Tuesday, July 29, 2014

SELinux

5 comments:

  1. Software and MotorcyclesJuly 29, 2014 at 11:09 AM

    $ tail -f audit/audit.log
    type=AVC msg=audit(1406657662.132:205): avc: denied { search } for pid=23098 comm="rsync" name="/" dev=sdb1 ino=2 scontext=system_u:system_r:rsync_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=dir
    type=SYSCALL msg=audit(1406657662.132:205): arch=c000003e syscall=80 success=no exit=-13 a0=17add70 a1=1 a2=3 a3=8 items=0 ppid=1556 pid=23098 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="rsync" exe="/usr/bin/rsync" subj=system_u:system_r:rsync_t:s0-s0:c0.c1023 key=(null)

    $ getsebool -a | grep -i rsync
    allow_rsync_anon_write --> off
    rsync_client --> off
    rsync_export_all_ro --> off
    rsync_use_cifs --> off
    rsync_use_nfs --> off

    $ setsebool -P allow_rsync_anon_write on

    RESULTADO: NO SE SOLUCIONO! (aun despues de reinicar xinetd)

    ReplyDelete
    Replies
    1. Software and MotorcyclesJuly 29, 2014 at 11:19 AM

      $ setsebool -P rsync_client on

      Sigue igual, dando el error: @ERROR: chdir failed

      Delete
  2. Software and MotorcyclesJuly 29, 2014 at 11:32 AM

    Volvemos atras cambio de politica

    $ setsebool -P rsync_client off

    ReplyDelete
  3. Software and MotorcyclesJuly 29, 2014 at 11:36 AM

    $ yum install policycoreutils-python

    ReplyDelete
  4. Software and MotorcyclesJuly 29, 2014 at 11:36 AM

    $ semanage fcontext -a -t public_content_rw_t "/srv/rsync(/.*)?"

    ReplyDelete

Note: Only a member of this blog may post a comment.

Subscribe to: Post Comments (Atom)