Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [selinux]

NSA Security-Enhanced Linux (SELinux) is an implementation of a flexible mandatory access control architecture in the Linux operating system.

The SELinux architecture provides general support for the enforcement of many kinds of mandatory access control policies, including those based on the concepts of Type Enforcement®, Role- Based Access Control, and Multi-Level Security. Background information and technical documentation about SELinux can be found at http://www.nsa.gov/selinux.

681 questions
0
votes
2 answers

SSH works but tunneling or SFTP doesn't. Why?

since 2014 I've got a server from SoYouStart, with Centos 7. It worked perfectly, but now I had to install again the OS. Now I'm configuring all the services to work again. I need to connect to the server with SSH tunneling to Mysql (now MariaDB)…
Akylle
  • 41
  • 1
  • 1
  • 5
0
votes
1 answer

CentOS 7 Cannot delete ports defined for MongoDB

I installed and later removed the MongoDB server on a CentOS 7 box. While cleaning up, I noticed that the ports assigned to MongoDB were still open. if I remember correctly, I was able to delete the main port (28017), but there are still two ranges…
EK0
  • 235
  • 2
  • 8
0
votes
1 answer

Docker 1.6.0 on RHEL 6.5 with SELinux, can't run containers without root

I'm trying to run a container on a RHEL 6.5 but I keep hitting this problem: sudo docker run -u postgres -it registry/postgres /bin/bash /bin/bash: error while loading shared libraries: libtinfo.so.5: cannot open shared object file: Permission…
Oscar Renalias
  • 1
  • 2
0
votes
1 answer

SELinux - mysql/ and httpdoc/ in same folder?

Looks like my old faithful LAMP directory structure has come unstuck with SELinux. I prefer everything in the same place. CentOS 6.6 Apache 2.2.15 MySQL 6.5 /DATA/ /DATA/httpdocs/ /DATA/mysql/ /DATA/server-config.php /DATA/httpd-error.logs... If I…
dave.zap
  • 187
  • 1
  • 6
0
votes
1 answer

ports to open to access samba share

When I turn off my iptables service, I can successfully list my samba shares. But when I turn it back on, I cannot access them at all. Also, my SELINUX is set to permissive Here is my current iptables configuration: # Firewall configuration written…
kapitanluffy
  • 139
  • 1
  • 1
  • 8
0
votes
0 answers

PHPINFO creates Permission Denied in error log

Running CentOS 7 with apache 2.4, using PHP5.6 from REMI repository. My wordpress and phpmyadmin seem to work, however any page that has phpinfo() causes a permission denied entry into my error log. Digging around the best I could find that may hint…
DontStealMyFish
  • 108
  • 1
  • 2
  • 13
0
votes
0 answers

selinux-policy update prevents ssh into ec2. Now what?

I created a new EC2 instance using the official CentOS 7 (x86_64) HVM image. I ran: yum upgrade At: Running transaction Warning: RPMDB altered outside of yum. Updating : 32:bind-license-9.9.4-14.el7_0.1.noarch …
Plutext
  • 143
  • 1
  • 9
0
votes
1 answer

httpd trying to access root-owned session files

While looking into what's been causing a server to lock up/crash, I found many selinux messages in /var/log/messages. For example: setroubleshoot: SELinux is preventing /usr/sbin/httpd from getattr access on the file…
Reese
  • 148
  • 10
0
votes
1 answer

Varnish 4 service won't start because of selinux

I've installed varnish 4 on my new centos 6.5 box. I've activated EPEL repo to install varnish from http://repo.varnish-cache.org/redhat/varnish-4.0/ After installing and configuring my default.vcl I can't start service varnish, I always get…
k4cy
  • 213
  • 1
  • 9
0
votes
1 answer

SELinux problems running Expect script from fail2ban

I have an Expect script that works fine if I run it manually, but fails when run as an action from Fail2ban. The error message is as follows: spawn /usr/bin/telnet 192.168.242.1 The system has no more ptys. Ask your system administrator to create…
miken32
  • 942
  • 1
  • 13
  • 35
0
votes
0 answers

Setting up muli-project web development server

I'm trying to set up a development server that will be used for several (web) projects by different teams (consisting of different people, some of which may be involved with more than one project). I do trust all of my users, however for legal…
Bart Platak
  • 125
  • 1
  • 6
0
votes
1 answer

httpd (WordPress) gets avc denied write (SELinux)

I'm getting following message in my /var/log/audit/audit.log: type=AVC msg=audit(1402615093.053:68): avc: denied { write } for pid=799 comm="httpd" name="php" dev="xvda1" ino=8667365 scontext=system_u:system_r:httpd_t:s0…
alexus
  • 13,112
  • 32
  • 117
  • 174
0
votes
1 answer

My virtual users can't Chroot()

I'm configuring a Proftp server in a Fedora 20 Linux server. All my real users are loging in perfectly but not the case with the virtual users. Virtaul users are in the SQL table and mod_sql.c is locating the data and approving the login. Checking…
Rafael
  • 155
  • 1
  • 1
  • 13
0
votes
1 answer

VSFTPD - 0.00Kbyte/sec - intermittent

I can't get a good connection via FTP to my DigitalOcean server. I set it up following this guide. Symptoms: Sometimes I can upload the file I am working on, sometimes I can not. (same file, same permissions, etc.) Troubleshooting: The Trace Route…
Heath
  • 1
  • 1
0
votes
1 answer

Unable to start the Phusion Passenger - Cannot change the directory - Operation not permitted (errno=1)

I'm running Red Hat Enterprise Linux Server release 6.4 (Santiago) on Amazon EC2. I have installed Phusion Passenger via a gem. When I start httpd I have this error message in less /var/log/httpd/error_log [Tue Jan 21 08:07:43 2014] [notice]…
Gerep
  • 103
  • 4
1 2 3
45 46