Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [selinux]

NSA Security-Enhanced Linux (SELinux) is an implementation of a flexible mandatory access control architecture in the Linux operating system.

The SELinux architecture provides general support for the enforcement of many kinds of mandatory access control policies, including those based on the concepts of Type Enforcement®, Role- Based Access Control, and Multi-Level Security. Background information and technical documentation about SELinux can be found at http://www.nsa.gov/selinux.

681 questions
0
votes
1 answer

change selinux property of a file?

Possible Duplicate: Permission denied in vhost document root Apache cant process my files due to forbidden error, searching resulted that it might be because of selinux, how can I change selinux policy of a specific file? It's Centos 6.x
Zim3r
  • 1,454
  • 5
  • 24
  • 45
0
votes
1 answer

redhat Apache fast-cgi selinux permissions

My apache installation is running php as fastcgi, and the virtual hosts are pointing to /home//public_html. and the fastcgi are home//cgi-bin/php.fcgi the public_html setup with selinux was: /usr/sbin/setsebool -P httpd_enable_homedirs 1 chcon…
Alejo JM
  • 204
  • 3
  • 9
0
votes
1 answer

Can sealert display the full command of a denied access request?

I am managing a Red Hat Enterprise 5 system using Chef. Something within sequence of configuration commands is generating selinux alerts such as: SELinux is preventing iptables (iptables_t) "read" to /superhome/dir (user_home_dir_t). However when I…
EdwardTeach
  • 632
  • 9
  • 20
0
votes
2 answers

CGI script fails to open a socket (CentOS 6.2/Apache2)

I have a webserver running CentOS 6.2 and the latest Apache from repositories. Todey I encountered a problem when running an executable program via CGI on Apache. The program is supposed to connect to some site, download something and then returns…
user81458
0
votes
1 answer

Do I need to chroot BIND 9 if I'm using AppArmor?

Possible Duplicate: bind9 in a chroot jail - necessary or not? I'm redoing my external dns servers and thinking about skipping chroot this time. And using apparmor or selinux as an alternativen. Any thoughts? I'm using team cymrus bind template…
falkowich
  • 1
0
votes
2 answers

Can't open/forward port with Fedora15

I've got a server running Fedora 15. My end goal is to be able to forward any protocol over random port numbers (specified via iptables rules.) Let's say, for the time being, I want to forward port 12345 to a webserver inside the network. We'll…
Warren Krewenki
  • 101
  • 1
0
votes
1 answer

SELinux AVC denies at boot

My Gentoo box is running Gentoo Hardened/SELinux (32bit), I followed the Gentoo Hardened Guide to install it and the machine doesn't boot. Here is an extract from dmesg: Mar 12 19:15:04 localhost kernel: [ 1.961353] type=1400…
thpetrus
  • 67
  • 1
  • 1
  • 10
0
votes
2 answers

CentOS 5.6: Apache access permission after .htaccess upload

I was working on my home server remotely and wanted to make some changes to my .htaccess. I could not see this file using my FTP(filezilla) and thought there was none there. I decided to upload one I had in my computer to my server in public_html…
AKKAweb
  • 149
  • 1
  • 5
0
votes
1 answer

SELinux: allow Zend webapp to read/write to tree outside htdocs

I have a Zend web application running on a CentOS server with SELinux running in permissive mode (i.e. access-control decisions are recorded in /var/log/audit/audit.log but not enforced). The application allows people to upload files, which are…
Eric Rath
  • 483
  • 1
  • 5
  • 11
0
votes
1 answer

Nginx serves files under root dir, but not from subdirs

I am running nginx on Ubuntu 11.10 with php-fpm and SELinux. The site is served over https/ssl Content that is directly under any sites root dir is served, but when trying to access a subdirectory the following is added to /var/log/nginx/error.log: …
Alasjo
  • 103
  • 7
0
votes
3 answers

Apache Documentroot access forbidden

Running Arch Linux I am trying to get apache to use /www (not /var/www) as DocumentRoot. /www is a softlink to /home/user/www. However, I keep getting an "Access Forbidden" error. The / and /home folders are part of different partitions. Could this…
user60129
0
votes
4 answers

How does SELinux affect the /home directory?

I'm migrating a CentOS 5.3 system from MySQL to PostgreSQL. The way our machine is set up is that the biggest disk partition is mounted to /home. This is out of my control and is managed by the hosting provider. Anyway, we obviously want the…
Matt Solnit
  • 913
  • 2
  • 11
  • 16
0
votes
1 answer

How do I configure SELinux on Centos 6 for cobbler?

I have installed and configured Cobbler on my centos 6 "installation server". From what I think I did all the configurations I'm supposed to. The installation was performed with my own customized python script that can be found here. But basically…
Arlukin
  • 1,203
  • 6
  • 18
  • 27
0
votes
4 answers

FC14 available TCP ports?

I am installing an application on Fedora Core 14 that uses a lot of sockets (eight of them) for TCP communication between various servers, all running on the same localhost. I've been trying to find some info on what ports are generally open on…
Steve
0
votes
1 answer

3ware SNMP plugin does not work with selinux

Anyone have experience using 3ware's SNMP library under SELINUX? I get the following error: snmpget -v 2c -c pub hostname TW-RAID-MIB::twRaidUnitStatus.1 Error in packet Reason: noCreation (That table does not support row creation or that object…
80skeys
  • 765
  • 2
  • 9
  • 15
1 2 3
45 46