Questions tagged [selinux]

NSA Security-Enhanced Linux (SELinux) is an implementation of a flexible mandatory access control architecture in the Linux operating system.

The SELinux architecture provides general support for the enforcement of many kinds of mandatory access control policies, including those based on the concepts of Type Enforcement®, Role- Based Access Control, and Multi-Level Security. Background information and technical documentation about SELinux can be found at http://www.nsa.gov/selinux.

681 questions

votes

2 answers

Give apache user permission to read directory

UPDATE: Saw this question: https://stackoverflow.com/questions/515243/why-cant-my-apache-process-write-to-my-world-writeable-file Could this be SELinux related, currently /etc/sysconfig/selinux is setting to…

asked Mar 02 '11 at 06:33

gAMBOOKa

votes

1 answer

kernel: audit(1298407016.926:258): avc: denied

My Server is showing following text in its log file. kernel: audit(1298407016.926:258): avc: denied { name_connect } for pid=13945 comm="httpd" dest=21 scontext=system_u:system_r:httpd_t:s0 tcontext=system_u:object_r:ftp_port_t:s0…

ftp rhel5 selinux

asked Feb 23 '11 at 07:17

Prabin Dahal

votes

2 answers

Selinux/MySQL permissions issue in a new iSCSI disk: not allowed default_t context

I've a server with MySQL installed and running, and an iSCSI disk (with multipath) connected and running OK. The iSCSI disk uses /emc as mountpoint. My problem is when I move MySQL datadir to a new dir on de iSCSI disk, i.e., to /emc/lib/mysql. The…

mysql iscsi selinux

asked Feb 07 '11 at 10:43

ARemesal

votes

1 answer

Cannot write log file 'ffmpeg2pass-0.log' for pass-1 encoding: Permission denied

Our PHP application is installed as 'root' on a Redhat5/CentOS system at: /var/www/html/beta/ After disabling SELINUX in order to allow these scripts to execute other programs on the system - What permissions are needed to run a system() command…

apache-2.2 php selinux ffmpeg

asked Oct 25 '10 at 11:14

siliconpi

1,807
6
32
46

votes

1 answer

SELinux has denied sendmail access to potentially mislabeled file(s)

Has everyone every recieved this SELinux error? SELinux has denied sendmail access to potentially mislabeled file(s) (2F746D702F746D70664A6163564B62202864656C6574656429) What is with that file name? I have been receiving these in my emails…

centos selinux

asked Oct 15 '10 at 15:37

Metropolis

votes

2 answers

enabling CentOS selinux

I installed Centos 5.5 and by deafult SElinux was disabled. I did changes in /etc/selinux/config and now it looks like this. SELINUX=enforcing SELINUXTYPE=targeted SETLOCALDEFS=0 and rebooted the system. But even after the reboot when I do check…

centos selinux

asked Oct 14 '10 at 06:50

Mukesh Yadav

votes

3 answers

Would you like to enter a security context?

When I login , it asks me "Would you like to enter a security context?" I have SELinux enabled ..I'm using Fedora 12. How to resolve this?

linux selinux

asked Sep 06 '10 at 08:06

webminal.org

votes

1 answer

How can I start Fedora Directory Service with SELinux enabled?

I just did a fresh base install of fedora 12, and did a yum install 389-ds. I went through the included setup script (setup-ds-admin.pl) and everything started fine and was working normally. I could access the directory server and login using the…

linux selinux 389-ds fedora

asked Feb 26 '10 at 20:03

TrueDuality

1,874
5
27
37

votes

0 answers

SELinux on RHEL8 with Gunicorn and nginx has problems with saving file into diretory

I have Django application running on RHEL8 via Gunicorn and nginx. All works fine in case of testing with SELinux disabled. When I enable SELinux, there is a problem with saving the picture from Website form i got Server Error (500). Looking into…

nginx selinux gunicorn

asked Aug 17 '23 at 13:22

Marek

votes

0 answers

Protecting a Linux against root users

I'm searching for a way to "protect" a Linux operating system against (root) users that can potentially misbehave. My threat model is the one of university students, having access to root password of desktops (to deal with network configuration,…

linux security selinux overlayfs

asked Jul 06 '23 at 08:15

user19917937

votes

2 answers

Can mount on /mnt but not on other mount point, why?

this is an RHEL8 VM. I'm trying to mount a logical volume on /var (because I need more space). For now I have created a directory /xvar to mount on, but it doesn't work and doesn't show an error. Below an example, I first mount on /mnt, check that…

lvm selinux rhel8

asked May 09 '23 at 13:09

musbur

votes

1 answer

Remote call of NRPE comman fails in one case, while succeeding locally in all

I have amazingly strange issue with monitoring a CIFS (SMB) shared folder mounted to Linux machines by Nagios + NRPE. NRPE process runs on the Linux machines under dedicated user nrpe: # systemctl status nrpe nrpe.service - Nagios Remote Program…

nagios selinux rhel7 nrpe

asked May 03 '23 at 08:43

Cat Mucius

votes

1 answer

SELinux policys keeping Tomcat from starting

On a newly built Oracle Linux 8 server i added a drive and file system, then put put Apache Tomcat on that file system via the tarball. Now when starting Tomcat via a services file, I get an error saying Tomcat has not started, and my journalctl…

tomcat selinux systemctl rhel8

asked Apr 04 '23 at 13:59

Eric W

votes

0 answers

How to sudo using SELinux? The example given in the Red Hat security document isn't working for me

Following the instructions at:…

redhat selinux

asked Mar 10 '23 at 01:46

DumbNewbie

votes

0 answers

SELinux is preventing /usr/bin/mongod from search access

My question is similar to others, such as SELinux preventing mongod search access. In this case, I installed snapd for a reason entirely unrelated to Mongodb. That was about a week ago (2/5/2023). That package created /var/lib/snapd. Just this…

mongodb selinux

asked Feb 16 '23 at 17:09

Scott Anderson

Prev 1 2 3

…

45 46 Next