Visit Jeremy's Blog.
Go Back > Blogs
User Name



SELinux and Icinga

Posted 08-05-2012 at 01:39 AM by sag47
Updated 08-05-2012 at 01:57 AM by sag47

Today I ran into an SELinux problem when installing icinga. I followed their documentation "Adjusting the SELinux settings". However my cgis still would not run. When I ran,
cat /var/log/audit/audit.log | audit2allow -v
I received the following output,
#============= httpd_sys_script_t ==============
# src="httpd_sys_script_t" tgt="initrc_tmp_t" class="file", perms="{ read getattr open }"
# comm="tac.cgi"
Senior Member
Views 7568 Comments 3 sag47 is offline

SELinux, syslog-ng, and the like

Posted 06-19-2012 at 11:12 AM by sag47
Updated 08-05-2012 at 01:58 AM by sag47

So recently in my home setup I installed a scheme for centralized logging. I use rsyslog or syslog on the client servers and syslog-ng on the central server. This is nothing new and has been done before.

rsyslog + syslog-ng = gold.

I have a script which parses the syslog-ng logs across all the servers, filters them, and then sends and email with a summary and unusual logs. Each time I got an email I would get, on average, ~200-500 log messages of SELinux errors and...
Senior Member
Views 4523 Comments 1 sag47 is offline

Enter your password SUCKER! ;-) (a simple demo)

Posted 05-31-2012 at 11:38 PM by rainbowsally

Enter your password SUCKER!


  • Installer uninstaller in a simple clickable (or at least it should be clickable) script. (You can try setting the file associations these to run scripts with kde-open, xdg-open, gnome-open, ... or try the shell-exec app at this blog.)
  • Fun. But is it practical? Maybe, and maybe not. It depends on if you already knew how risky handing control of parts of your system to strangers can be.

Question: Who are they protecting...
Posted in Uncategorized
Views 830 Comments 0 rainbowsally is offline

SELinux and sshd

Posted 01-02-2012 at 05:55 PM by sag47
Updated 08-05-2012 at 01:58 AM by sag47

So I've started using the new Fedora 16 on my main media server (previously F14) and decided to try something new this time. I've always set SELinux to permissive which is a bad idea normally for anything public (which this server isn't but I still want it). Anyway I believe I was testing something before I left for the holidays and ran
setenforce 0
which disables SELinux. I guess at some point it turned back on somehow and I was locked out of ssh. I dug through my logs (/var/log/messages,...
Senior Member
Views 6809 Comments 1 sag47 is offline

SELinux and Apache ProxyPass

Posted 12-07-2011 at 01:39 PM by sag47
Updated 08-05-2012 at 01:58 AM by sag47

Today I was having trouble getting a httpd ProxyPass and ProxyPassReverse to work. As a background I'm working in RedHat Enterprise Linux 6.1. It took me a while to figure out what was wrong (longer than it should have) and as it turns out it worked after I disabled SELinux. So my configs were correct in /etc/httpd/conf.d/* and it passed all config tests. I'm sure you don't want to read a whole post of talking so I'll just get right into the grit of the commands. For the rest of the explanation...
Senior Member
Views 3730 Comments 0 sag47 is offline


All times are GMT -5. The time now is 01:29 AM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration