Skip to main content
Super User

Questions tagged [selinux]

Ask Question

Security-Enhanced Linux (SELinux) is a Linux kernel security module that provides a mechanism for supporting access control security policies.

132 questions
Newest Active Bountied Unanswered
0 votes
1 answer
457 views

How do I run a War File in confined SELinux domain on CentOS7?

I am currently working on the deployment of my Java Web Application. This application is available to me as a WAR file. My goal is that the application starts with a limited SELinux startup. This ...
mm0004's user avatar
mm0004
  • 1
-1 votes
1 answer
295 views

What is the different between file with Selinux Context and without Selinux Context?

Good day, Today I compare file permission of 2 environment. Found that 1 of it having the dot at the end of the permission, but another environment no have. Environment 1 (with Selinux Context): -...
Panadol Chong's user avatar
Panadol Chong
  • 291
1 vote
1 answer
2k views

Mounting docker into container shows executable but errors with: /usr/bin/docker: No such file or directory

Enviornment details $ docker --version Docker version 19.03.4, build 9013bf583a $ hostnamectl Static hostname: ohpc.novalocal Icon name: computer-vm Chassis: vm ...
Arthur Weborg's user avatar
Arthur Weborg
  • 111
0 votes
3 answers
4k views

Cannot execute systemd service running as a non privileged user on CentOS 8

There is (maybe) a change between CentOS 7 and 8 in regard of systemd and selinux I yet do not know how to deal with this. For some reason (cross distribution compat) we are using postgresql 9.6 from ...
Rosch's user avatar
Rosch
  • 21
1 vote
1 answer
483 views

syslog-ng starts and runs fine manually... starts but doesnt create logs when using systemd

Redhat 7.6 with latest syslog-ng (3.22) ive searched and tried all the old remedies. Nothing has worked to resolve this. My syslog-ng.conf file has a bunch of ports and a bunch of destinations. When ...
Carver Stone's user avatar
Carver Stone
  • 23
0 votes
2 answers
214 views

SELinux blocking procmail from executing dspam but no AVC message

I have a CentOS 7 system in which I use postfix as the MTA. Certain users use procmail via .forward in their home directories: # cat .forward "|exec /usr/bin/procmail -f- || exit 75" In this case, I ...
cfiske's user avatar
cfiske
  • 3
0 votes
1 answer
2k views

Fedora 30 boot freeze - Failed to load SELinux policy

Updated Fedora 30 (workstation) via CLI sudo dnf upgrade -y everything ok, updates downloaded and installed. SELinux configuration file is set as follows: SELINUX = disabled Then reboot. System ...
GabrieleMartini's user avatar
GabrieleMartini
  • 624
1 vote
1 answer
785 views

Generate selinux policy from audit2allow

I need to upload to aws from logrotate. When the logrotate is triggered the SELinux blocking it. The error line is type=AVC msg=audit(1562162502.670:101127): avc: denied { name_connect } for ...
GergA's user avatar
GergA
  • 173
0 votes
1 answer
767 views

How to grant 'search' permission in SELinux

I am trying to get dspam working under SELinux (CentOS 7). I added the following without issue: allow dspam_t dspam_rw_content_t:dir getattr; allow dspam_t dspam_rw_content_t:file { append getattr ...
cfiske's user avatar
cfiske
  • 3
1 vote
0 answers
332 views

You don't have permission to access /{local} on this server even though allowed from all

I'm trying to set up a local repository on my cluster but when I try to access to the defined directory with curl "http://$(hostname -f):80/local_HDP/" , the error messages shown <html><...
Banthita Limwilai's user avatar
Banthita Limwilai
  • 11
0 votes
1 answer
3k views

Set permission and ownership correctly, still getting "storage/logs/laravel.log" Permission denied

There are lots of Q&As for this problem: "storage/logs/laravel.log" could not be opened: failed to open stream: Permission denied The solution, correctly, is to set the right permissions for ...
Pedram Behroozi's user avatar
Pedram Behroozi
  • 101
0 votes
0 answers
47 views

sh(conf) script can not run php file

I am trying to run a php script within my fail2ban action file. When I disable selinux everything works fine, but when I enabled it again I get a constant error in my fail2ban log. php.conf (action) ...
Riccoh's user avatar
Riccoh
  • 101
0 votes
1 answer
270 views

Why has my existing Nginx failed to run after rebooting the system which says 13: Permission denied, although chmod 777?

My Nginx configured with docker. but when I reboot my system my existing nginx failed to run, I face the error message: [emerg] 1#1: open() "/etc/nginx/nginx.conf" failed (13: Permission denied)
Sayem's user avatar
Sayem
  • 1
0 votes
1 answer
421 views

Change SE Linux context label of a specific folder inside a cifs mount

I have cifs mount on my setup mounted via /etc/fstab with context set to system_u:object_r:cifs_t:s0. There are some specific folders that I want to override default context to set public_content_t ...
Lolitha Ratnayake's user avatar
Lolitha Ratnayake
  • 35
4 votes
2 answers
10k views

How to run an X11 application (xclock) on podman?

podman says Error: Can't open display: localhost:10.0 when I try to run xclock in a container with the command podman run -ti -e DISPLAY --rm -v ~/.Xauthority:/root/.Xauthority:Z localhost/...
Erik Sjölund's user avatar
Erik Sjölund
  • 336

15 30 50 per page
1 2
3
4 5
9