Fedora Security :: Policy Changes Get Posted To The Repositories?

Jan 5, 2010

FC12 with recent updates The bugzilla I reported is fixed in selinux 3.6.32-66 and I have 3.6.32-56. I refreshed the repositories and looked for 66 and it is not listed. Question - how often does the policy changes get posted to the repositories ? And are the repositories the normal place to get the latest and greatest ?

View 2 Replies


Fedora Security :: How To Enable MLS Policy

Feb 1, 2010

I have in /etc/selinux/config:



Do I have MLS enabled? I can't use Selinux commands. I thought MLS is sort of package to Selinux. I fallowed this:



View 3 Replies View Related

Fedora Security :: SELinux Policy Changing In 15

Jul 24, 2011

I need to change SELinux policy to permissive and then back to enforced for an installation. I understand that I should be able to do that through the SELinux Administration window accessed through System -> Administration ->SELinux Management. But I do not have any real sysadmin tools available in my Fedora 15 Gnome Gui interface. Am I missing something, or should I use some sort of similar command line tool to do this?

View 2 Replies View Related

Fedora Security :: Selinux Policy Blocking Outbound Ports For Sshd

May 25, 2011

Tried google and searching this forum to no avail. Under Fedora 14, there is an selinux policy which blocks sshd from making outbound connections on port 80 or 443. This can occur when a client box tries to tunnel through the ssh connection for encrypted access to the web.

While I did manage to allow this happen by creating a permissive domain for sshd with this command:


The preferred way would be to allow sshd to make connection on other ports with a similar command that does not seem to work:


Is this the correct way of allowing an outbound port connection for the sshd daemon?

View 2 Replies View Related

Fedora Security :: Create An SELinux Policy To Automatically Grant Apps Execstack While They Use Glxinfo

Nov 20, 2009

I just upgraded from 11 to 12 and then installed the Nvidia proprietary drivers from RPMFusion. Initially glxinfo wouldn't work because SELinux was stopping it from using an executable stack. Since the Nvidia drivers are proprietary and a fix may not be provided, I allowed this access to glxinfo with chcon -t execmem_exec_t '/usr/bin/glxinfo'

However it looks like every program using glx-utils also needs these permissions - so far I allowed Xorg, compiz and the Firefox video plugin to execstack. Can anyone suggest a fix for this - preferably one that avoids execstack for all those apps since its a security risk. If not how do I create an SELinux policy to automatically grant apps execstack while they use glxinfo or other nVidia libraries but not at other times.

View 2 Replies View Related

Security :: Creating A Safer Web With Content Security Policy?

Mar 22, 2011

Quote:One of the new features in Firefox 4 that we are very excited about is Content Security Policy, which is a mechanism that works behind the scenes to prevent some of the more severe web-based attacks against users and websites.Firefox users don?t have to do anything in order to gain this protection. Simply install Firefox 4 and you will instantly receive all of the benefits that Content Security Policy has to offer. Easy!

View 1 Replies View Related

Security :: Tripwire Initial Configuration - New Policy - P

Jul 29, 2009

I have just installed tripwire. I have created a baseline db using the default policy file. Then I checked the output of the db to see what I did not have on my filesystem that db was searching for (according to the default policy when tripwire was installed), I then changed my default clear text policy file accordingly and used twadmin to generate a new tw.pol file.

Next I come grinding to a halt after this (assuming the next thing is to update the policy in tripwire right? )


View 2 Replies View Related

Security :: Periodic Update Of Tripwire Policy File?

Jul 1, 2010

I have tripwire running on one of our servers on a daily basis, and I was curious to know if it is good practice to periodically update the policy file. The reason for my asking that is while the daily reports that I get indicate there have been changes to files on a daily basis, there are also files that have not been modified for over a month. My thinking is an update of the policy file will establish an updated baseline, and those files that have not been changed for so long will not be reported on until they get changed again.

View 1 Replies View Related

Security :: Policy That Limits Connections On Port - Encapsulates Total Sum Of All Connections From Hosts?

Jan 21, 2011

Is it fair to say that connLimit and hashlimit are very similiar on Linux i.e. while hashlimit caters to limits for groups of ports, they both set the connection rate limit per host? How in IPTables, do I configure a policy that limits connections on a port that encapsulates the total sum of all connections from all hosts? i.e. I do not want to allow more than 6000conn/minute for port range that is the sum of all connecting hosts?

View 3 Replies View Related

Ubuntu Security :: Installing Clamav From Debian Repositories?

Jun 4, 2011

ubuntu 10.04lts, want to upgrade my clamav from 096.5 to the 097 scan engine. the ubntu repositories have only the 096.5 release, while the debian repositories have the 097 package. set the repositoriy path in the synaptic package manager, and made sure the checkbox was checked. can't see the clamav package.

View 1 Replies View Related

Hardware :: Posted In The HCL Considered 'bad Form'?

Mar 5, 2011

1- Is reviewing hardware that you have posted in the HCL considered 'bad form'?

2- Is it good, bad or indifferent to put up hardware that is not currently avaible? I've got several older computers, and I'm more than happy to put them up. I'd assume that its encouraged to do so, but seeing how I was going to ask the other question I thought there is no harm in asking.

View 5 Replies View Related

CentOS 5 :: No Checksums Posted For 5.3 LiveCD ISO?

May 21, 2009

I checked a couple of locations:[URL]... and none of the files listing checksums do so for the LiveCD ISO neither md5 nor sha1. Being a "trust but verify" sort of fellow. . .

View 3 Replies View Related

Ubuntu Installation :: Can't Find A Fix Through The Posted Threads

Feb 24, 2010

I had xp, added win7, and now added kubuntu.But can't choose the OS to load on grub.Can't find a fix through the posted threads, can you guide me to solving the problem?

View 9 Replies View Related

Fedora :: Vnc Policy Authorization Failure When Trying To Add Packages

Aug 24, 2009

It took me a while to get VNC going. It was easier with FC8-10. Once I got finished and was actually able to log in and see my remote desktop I tried to add some software... virtualbox.When I double click on the RPM I get popup that states."The action could not be completed. Failed to install file. You do not have the necessary privileges to perform this action" When I close that dialogue another one pops up that states" "The action could not be completed." When I click on more details the dialogue states. "Policykit authorization failure" How can I make this work?

View 1 Replies View Related

Server :: Dovecot Can't Access Maildir (log Error Posted)

Dec 27, 2010

I am having the following error on my logs.


I used mail_uid and mail_gid in dovecot.conf to set the permissions, I'm not using local system accounts, instead accounts specified in MySQL. I can dump all the output of doveconf if requested.

View 2 Replies View Related

Software :: Plugin To Make Links Posted On Status By Friends Clickable?

Dec 8, 2010

I have a question about Pidgin IM client. Is there a plugin to make links posted on status by friends clickable?

View 5 Replies View Related

Fedora :: Odd Output After Selinux-policy-targeted Package Finished Updating?

Feb 20, 2010

I just updated my system via yum and got an odd output after selinux-policy-targeted package finished updating.

Updating : selinux-policy-3.6.32-89.fc12.noarch 14/80
Updating : selinux-policy-targeted-3.6.32-89.fc12.noarch 15/80
/etc/mock/koji* /etc/rc.d/init.d/dirsrv* /srv/git* /usr/autodesk/maya2010-x64/lib /usr/lib{64,}/nagios/plugins/check_mailq /usr/sbin/ns-slapd /usr/share/e16/misc* /usr/share/shorewall/compiler.pl /var/cache/cgit* /var/lib/git* /var/lib/koji* /var/www/git/gitweb.cgi /var/www/git/gitweb.cgi

Does anyone knows what that means?

View 2 Replies View Related

OpenSUSE :: WARNING - Unable To Download List Of Repositories Or No Repositories Defined

Feb 9, 2011

I am running Suse 11.1 64bit, with KDE, recently I received a pop up on my screen, "something about update problems", I used Yast 2 and selected online Update and it couldn't find updates for Nvidia and froze at that point. I dis-enabled that repository and refreshed all of the remaining Repositories individually and it seemed to work. I then went to the repositories listing and selected "Add" and selected "community" repositories and received the following: WARNING Unable to download list of repositories or no repositories defined. What is my problem? How do I acquire the list of community repositories? I can live with out the Nvidia repository for now but would eventually like to get it back.

View 2 Replies View Related

Ubuntu Installation :: Any Repositories That Could Add From Newer Ones / Other Distro Repositories.

Jan 9, 2010

I just installed ubuntu because the newer versions were not working for me. So I installed 7.10 and there is no repositories that are still up. Is there any repositories that I could add from the newer ones or other distro repositories.

View 8 Replies View Related

OpenSUSE :: Error - "Unable To Download List Of Repositories Or No Repositories Defined"

Jan 30, 2011

I am running Suse 11.1.I do the following:

Click on Software Repositories
Click Add
Click Community Repositories
Click Next.

I receive an error, "Unable to download list of Repositories or no repositories defined."

in the /etc/YaST2/control.xml the external repository is:download.opensuse.org/YaST/Repos/openSUSE_111_Servers.xml

View 9 Replies View Related

Fedora Networking :: 13 - How To Enable "SELinux Named Policy"

Jun 17, 2010

I am trying to configure my live install of fedora so a PC on the same intranet can access it by hostname instead of by IP address.After I installed bind, I realized the man pages recommended against bind and said instead to enable SELinux named. I tried to guess what variables to set after googling and studying the documentation and coming up empty. I used getsebool -a, and tried turning one and all on.I test using:nslookup myhostname on the linux box, since if that is working it isnt surprising that the windows box cant see it. what buttons to push to enable SELinux named, as described in fedora 13 man page for bin slight correction, the man page is for named. It says to remove the bind-chroot and use SElinux to enable named. I think I also have to create a new zone. This seems akin to proving fermats last theorem but less rewarding. anyone know what keys to push for either. I did get system-config-selinux running. I thought it was in an infinite loop but it does *eventually* load a gui. Also if you set a boolean it will grab all CPU for a couple of minutes. (used top in another terminal).

View 5 Replies View Related

Fedora :: Shutdown Policy Triggered By Vncserver - Computer Refuses To Shutdown Normally

Feb 5, 2011

Recently I installed vncserver (tigervnc) on my desktop. Ever since my computer refuses to shutdown normally. At shutdown the following message pops up: Quote: System policy prevents stopping the system when other users are logged in Then I have to enter the root password to shutdown. If I stop vncserver before, the computer shuts down normally.


View 2 Replies View Related

Fedora :: Are The 8 Repositories Still Available

Jun 16, 2011

I have an acer aspire one laptop that runs linpus lite, which is based on fedora 8. I have noticed that my update software no longer works and was wondering if the problem was that the repo had gone.

View 3 Replies View Related

Fedora :: Why Sun Java Is Not Available In The Repositories

Mar 28, 2010

When I tried to install OpenOffice I noticed that there are no packages with Java from Sun in standard repositories for Fedora 12.Could someone explain why the Sun Java is not available in the repositories and how to install it?

View 1 Replies View Related

Fedora :: How To Get The Current Repositories

Jun 6, 2010

Repository configuration for Fedora 13, and a few earlier releases. I don't see these repositories mentioned together on one page or web site, so I thought I'd throw this together.


You'll need the RPMFusion repos, so hit the link and follow the instructions there.


If you want to be able to play DVD video you'll need a file called libdvdcss so you'll need the Livna repository. To set up the Livna repository, open a terminal and type


su -c 'rpm -ivh http://rpm.livna.org/livna-release.rpm'
su -c 'rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-livna'
Then install libdvdcss with the command


su -c 'yum install libdvdcss'

The Adobe repositories provide the Adobe Reader and the flash plugin. To install this repository issue the following commands:


su -c 'rpm -ivh http://linuxdownload.adobe.com/adobe-release/adobe-release-i386-1.0-1.noarch.rpm'
su -c 'rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-adobe-linux'

To install Adobe Reader issue the following command:


su -c 'yum install AdobeReader_enu'

This reader is available in several languages. The one above is the English version. To list all available issue the following command:


yum list AdobeReader*

You'll see several listed. To get more information on a particular package use something like:


yum info AdobeReader.chs
Available Packages
Name : AdobeReader_chs
Arch : i486


I prefer to leave these additional repositories disabled (with the exception of RPMFusion of course) after I've gotten what I need from them. At that point they don't need to be enabled, but there's no harm done if they are. To disable any of the repositories you've installed open the corresponding file with a text editor. Using Livna as an example:


su -c 'nano /etc/yum.repos.d/livna.repo'

Find the first instance of the line that reads enabled=1 and change it to read enabled=0. Save and exit the editor. The Livna repository is now disabled.

View 13 Replies View Related

Fedora :: Firefox 3.6 Isn't In The 12 Repositories

Sep 20, 2010

I am curious as to why Firefox 3.6 isn't in the Fedora 12 repositories. I've read the existing threads on this issue, but these threads were started in January/February of this year. It's been what, 8 or 9 months since those threads were created? I installed Fedora 13 at home over the weekend and realized that it uses Firefox 3.6.

I'm not trying beat a dead horse. I understand that people have priorities.

View 3 Replies View Related

Fedora :: How To Update Repositories

Jan 10, 2011

I did an upgrade from Fedora 12 to Fedora 14 using a DVD.My repositories all still point to Fedora 12 programs. What do I have to do to make them access Fedora 14 programs ?

View 8 Replies View Related

Fedora :: All Repositories Required For 13?

Jun 18, 2010

I'm having a hard time locating the one's I need.

View 1 Replies View Related

Fedora :: Which Repositories To Setup From Within 13

Sep 10, 2010

What repositories did you set up from within Fedora 13.

View 2 Replies View Related

Fedora :: FifeFox Update From Repositories?

Jan 13, 2010

I am new in Linux world. This is my question: how i can update Fiferfox browser from Fedora repositories?

View 3 Replies View Related

Copyrights 2005-15 www.BigResource.com, All rights reserved