All I know is what I was seeing on my system. Only became aware of something going on when I went to mount a usb device from a terminal window. That is when I first saw by accident and paid attention to
a different root prompt. Seeing that, I opened a setroubleshoot window and saw in red at the bottom of its window that the server was disabled. I wrote
down all that I tried & what was observed. Today I
physically took my pc to another physical location &
knowing that the person uses a different isp-dsl provider and none of the previous things took place.
Was on the internet for at least 1 to 1.5 hrs. Opened & observed the setroubleshoot window, no issues. Brought my system home, booted it, issues
return. Nothing is being logged. I am not trying to be a pain, I was just reporting what I observed on my
system. I do not have the unix expierience to dream this up. How I know about the keystrokes being mapped, (|'), is from the old days of Digital's vax/vms .. The |' prompt only shows when giving a log-in & password while going to certain popular
web-sites.
That's all. I will simply close this, and wait till others start to see things on their linux systems.

Roger that. If it persists, let us know. Myself, including many others, will definitely be willing to assist....

If you would have posted log excerpts and error messages then you would have reported an issue.
Instead you tried to interpret what you thought you were seeing and talking about it.


That simply is not true unless 0) there is something amiss or 1) you don't know what to look for or where.

If you want to get to the bottom of this: Centos comes with standard syslog enabled so 'grep -v ^.*# /etc/syslog.conf | awk '/log\// {print $NF}';' (or '/usr/sbin/lsof -Pwln +D/var/log|awk '{print $NF}'|sort -u') gives you the logfiles to look for. A more efficient way would be to run your logs through 'logwatch' as its report makes it easier to pinpoint issues. Since you mention Setroubleshootd (see /var/log/setroubleshoot/setroubleshootd.log), if the audit service is enabled then your next stop is /var/log/audit/audit.log (else it'll log in /var/log/messages). An efficient way to check if there's issues is to run 'audit2allow < /var/log/audit/audit.log'. If this outputs anything there's probably things to correct. None of this requires hardcore Linux knowledge as the information is at your fingertips: Red Hat comes with extensive installation and maintenance documentation and Centos has its own Wiki.


Talking about Centos: please do not use obsolete releases. Centos 5.5 is the current release. By updating your machine all bugs and security issues that have been fixed in the current release become available to you and this may include SELinux policy fixes.

1 members found this post helpful.