Disabling SeLinux Enforcing

Apr 7, 2007

I am not expert in linux box.... Actually I have found a problem in my machine, our clients are not able to access their sites from server, when I checked the system log it was related to Permission Denied. Someone told me to disable SELinux enforcing, Now after that my problem resolved.

But I am curious that what exactly Selinux is and what kind of issue it may create for my box if I disable it?

View 4 Replies


ADVERTISEMENT

Enforcing PTR Checks On Mail Servers

Dec 18, 2008

For mail server admins, do you enforce PTR (reverse dns checks) on incoming mail? All hosts know to have rDNS set on their mail IPs to ensure free-flowing outbound mail but do you also enforce the check on inbound.

And does anyone know of somewhere that shows stats on the state of net and what perecentage use PTR checks etc?

View 6 Replies View Related

Is Anyone Here Using SElinux On A Web Server

Nov 6, 2009

Is anyone here using SElinux on a web server?

If so, how hard was that to setup?

View 1 Replies View Related

Selinux (ping)

Jul 26, 2008

My server ping keeps disconnecting

However my ssh & website is smooth running!

When i type "service iptables stop", the ping runs just smoothly.

I have CSF installed in the server, like any other server using default configurations. I believe it has something to do with selinux? (or not?)

View 2 Replies View Related

Selinux/Adaptec Driver

Oct 21, 2007

I am having quite a challenge getting openvz to work on centos 5 with a adaptec RAID card.

The driver likes the plain jane kernel..but then...

Configuration [OpenVZ (2.6.18-8.1.14.el5.028stab045.1)]

***NOTICE: /boot/vmlinuz-2.6.18-8.1.14.el5.028stab045.1 is not a kernel. Skipping.

There is also another issue not being able to disable Selinux.
I have tried the normal routes and even attempted disabling it in rc.sysinit..still...this "security framework" is able to load it..and cause problems.

Openvz and SeLinux don't get along..even a little bit.

So..those are the two probably seperate issues...that prevent the poor server from booting.

View 1 Replies View Related

SELinux Is Preventing Apache/PHP From Loading Modules

Jul 28, 2008

I can't get SELinux to let httpd load the IonCube module for PHP. I've given the CentOS 5 forum a try (here: http://www.centos.org/modules/newbb/...15403&forum=42), talked with WHMCS's support (the app I'm using that needs it), and even opened a ticket with IonCube. Unfortunately nobody seems to know how to tell SELinux to let httpd "exec" modules.

I'm running CentOS 5, and the error I'm getting in /var/log/messages is:

Jul 23 10:15:30 host kernel: audit(1216833330.905:1249): avc: denied { execheap } for pid=22055 comm="httpd" scontext=root:system_r:httpd_t:s0 tcontext=root:system_r:httpd_t:s0 tclass=process

I can disable SELinux and it works fine (setenforce 0), but that's not the solution I'm looking for. Can someone please tell me how to do this the *right* way?

View 11 Replies View Related

Custom SELinux Policies For Their Cpanel Server

Apr 11, 2008

Has anyone wrote custom SELinux policies for their cpanel server?

View 1 Replies View Related

Making SELinux And Apache Play Nicely

Feb 15, 2007

Is it possible to make these two work together? I can't seem to find any way to let Apache read /home/<username>/public_html without disabling selinux entirely.

I know you can do "chcon -t httpd_sys_content_t -R $HOME/public_html", but it seems like it would be a pain when adding users, especially if someone decides to delete their public_html and make a new directory.

Is it possible to create an exception to let httpd do whatever it wants?

View 0 Replies View Related

Plesk 12.x / Linux :: Change Location Of Mail / Maildirs And SELINUX

Mar 2, 2015

I have changed the maildir in Plesk according to [URL] ..... Everything works like a charm, however selinux doesn't allow access to the new directory. That means we get a permission denied and no mail is received at the server anymore.

Old location: /var/qmail/mailnames/
New location: /mnt/bigstorage/mailnames/

tail -f /var/log/maillog:
Mar 2 13:38:42 srv2 postfix-local[5983]: postfix-local: from=example@example.com, to=example@example.com, dirname=/mnt/bigstorage/mailnames/
Mar 2 13:38:42 srv2 postfix-local[5983]: cannot chdir to mailnames dir /mnt/bigstorage/mailnames: Permission denied

If we disable selinux, everything works, however this is not the best practice.

How can I fix this error without disabling selinux?

View 1 Replies View Related

Plesk 11.x / Linux :: Yum Update Throw Warning For Selinux-policy-targeted

Nov 18, 2014

Specs: centOS 6.6 (Final) with Plesk 11.5.30 #48

In the last updates I get this warning:

Updating: selinux-policy-targeted-3.7.19-260.el6.noarch 128/373
libsemanage.semanage_direct_commit: WARNING: genhomedircon is disabled.
See /etc/selinux/semanage.conf if you need to enable it.
/etc/selinux/targeted/contexts/files/file_contexts: Invalid argument
libsemanage.semanage_install_active: setfiles returned error code 1.
semodule: Failed!Click to expand...

View 3 Replies View Related

Disabling The Use Of Other DNS

Apr 24, 2009

I want to disable the use of other dns being used instead of my name servers is this possible if so how can i do this.

View 4 Replies View Related

Plesk Automation :: Error While Installing Automation During (Getting SELinux) Step

Jul 5, 2013

I am trying to install Automation, and I keep getting an error after the "Getting SELinux" step, here is a log of the process so far:

Code:
[INFO]: Checking current user privileges...
[INFO]: Checking critical environment requirements...
[INFO]: Determining OS parameters...
[INFO]: Detected OS: CentOS-5-x86_64
[INFO]: Getting SELinux state...
[ERROR]: Unexpected error: ''

[Code] ....

I have tried running the installation on a different server and the same issue came up...

View 19 Replies View Related

Disabling IP With Ifdown

Apr 23, 2009

How do i take one IP on the server down ?

I need to disable eth1:4 as it get ddos attack.

ifdown eth0:4 is not working

Quote:

[root@server22 ~]# ifdown eth0:4
usage: ifdown <device name>
[root@server22 ~]#

I think the command used to work before.

Anyone know how to take down only that IP with out editing ifcfg-eth0-range0 ?

View 5 Replies View Related

Disabling POP And IMAP On CPanel

Nov 27, 2008

Disabling POP and IMAP on cPanel

We're using Google Apps to handle all e-mail for the domain, so we have no need for POP and IMAP services running on our server (and I'm always getting e-mails from LFD that show bots are trying to connect with random passwords and such) so I want to disable them, but keep SMTP active since some scripts running on our server use it and I don't feel like rewriting them right now.
I unchecked IMAP and POP in the WHM service manager to disable them, but it's still enabled and I'm able to connect and everything. How can I completely disable these 2 services?

View 5 Replies View Related

Disabling Direct Download

Oct 22, 2009

I have a website which has a FLV player serving .flv files which are hosted in the server. I notice that some users are directly downloading the files using the direct URL and they seem to be using download managers for that which is opening several Apache connections and open slows down Apache. I want to prevent this. I thought of preventing it using a .htaccess file but did not help. This is what I used:

<Files *>
order allow,deny
allow from 127.0.0.1
allow from localhost
deny from all
</Files>

I thought this would work but it doesn't as it is blocking the FLV player from playing the file. Can anyone tell me the right way to do it?

View 3 Replies View Related

PHP Security: Disabling Classes

Apr 4, 2009

We all know that some php funcions are dangerous, such as:

system, system_exec, passthru, shell, shell_exec, exec, popen, pclose, proc_open, proc_nice, proc_terminate, proc_get_status, proc_close, pfsockopen, leak, apache_child_terminate, posix_kill, posix_mkfifo, posix_setpgid, posix_setsid, posix_setuid, escapeshellcmd, escapeshellarg

Those functions can be disabled at php.ini using disable_functions option.

Now.. what about disable_classes option? I haven't seen anyone talking about this on the common security tutorials. What are your suggestions for this? What classes should be disabled?

View 2 Replies View Related

Disabling Shell Files

Jul 2, 2009

Is there someway to disable shell files from working? Because even if you disable shell, shell files still seem to work...

View 2 Replies View Related

Disabling Safe_mode In My Account

Mar 1, 2008

i have a dedicated server wich has safe_mode ON.

i run a joomla portal and i am having issues regarding uploading new modules and stuff like that.. i know that the solution is disabling the safe_mode

i have tried using a customized php.ini but it didnt work... what else can i try?

View 4 Replies View Related

Disabling IonCube In Plesk

Apr 18, 2007

I have RH ES4 running as a vhost on Plesk.

Does anyone know how I can turn off IonCube? I don't see the .so for IonCube in php.ini

View 4 Replies View Related

Disabling Email On Whm/cpanel

Apr 18, 2007

I just got a new vps running virtuozzo with cpanel/whm. I have no plans on ever using email on this server. What's the best way to turn all of it off from whm/cpanel and is it worth doing to speed up the server?

View 4 Replies View Related

Disabling Printk Message Supression?

Apr 18, 2008

I am trying to troubleshoot messages piling up in my /var/log/messages on CentOS 5 that look like this:

Apr 18 10:04:01 sc16 kernel: printk: 3 messages suppressed.
Apr 18 10:04:06 sc16 kernel: printk: 2 messages suppressed.
Apr 18 10:04:14 sc16 kernel: printk: 3 messages suppressed.
Apr 18 10:04:17 sc16 kernel: printk: 1 messages suppressed.
Apr 18 10:04:25 sc16 kernel: printk: 3 messages suppressed.
Apr 18 10:04:31 sc16 kernel: printk: 1 messages suppressed.
Apr 18 10:04:39 sc16 kernel: printk: 2 messages suppressed.

The messages are supressed so I can't see what they are or what is causing them.

How can I disable printk supression?

I have already tried:

echo 0 > /proc/sys/kernel/printk_ratelimit_burst
echo 0 > /proc/sys/kernel/printk_ratelimit

They don't seem to disable it... Any ideas?

View 3 Replies View Related

Disabling The Cgi Module In Httpd.conf

Jul 21, 2008

I like to disable the CGI Module in httpd.conf. Can you please help me to disable the CGI Module.

View 5 Replies View Related

Stop Hackers From Disabling Mod_security

Feb 3, 2008

i have a problem with a hacker that uses .htaccess to disable mod_security
using this code

PHP Code:

<IfModule mod_security.c>
    SecFilterEngine Off
    SecFilterScanPOST Off
</IfModule> 

so is there a way to stop this?
also they have come up with a smart way to run shell files named as images using this code in .htaccess

PHP Code:

AddType application/x-httpd-php .gif 

is there a way to disable the "AddType application"?

View 14 Replies View Related

Disabling Direct Root Login

Apr 16, 2008

login as: hen
hen@xx.xx.xx.xx's password:
Last login:
hen@root [~]# su -
Password:
su: incorrect password

I verified that root password is correct, but no matter how many times I tried, I can't su in

Where's my su permission
-rwxr-xr-x 1 root wheel 24060 Mar 22 2007 /bin/su*

here's inside /etc/group
wheel:x:10:root,hen

View 14 Replies View Related

Disabling Stack Protector On CentOS 4.4

Jan 2, 2007

someone develop a game which is server-centric. Everything is done server-side. In any case, he can compile it without a problem in Ubuntu, but on my CentOS 4.4 servers, he's having trouble.

The one last bug that he's hit, is that he needs to disable the stack protector on CentOS 4.4 in order to compile the game without any more problems.

View 2 Replies View Related

Disabling SSH Root Access But Enabling SSH Keys How To Do That

Apr 3, 2009

in order to secure my server against instrusion, i disabled ssh root login and created a user for myself. however in order to access the user i need to enable SSH Password authentication

I dont enable password authentication all the time and i keep it disabled unless i need to do something via ssh.

Now my question will be, is there a way to keep the user i created and keep the root login disabled and password authentication disabled but use ssh keys for the user i created?

I was informed that if i opt to login to ssh via the user i created, the only way to do that is to enable password authentication as it cannot work with ssh keys. is this true?

I really hope someone can help me how to use the user i created together with ssh keys so i dont have to enable password authentication when loggin to ssh

View 7 Replies View Related

Disabling Sending Emails Out Of The Customer's Domain

Jul 25, 2009

A customer asked me if it could be possible to disallow certain email accounts to send emails out of the accounts domain. Is there a way to do so with the Exim installation in Cpanel?

View 0 Replies View Related

Disabling 'Allow Anonymous Access' For FTP In New CPanel Accounts

Apr 2, 2008

Everytime a new account is created in WHM/cPanel, the "Allow Annonymous Access for FTP" option is enabled by default. Since this is something I want turned off for all new accounts... does anyone know a way of switching this off globally in cPanel/WHM so that every new account will have this turned off by default?

View 3 Replies View Related

Apache :: Disabling Re-Execution On Fail-Recovery

Jun 4, 2014

At times as I'm developing, due to some coding error in PHP on my part, particularly calling a COM object, the apache server crashes. I'm delighted that it recovers, but in so doing it always tries to rerun the query that crashed it, which just causes another crash, and so on. Is there some way of getting round this, so that it recovers but the problematic code is not rerun?

XP SP3 (still!)
Apache/2.4.3 (Win32) mod_fcgid/2.3.7 PHP/5.4.9
Firefox (Aurora)

View 1 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved