux: User cant write in the Webroot of Apache

My user can't add, modify or delete apache/php files without sudo. My enviroment is: CentOS Linux release 7.2.1511 SELinux status: enabled Current mode: enforcing Apache …
Lenin Meza
  • 161
  • 1
  • 7
2
votes
2 answers

MySQL tmpdir on /dev/shm with SELinux

On RHEL5, I have a small MySQL database that has to write temp files. To speed up this process, I would like to move the temporary directory to /dev/shm by putting the following line into my.cnf: tmpdir=/dev/shm/mysqltmp I can create…
user21715
  • 81
  • 1
  • 2
  • 8
2
votes
1 answer

View, compare, and copy SELinux configurations between machines?

I have two machines running the same JBoss and HTTPD setup. They started from the exact same install of RedHat 7 and the same process was followed to install everything on both machines. On one machine, everything works perfectly fine with SELinux…
ArtOfWarfare
  • 137
  • 2
  • 11
2
votes
0 answers

SELinux - FCGID program being blocked and no log on /var/log/audit/audit.log

I have a setup where a certain link on my Web Server is redirected to a FCGID module. When I disable SELinux with 'setenforce 0' the site works. When I enable it won't work, it gives me a "Error 500 - Internal Server error". I'm used to fixing these…
Vitor Boufleur
  • 21
  • 2
2
votes
1 answer

xdebug remote centos host from mac

I have a server running CentOS7, PHP7.0.7 with php-fpm, and SELinux. I am trying to debug a PHP script running on that server. And I have a Mac machine that runs PHPstorm where I intend to do the debugging. I followed this guide to Phpstorm. Here's…
Vasily802
  • 121
  • 5
2
votes
1 answer

Allow SELinux, Nginx to read local file and make outbound connection

I am a new admin to a server which uses CentOS 7, nginix and php-fpm. There is a web form that needs to read a local file (prod.pem) and then make an outbound connection to either: gateway.push.apple.com:2195 gateway.sandbox.push.apple.com:2195 In…
jftuga
  • 5,731
  • 4
  • 42
  • 51
1 2 3
45 46