Questions tagged [selinux]

NSA Security-Enhanced Linux (SELinux) is an implementation of a flexible mandatory access control architecture in the Linux operating system.

The SELinux architecture provides general support for the enforcement of many kinds of mandatory access control policies, including those based on the concepts of Type Enforcement®, Role- Based Access Control, and Multi-Level Security. Background information and technical documentation about SELinux can be found at http://www.nsa.gov/selinux.

668 questions

votes

0 answers

rsync postgres backup to another directory

I have CentOS 7 (3.10.0-1062.18.1.el7.x86_64) with SELinux enabled. PostgreSQL 12 installed (not sure if it is related). I try to backup database and move backup files to another disk. How I create backups files is unrelated, so I'll skip to the…

asked Apr 08 '20 at 19:06

adontz

votes

2 answers

Apache Webserver - Selinux, directory permission

I trying to set up apache on centos 8. The service is running. When i test with wget, I get 403 $ wget 127.0.0.1:9000 …

centos apache-2.4 selinux

asked Feb 21 '20 at 11:34

The Fool

votes

1 answer

Allow apache service to execute command on another user with sudo. Set correctly SELinux

I want allow PHP script to execute external command with another user with exec. For this, I call my command like : exec('sudo -u username /usr/bin/command -a arg1 --arg2 arg2'); In sudoers rules, I have added : apache …

apache2 sudo selinux

asked Feb 10 '20 at 17:52

user5525652

votes

1 answer

SELinux logrotate issue

It seems the topic is quite popular... So I figured I have issues with my logrotate not being able to rotate tomcat logs. Logrotate configuration is set in /etc/logrotate.d/tomcat as /opt/tomcat/apache-tomcat-8.5.37/logs/catalina.out { daily …

selinux logrotate

asked Jan 30 '20 at 19:47

Philipp Grigoryev

votes

1 answer

Apache vhost privilege separation using mod_selinux

I have 2 sites/apps on a server; a proprietary app, and Nextcloud. Nextcloud will be using the files_external storage plugin which allows for local mounts, but I do NOT want it to be able to browse and view the source of the proprietary app... thus…

apache-2.4 virtualhost httpd selinux nextcloud

asked Jan 23 '20 at 21:44

oucil

-1

votes

1 answer

Nginx cache mkdir failed (2: No such file or directory) while reading upstream

Edit for answer: It's the selinux causes this problem, the temporary solution is to run this command: sudo semanage permissive -a httpd_t But you shouldn't do that, because of security reasons. I found an article wrote by Danila Vershinin on nginx…

nginx selinux

asked Nov 12 '18 at 03:34

davidchannal

-1

votes

2 answers

Need help installing ejabberd on Centos/RHEL7 with SELinux and reverse proxy

I've been trying to get a web client to use EJabberd on the recommended port (5281) through a reverse proxy (HAProxy) on Centos7 with SELinux enabled. I am not familiar with SELinux context rules. The basic problem seems to be that HAProxy cannot…

centos haproxy selinux ejabberd

asked Oct 01 '18 at 12:26

Scott

-1

votes

1 answer

MySqld Service wont start on Redhat7 after a yum update

I'm having a problem with Redhat7 after a yum update. Various services wont start and are giving permissions errors. Similar problem to Can't start any service after installing iRedMail on CentOS but different OS, so maybe different…

linux mysql redhat selinux

asked Mar 14 '18 at 16:14

m1m1k

-1

votes

1 answer

HAProxy not detecting backend with non-standard http port

I have a HAProxy setup where the backend server is running a webserver non standard port.The config is as follows global log 127.0.0.1 local2 chroot /var/lib/haproxy pidfile /var/run/haproxy.pid maxconn 4000 …

haproxy selinux

asked Nov 02 '17 at 12:42

andthereitgoes

-1

votes

1 answer

Nginx throws 403 Forbidden nginx/1.11.8 errors despite using all answers from serverfault

I have CentOs 7.3 and Nginx 1.11.8 and PHP-FPM 7.0 This is a clean install, and everytime I get the above error page if I change the root for the nginx dir from /usr/share/nginx/html to anything. This time I changed it to /var/www/html. Now I am…

nginx centos7 selinux

asked Jan 07 '17 at 21:52

user7342807

-1

votes

2 answers

Failed to create shadow copy (CopyFile) While Loading an .aspx page in mono-server

Failed to create shadow copy (CopyFile) Description: HTTP 500. Error processing request Before I begin my question; below is link to my previous problem, It was 503 error; Resolved by enabling seboolian of httpd_execmem: Mono crashes while SELinux…

redhat httpd selinux 500-error mono

asked Aug 12 '16 at 08:14

vivek.patwardhan

-1

votes

1 answer

How we can see SElinux policies running on a centos system??

I am given with an assignment that how we can see what selinux policies are running on a system(centos), as i am a new and dont know about the system

centos selinux

asked Mar 01 '16 at 10:59

Nain

-1

votes

2 answers

Correct CentOS 7 SSH configuration

I'm having some trouble changing the ports on a new CentOS 7 (minimal) machine (IP 11.22.33.44). To log into the new machine, I use a proxy VPS (let's say, IP 88.99.100.101). I edited the /etc/sysconfig/selinux file to disable SElinux and rebooted.…

ssh centos7 selinux firewalld

asked Sep 13 '15 at 17:46

Havri

-1

votes

2 answers

Configure Nginx as Reverse Proxy with Apache2 on CentOS7 enabled with SELinux

I'm working on a project for academic purposes, the goal is to use Nginx as a Reverse Proxy for Apache, so far i've installed Nginx and everything is ok, it's listening to port 80, but when i was going to installed apache it says that its already…

apache-2.2 nginx reverse-proxy selinux centos7

asked Feb 02 '15 at 22:15

Jonathan Solorzano

-1

votes

2 answers

Why am I getting permission error from tftp server?

I'm trying to tftp an image to an ASA 5500 and I'm getting this error: TFTP failure: RX TFTP Error Packet TFTP OP Code: Error Packet Error Msg: Permission denied

cisco-asa selinux tftp

asked Apr 14 '14 at 20:28

AXE Labs

1,519
5
19
24

Prev 1 2 3

…

45 Next