Re: SELinux Question

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



James Hogarth wrote:
> On 23 Jul 2013 07:42, "Ken Smith"<kens@xxxxxxxxxxx>  wrote:
>    
>>>        
>> For some reason auditd wasn't running or enabled. I'm now seeing the
>> messages I needed in /var/log/messages. I'm running bind chrooted and
>> various other tweeks mean I need to set SELinux accordingly.
>>
>>      
> Bind chroot via the standard chroot package should just with with selinux...
>
> Be careful that you don't just follow the audit.log blindly (eg audit2allow
> -aM) but think through each but carefully...
>
> I'd suggest starting for each exception with "is this already covered by a
> boolean" and then double checking your file contexts before even
> considering an additional custom module.
>
>    
For some reason SELinux was blocking the updates to the zone files that 
are the result of DHCP leases being issued. Fixed now. Also I run 
MailScanner and the SELinux context needed corrected on mqueue.in, in 
addition to allowing SSH to operate on the non-standard port I've set it 
to.

Thanks

Ken

-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos




[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux