Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [selinux]

NSA Security-Enhanced Linux (SELinux) is an implementation of a flexible mandatory access control architecture in the Linux operating system.

The SELinux architecture provides general support for the enforcement of many kinds of mandatory access control policies, including those based on the concepts of Type Enforcement®, Role- Based Access Control, and Multi-Level Security. Background information and technical documentation about SELinux can be found at http://www.nsa.gov/selinux.

681 questions
0
votes
1 answer

How to use Anaconda Python as CGI handler

I am setting up a simple web site that has a Python CGI script. Everything is working as long as I have selinux set in permissive mode. The issue is that I am using Anaconda and the SELinux context is all wrong. What is really annoying is that I…
Jodosh
  • 21
  • 3
0
votes
1 answer

Wordpress overloads LEMP

My current configuration: GCE f1-micro (1 vCPU, 0.6GB) Haswell, CentOS 7.2, NGINX 1.10.2, PHP 7.0.12 Static pages serve without issue. phpinfo() page servers without issue. WordPress setup page overloads CPU causing me to reset the…
Ryan Prentiss
  • 291
  • 5
  • 11
0
votes
0 answers

SELinux policy/rule causing Apache to serve assets from absolute path instead of document root

LAMP stack running CentOS Linux release 7.2.1511 (Core). I'm new to debugging SELinux but I'm currently experiencing an issue where once I switch it to run in enforcing mode and reboot, Apache then proceeds to serve contents from the webrooot…
sparecycle
  • 459
  • 1
  • 6
  • 19
0
votes
1 answer

httpd running as context unconfined_u:system_r:httpd_t:s0 (SELinux is in Permissive)

I'm experiencing an issue starting httpd: # service httpd status httpd is stopped # service httpd start Starting httpd: [Tue Nov 01 12:02:53 2016] [notice] SELinux policy enabled; httpd running as context unconfined_u:system_r:httpd_t:s0 …
alexus
  • 13,112
  • 32
  • 117
  • 174
0
votes
1 answer

SELinux "anon_hugepage" PHP-FPM Permission Error

Please explain the origin of the following error and why "anon_hugepage" is missing from my file listing. SELinux is preventing /usr/sbin/php-fpm from write access on the file /anon_hugepage (deleted). ***** Plugin restorecon (99.5 confidence)…
Ryan Prentiss
  • 291
  • 5
  • 11
0
votes
1 answer

Selinux audit log - translate

I would like to centralize all audit logs trough syslog in one server. I did setup it up and install setroubleshoot-server. In order to translate audit.log into human language, I would like to use sealert. Command : sealert -a…
Roman Bielich
  • 15
  • 1
  • 4
0
votes
2 answers

nginx permission denied to self signed certificate files for ssl configuration on CentOs

Very similar to this question but the solutions there did not solve my problem. I am trying to reverse proxy port 8443 to port 4000 with a self signed certificate. I generated my certificate like this openssl req -newkey rsa:2048 -sha256 -nodes…
RusinaRange
  • 11
  • 1
  • 5
0
votes
3 answers

SELinux allow samba to read /var/log

TL;DR SELinux is blocking samba from reading /var/log and all contents Problem With SELinux disabled, my samba users (sssd/kerberos joined to AD 2008 R2) can browse my shared directory /var/log. With SELinux enabled, it doesn't work. My…
bgStack15
  • 1,111
  • 1
  • 12
  • 23
0
votes
1 answer

SELinux is denying access to create a file, but comparing all selinux settings shows no problems

I have two Centos 7 systems that should be identical (other than data). I have a server process on server A that is being denied write access to a particular directory. The denial shows up as an SELinux denial. On server B, the same service is not…
JDS
  • 2,598
  • 4
  • 30
  • 49
0
votes
1 answer

SELINUX won't allow to upload images

I have a Centos 7 server with nginx and PHP7 and have a Problem with SELINUX if the SESTATUS is Enforcing I cannot upload images but if the Status is permissive it works. I host Magento on that Server so to add product images I need to upload the…
vTillmann
  • 11
  • 1
  • 8
0
votes
1 answer

Selinux disable but working underground on Centos 7

Disable full Selinux First edit /etc/selinux/config SELINUX=disabled Also try add to grub.conf selinux=0 kernel /vmlinuz-2.6.32-642.3.1.el6.x86_64 ro root=/dev/mapper/vg-lv_root rd_NO_LUKS KEYBOARDTYPE=pc KEYTABLE=es rd_NO_MD…
abkrim
  • 417
  • 7
  • 18
0
votes
1 answer

RHEL 6.5 kernel panic unfixable after setting selinux to disabled

This question is similar to Server won't boot, kernel panic - not syncing Background: I have set /etc/selinux/config and changed the line SELINUX=enforcing to SELINUX=disabled After rebooting it keeps reaching a kernel panic status... I have tried…
Lok.K.
  • 31
  • 1
  • 5
0
votes
1 answer

move mariaDb database to home folder

after install I'm trying to move the database location On fedora: # su # systemtcl stop mariadb # cp -rp /var/lib/mysql /home # chown mysql.mysql /home/mysql Next i'm editing the file /etc/my.cnf.d/mariadb-server.cnf from…
user363016
  • 1
  • 1
0
votes
1 answer

PHP cant connect to postgreSQL in Centos 7 Selinux

After migration to a new VPS and trying website on new server(Centos 7), Selinux somehow prevents http from accessing Postgresql: pg_connect(): Unable to connect to PostgreSQL server: could not connect to server: Permission denied Is the server…
Ehphan
  • 111
  • 2
  • 8
0
votes
1 answer

SELinux keeps blocking my Apache instance

I am using CentOS 7 and have set up a duplicate Apache instance using the systemd structure there. I can get both Apaches to run if I use setenforce 0. However, when I setenforce 1, the new Apache won't start. I did my best to go through all the…
Richard of Essex
  • 91
  • 2
  • 5
1 2 3
45 46