Re: r-x and r-x.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



Op 25-04-13 14:49, Daniel J Walsh schreef:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On 04/25/2013 04:54 AM, Johan Vermeulen wrote:
>>
>>
>>
>> Op 24-04-13 22:53, m.roth@xxxxxxxxx schreef:
>>> John R. Dennison wrote:
>>>> On Wed, Apr 24, 2013 at 03:06:11PM -0400, Daniel J Walsh wrote:
>>>>> Disabling SELinux is not going to fix your problem.  Since the field
>>>>> is just showing you that you have extended attibutes assigned to yr
>>>>> files.
>>>>>
>>>>> Why not just script around it.
>>>>>
>>>>> ls -l | sed 's/\. / /g'
>>>>>
>>>>> Would replace all ". " from your output.
>>>> Because that would be too easy and people absolutely love to shoot
>>>> themselves in the face by disabling selinux.  Because it is, as we all
>>>> know, ridiculously hard to manage.
>>> Don't get me started. I'm fighting it regularly. For example, SELinux is
>>> preventing /usr/bin/perl from getattr access on the file
>>> /sys/devices/system/node/node0/meminfo. For complete SELinux messages.
>>>
>>> And yes, I did post a few things to the selinux list....
>>>
>>> mark
>>>
>>> _______________________________________________ CentOS mailing list
>>> CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos
>> Dear All,
>>
>> thanks again for the reactions.
>>
>> This is the NetworkManager script I'm trying to use:
>>
>> ----------------------------------------------------- #!/bin/sh
>>
>> export LC_ALL=C
>>
>> if [ "$2" = "down" ]; then exit0 fi
>>
>> if [ "$2" = "up" ]; then #LAN Subnet at work NETMASK="192.168.66.128/25" if
>> [ -n "`/sbin/ip addr show $IF to $NETMASK`" ]; then
>>
>> rsync -azvp /home/james/ 192.168.66.129:/home/jvermeulen
>>
> See if chcon -t bin_t /usr/bin/rsync solves your problem.
>
> I believe that NetworkManager runs its helper scripts as initrc_t which is an
> unconfined domains, except that when it executes rsync, it transition to a
> confined rsync server domain(rsync_t).  Changing the context to bin_t would
> eliminate the transition and leave rsync running in initrc_t.
>> fi fi
>>
>> --------------------------------------------------------------------------------------------------------------------------------
>>
>>   as far as I can test this at the moment, it works without Selinux and
>> doesn't work with Selinux enabled.
>>
>> I also want Selinux enabled. So I will do some searching on how to make it
>> work with Selinux.
>>
>> Greetings, J.
>>
>> _______________________________________________ CentOS mailing list
>> CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos
>>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.13 (GNU/Linux)
> Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
>
> iEYEARECAAYFAlF5JlAACgkQrlYvE4MpobN/FgCfRbN/kbhKTlkuEt9LsD5cIdWN
> eRQAoMNhwlUIebj9gI1Vh1iCrAiq5kWD
> =8yid
> -----END PGP SIGNATURE-----

Dear All,

thanks for the advise.

Yes, it concerns a laptop, if not I would indeed turn of NetworkManager.

I am in the  process of converting our last older OpenSuse-laptop to 
CentOs6.4.
Now all 26 of our Linux laptops ( 4 sadly run Windows ) will be on CentOs.

I often hear people say they would never run CentOs on laptops, but I 
think it works great.

Also today I will replace the last of 4 machines of our admin Department 
to CentOs. ( One will remain on Windows ) .

I just needed to share that with somebody.

Tomorrow I will test the advise that I kindly received here.

Greetings, J.

_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos




[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux