Server :: Can Set Selinux To Permissive / When Reboot It Turns Back On?
Jul 19, 2010It seem that I can set selinux to permissive but when i reboot it turns back on? Can I unistall it? I am running RED HAY 5 and Centos 4
View 2 RepliesIt seem that I can set selinux to permissive but when i reboot it turns back on? Can I unistall it? I am running RED HAY 5 and Centos 4
View 2 RepliesI made the Selinux inactive with easylife how can I reactivate it.
View 6 Replies View RelatedI don't think it has anything to do with the config file. More to do with SElinux. I need to know how to configure SElinux so I can see my samba share when SELinux is on. When I setenforce 0 I can seen all the files and folders set it to setenforce 1 cannot see anything.
Here is the output when I ran [root@fileserver /]# getsebool -a | grep smb
allow_smbd_anon_write --> on
smbd_disable_trans --> on
These two options were off I tried turning them on.
This is another one of the commands I tried running. I did change a few options but I am not sure which I do need to change. I am running a stand alone server so I don't need the DC option.
[root@fileserver /]# getsebool -a | grep samba
samba_domain_controller --> off
samba_enable_home_dirs --> off
samba_export_all_ro --> on
samba_export_all_rw --> off
samba_share_nfs --> off
use_samba_home_dirs --> on
I can also post a copy of my smb.conf file too.
I have a fresh install of openSuse 11.3 installed. But after the install the auto reboot nothing happens screen turns off, I restart comp grub came up.
OpenSuse (Default)
Failsafe openSuse
Windows 7
I select default the little gecko loading screen comes up then after 15sec screen goes black screen actually goes into idle mode, button pressing mouse moving nothing effects it. I reboot again select failsafe, text screen comes up going through list everything green, then screen turns black doesn't go into standby just black screen. I reboot try default with nomodeset loading runs same as failsafe except when comes to x-server screen goes black.
I have 2 displays a 18" Dell digital lcd Monitor, and my 26" TFT TV, They are both connected to a Gigabyte Nvidia GeForce 8400 GS, TV with HDMI and Monitor with DVI-I. I have a second 18" Dell LCD Monitor, which I had connected with D-Sub but I couldn't get all 3 working so disconnected second monitor, as i wanted tv over monitor. I had ubuntu 10.10 running before the opensuse 11.3 install it worked fine but i wanted to try suse.
I thought it might have been that I was picking KDE desktop then adding Gnome later in installation, so tried reinstalling default install same problem, tried gnome alone same issue, tried gnome and KDE and same issue. so i put original idea back on KDE and gnome later in install. and im sticking with this until I fix as its the one I want. But if I really have to I will switch back to ubuntu. I have no Linux experience.
I had 11.3 running for quite some time without any problem. The upgrade to 11.4 was ruined for some reason (only got commandprompt login) and the message that Xorg.0.log couldn't be copied. Decided to install 11.4 from scratch, but since the install my screen flashes every 20 seconds or so to black screen and and after 1 second back to normal. There is no interruption of any other task like typing. Card: FeForce FX5200 card. Can someone please point me to a solution? Also, my monitor (Philips 150S) is not recognized. How can I change that without changing xorg.conf by hand?
View 1 Replies View RelatedI was encountering a problem with tcsh/csh on FC 10 and decided to uninstall SELinux coreutils through the package manager. The process took quite long and when it was about to finish the screen started blinking and the keyboard was not responding. I rebooted but couldn't restart, the process stucks when the progress bar becomes white! I later tried the live CD and found out that coreutils have been removed too, so I installed them but nothing changed.
View 1 Replies View Relatedsuspend has always worked fine with 11.04 and now it stopped working a few days ago. How can I figure out what is going on? The display turns off but the computer never turns off and the only way to bring it back is to hold the power button down and then start it back up.
View 5 Replies View RelatedI have a disturbing problem with my monitor which goes to sleep (or ??) after few minutes if my comp is not used and most of the time I have to restart my comp.I disabled everything in Powersave , but nothing. I did have that problem in previous versions of SUSE, but somehow, I solved that. I cant remember what I did then.
View 4 Replies View RelatedYou can find a list of all the booleans for SELinux (Fedora 10) using getsebool -a My question is, is there a reference online that describes each one. Most of obvious but it's one of those "I have to know because it's there situation).
View 5 Replies View RelatedI have two separate Linux installations on my system which I can access from grub. Is there a way to get back to the grub menu to access the other system without having to reboot?
View 2 Replies View RelatedSuddenly Ubuntu goes into low-graphics mode the last couple of days I have had to reboot my Ubuntu-workstation when the screen suddenly goes black. After some seconds I get a pop-up with the message: Ubuntu is running in low-graphics mode. There is some buttons that tells me I can do different things but whatever I do I end up loosing all windows I worked in earlier. And having to reboot to get back full resolution [URL].
View 2 Replies View RelatedGoogle brought me no love on this one, tried searching here with little luck as well. So I'm hoping somebody vastly more experienced than I can shed some light on my plight.
The situation:
I have a CentOS 5.3 x64 server running the latest cPanel which works fantastic. I issued a graceful reboot and the server came back up (according to the DC) just fine to a login prompt. Apparently the system lost all of its IP address configuration. Primary IP, secondary IP's gateway, you name it and it was gone. Now my secondary IP's were showing in cPanel after I had the DC re-enter my main IP address/gateway. But listed as not active due to the fact that they were not anywhere to be attached to the interface. i.e. eth0:1 eth0:2 etc and so on.
I have no idea where to begin looking for this problem and am afraid to reboot it again (at least until I get my lantronix spider up there). I've never experienced this with any of my other CentOS/cPanel servers either. All similar configurations CentOS 5.3 x64, latest cPanel as well. My hardware is all Supermicro gear as well and has been solid in the past.
Maybe I'm just missing something, granted I've only been managing Linux based servers for about two years now. This is actually the first real problem I've ran into on any Linux distro, they are normally pretty solid. So I assume it's a configuration error on my part somewhere.
I had Oracle install on my machine and there were some ASM partitions. after uninstall of oracle some how it removed the swap space and now is showing:
[Code]...
Rebooted my server after some funky stuff started happening with mysql. Turns out the drive that stores the mysql databases has gone missing. I did an fdisk, and the partition table is gone. I used gpart to see if there were any partitions available & there were -- two + one swap. Can you help me put this back together I know very little about reconstructing a table to use... Here is the output of what I've talked about...
b14:~# fdisk -l
Disk /dev/sda: 164.6 GB, 164696555520 bytes
255 heads, 63 sectors/track, 20023 cylinders
[code]....
Using Windows, I always set a Restrictive firewall policy with a third party firewall. But I also had all ports set to Stealth, something that appears to not offer any security benefits (as I've learned from reading Ubuntu forums). I'd like to learn about best security practices (under Ubuntu) for outgoing firewall protection. I will be using the built-in Ubuntu firewall that is configured via Firestarter. Outgoing filtering offers privacy as well as security benefits. But I thought I needed my ports stealthed to be safe too, so I'm open to learning new things.
I wanted to start a poll to find out how many folks use permissive/restrictive, but no polls allowed here apparently.Could Ubuntu users knowledgeable about firewalls enlighten me on whether I should go Outbound-Restrictive and what applications I will need to allow so Ubuntu "housekeeping" is not affected negatively? I basically just use the internet for software updates, web-surfing and e-mail. One question I have is whether there is something comparable in Ubuntu to Window's "DNS Client" service? I always disabled Window's "DNS Client" and forced each application to request port 53 DNS lookups itself.I only had to allow four programs to accomplish all internet traffic that I engage in. I set all other programs/applications to be either Blocked or to have to Ask for an outgoing connection as needed.Here is my former Windows XP setup:
svchost.exe: allow UDP for ports 53, 67, 68, 123 (time) and TCP for ports 80, 443
Avast: allow UDP for port 53 and TCP for port 80
firefox: allow UDP for port 53 and TCP for ports 80, 443
IE: allow UDP for port 53 and TCP for ports 80, 443
Is there a way to put Linux in hibernation, then reboot and resume when it boots back?
This would be amazing in combination with dual booting.
I'm using CentOS 5.3, and I want to allow my samba server from selinux. I disabled my selinux and it works fine, but I want to keep my seline firewall on and want to allow other workstation to access my samba server.
View 8 Replies View RelatedI'm using Redhat 5 with a video card nvdia fx 1500 and a zalman zm-m220 monitor
Has anyone configured a 3D monitor with redhat?
I'm trying to set the resolution to 1680x1020. I edit /etc/X11/xorg.conf and try to manually enter the resolution but after a reboot it goes back to the default.
which is the file i need to edit to manually enter the resolution.
I'm getting the error described in this bug. The fix is described in the bug:Code:The following additional SELinux permissions were found to resolve the situation:
samba_domtrans_winbind_helper(httpd_t)
allow httpd_t winbind_helper_t:process signal;
apache_append_log(winbind_helper_t)
[code].....
am trying to Selinux in enforcing mode, but its giving below error.I have Ubuntu server 10.10root@ubuntu:/common# setenforce 1setenforce: SELinux is disabled
View 1 Replies View RelatedI always thought that whenever /usr/sbin/setsebool was used, it would write either a "0" or a "1" into the corresponding boolean file. All SELinux boolean files are in /selinux/booleans but If I check, for example, this boolean ...
[Code]....
I've got a red hat box joined to a win 2k3 domain and I'm using pam_mkhomedir.so to create user's home directories on first login to the box. extract from /etc/pam.d/sshd Code: session required pam_mkhomedir.so skel=/etc/skel umask=0022 The problem I have is that this only works if I switch SELINUX off (i.e. set enforcing to disabled ). Unfortunately, the error messages are not very helpful. Extract from /var/log/secure below:
[Code]...
I always thought that whenever /usr/sbin/setsebool was used, it would write either a "0" or a "1" into the corresponding boolean file. All SELinux boolean files are in /selinux/booleans but If I check, for example, this boolean ...
$ sudo /usr/sbin/getsebool ftp_home_dir
ftp_home_dir --> on
It returns a positive, but if I do
$ sudo less /selinux/booleans/ftp_home_dir
I get ... read error (Press Return)
Furthermore, if I list the boolean file itself, it shows it to be empty
$ sudo ls -l /selinux/booleans/ftp_home_dir
-rw-r--r-- 1 root root 0 Aug 9 11:09 /selinux/booleans/ftp_home_dir
Where is SELinux storing the booleans then?
This is on CentOS 5.4
I'm able to connect to ftp as a virtual user. It was also difficult as nowhere mentioned, that it should be done with SSL. Anyway I found the answer and got connection. But now I can't connect to ftp server as system user. It gives me "530 Permission denied", or if I delete the user from the file denied_users, - "530 Login incorrect".
1. Still I can't understand, how I can log in to FTP server with a system user.Also some other questions regarding this matter:
2. My httpd server Apache has a virtual hosts located in "/home" directory.The scripts create users in "/var/ftp virtual_users". Will it cause any problem if I will change them to "/home"? All I need to do with this is ability to have several virtual hosts in one server with separate access to each of them via FTP. And 1 account with access to all files in "/home".
3. In my ftp client I can see the owner of virtual host "ftp" instead of username.
Whenever i restart postgres in my server, Selinux is not letting it log anything. In /var/log/messages, it says.
Quote: Jan 28 14:15:43 dataserver kernel: audit(1264709743.263:38): avc: denied { append } for pid=5986 comm="postmaster" name="pgsql.log" dev=sda8 ino=3932166 scontext=root:system_r: postgresql_t tcontext=root: object_r:var_log_t tclass=file
Jan 28 14:15:43 dataserver kernel: audit(1264709743.263:39): avc: denied { append } for pid=5986 comm="postmaster" name="pgsql.log" dev=sda8 ino=3932166 scontext=root:system_r: postgresql_t tcontext=root: object_r:var_log_t tclass=file
I cannot disable SeLinux in this server.
I don't think it has anything to do with the config file.More to do with SElinux. I need to know how to configure SElinux so I can see my samba share when SELinuxis on. When I setenforce 0 I can seen all the files and folders set it to setenforce 1 cannot see anything.Here is the output when I ran [root@fileserver /]# getsebool -a | grep smballow_smbd_anon_write --> onsmbd_disable_trans --> onThese two options were off I tried turning them on.This is another one of the commands I tried running. I did change a few options but I am not sure which I do need to change. I am running a stand alone server so I don't need the DC option.
[root@fileserver /]# getsebool -a | grep samba
samba_domain_controller --> off
samba_enable_home_dirs --> off
[code]....
I decided that I'd torture myself and try to get a server up and running with SELinux fully enabled. I so far have figured out virtual hosting, vsftpd, and SSH to work with it nicely, but I can't figure out what to do to get AWstats to be viewable through a browser with SELinux enabled. This is what I get from /var/log/messages:
Code:
Mar 19 15:09:34 localhost kernel: type=1400 audit(1237496974.987:69): avc: denied { getattr } for pid=4769 comm="httpd" path="/usr/share/awstats/wwwroot/cgi-bin/awstats.pl" dev=sda1 ino=1267968 scontext=unconfined_u:system_r:httpd_t:s0 tcontext=system_u:object_r:httpd_awstats_script_exec_t:s0 tclass=file
Mar 19 15:09:34 localhost kernel: type=1400 audit(1237496974.987:70): avc: denied { getattr } for pid=4769 comm="httpd" path="/usr/share/awstats/wwwroot/cgi-bin/awstats.pl" dev=sda1 ino=1267968 scontext=unconfined_u:system_r:httpd_t:s0 tcontext=system_u:object_r:httpd_awstats_script_exec_t:s0 tclass=file
Could someone explain to me what I should be looking for in these messages? Or what I would need to do to fix it?
I'm running a Samba server (3.5.2-60.fc13) on Fedora 13 (64 bit). I want to share the user home directories and want to allow following of symlinks out of the share tree. So in smb.conf I used
unix extensions = no
wide links = yes
For SELinux I did:
setsebool -P samba_enable_home_dirs=1
getsebool -a | grep samba
samba_create_home_dirs --> off
samba_domain_controller --> off
[code]....
However I can't follow the symlinks when mounting my home directory on a Windows machine, unless I disable SeLinux.
I'm trying to ssh into my Ubuntu box, but the connection is getting denied.
When I look at /var/log/auth.log, I see the following:
Code:
I googled for this, and ran across the following: [url]
Here's the part that I think relates to the problem that I'm having:
Quote:
It's not clear from context which configuration file needs to be edited, and I'm not at all familiar with SELinux configuration.
I have one server with Jboss and Tomcat installed, I have to start these servers manually everytime I do reboot the server.How I could do to start Jboss and Tomcat automatically, when I do reboot the server?
View 1 Replies View Related