Stack Overflow
Stack Overflow

Questions tagged [selinux]

NSA Security-Enhanced Linux (SELinux) is an implementation of a flexible mandatory access control architecture in the Linux operating system.

Security-Enhanced Linux (selinux) is a National Security Agency research project to modify the Linux kernel with enhanced security-related functions, including mandatory access control. This tag is also appropriate for questions about SEAndroid, NSA's adaptation of SELinux to the Android platform.

675 questions
71
votes
10 answers

Attempt to write a readonly database - Django w/ SELinux error

I have a CentOS server on which I have Apache, Django, Django CMS and mod_wsgi. My Django project files are stored in the /srv directory and I have SELinux turned on for security reasons. I've managed to successfully integrate Django-CMS into…
noblerare
  • 10,277
  • 23
  • 78
  • 140
42
votes
8 answers

How to solve "Kernel panic - not syncing - Attempted to kill init" -- without erasing any user data

I was trying to update libc in our Ubuntu server but it failed and now when I reboot the server I get a error message: Kernel panic - not syncing - Attempted to kill init! and it just hangs. What is the solution to this problem? The server is…
Slayer
  • 2,391
  • 4
  • 21
  • 18
39
votes
15 answers

PHP's configuration setting 'error_log' is not working

What am I doing wrong here? I have error_log set in the .ini file along with error_reporting = E_ALL | E_STRICT. What else am I missing? This usually gave it to me. I want this set in the .ini file and not in my scripts. Another interesting thing…
Jim
  • 411
  • 1
  • 4
  • 6
24
votes
3 answers

mod_wsgi: ImportError: No module named 'encodings'

I'm using Apache 2.2.15 on CentOS 6.5. I'm trying to set up a Django app using mod_wsgi. I'm using a virtual environment, and mod_wsgi was configured with --with-python=/path/to/virtualenv/bin/python3.4. I've added this to my…
tao_oat
  • 1,011
  • 1
  • 15
  • 33
22
votes
1 answer

Troubleshooting "Permission denied" when attempting to connect to Redis from PHP script

Port 6379 is open on the server, and I can successfully run telnet localhost 6379 in SSH. I tried both Predis/phpredis client library in PHP, but it still does not work: Predis gives "Permission denied" error when opening socket to 6379. phpredis…
lordlinier
  • 941
  • 1
  • 7
  • 9
22
votes
7 answers

phpMyAdmin + CentOS 6.0 - Forbidden

I always get this message when I would like access my phpMyAdmin. w3m localhost/phpmyadmin Forbidden You don't have permission to access /phpmyadmin/ on this server. Apache/2.2.15 (CentOS) Server at localhost Port 80 Install steps: rpm --import…
Philippxp
  • 367
  • 2
  • 6
  • 16
22
votes
4 answers

proxy_pass isn't working when SELinux is enabled, why?

I'm having an application listening on port 8081 and Nginx running on port 8080. The proxy pass statement looks like: $ cat /var/etc/opt/lj/output/services/abc.servicemanager.conf location /api/abc.servicemanager/1.0 { proxy_pass …
Vijay Shankar Kalyanaraman
  • 917
  • 3
  • 9
  • 16
22
votes
6 answers

Temporary disable or modify SELinux on Android

I'm the developer on a root-app for Android. Sadly now on some devices/ROMs there is SELinux in enforce-mode and prevents some actions of my app. Because this is a root-app, the users are granting me root-access! Now, SELinux is blocking some of my…
Martin L.
  • 3,006
  • 6
  • 36
  • 60
19
votes
15 answers

Do you disable SELinux?

I want to know if people here typically disable SELinux on installations where it is on by default? If so can you explain why, what kind of system it was, etc? I'd like to get as many opinions on this as possible.
manicmethod
  • 886
  • 1
  • 8
  • 13
19
votes
2 answers

Can ansible fetch updated facts in middle of a playbook?

I'm having trouble running a full playbook because some of the facts later plays depend on are modified in earlier plays, but ansible doesn't update facts mid-run. Running ansible somehost -m setup when the whole playbook starts against a new…
xref
  • 1,707
  • 5
  • 19
  • 41
17
votes
5 answers

Android Emulator (AVD) fails to boot in MacOS

My android emulator fails to boot when the target platform is Level 26 (Android 8.0.0) or higher. The emulator just shows a black screen while the emulator process is constantly running at approx. 100% CPU. Note that level 25 and lower work…
Kris Van Bael
  • 2,842
  • 1
  • 18
  • 19
17
votes
3 answers

How to set SELinux to 0 or permissive mode in android 4.4.4 and above?

I want to set the SELinux (Security Enhanced Linux) mode to Permissive or (0) on android 4.4.4 (and above if possible). I use the following command: setenforce 0, setenforce permissive and setenforce Permissive under root (my device is rooted). But…
Vu Tran
  • 175
  • 1
  • 1
  • 6
15
votes
1 answer

Systemd Service for jar file gets "operation timed out" error after few minues or stay in "activating mode"

the service unit is: [Unit] Description=test After=syslog.target After=network.target [Service] Type=forking ExecStart=/bin/java -jar /home/ec2-user/test.jar TimeoutSec=300 [Install] WantedBy=multi-user.target it starts fine for 1-4 minues. But…
user3674227
  • 151
  • 1
  • 1
  • 6
14
votes
2 answers

Configuring SELinux permissions on (SVS-V) IPC Semaphores

I have a bunch of programs which use IPC Semaphores to interact (semget). One of the programs is an Apache module, which runs in (some sort of) restricted SELinux context (which I don't understand too well). The module is capable of interacting…
Brad
  • 11,262
  • 8
  • 55
  • 74
14
votes
1 answer

What is the meaning of "avc: denied { read } for name..." line in logcat?

I am wondering about avc: denied messages in my logcat. W/RenderThread: type=1400 audit(0.0:631436): avc: denied { read } for name="perf_ioctl" dev="proc" ino=4026533695 scontext=u:r:untrusted_app_25:s0:c512,c768 tcontext=u:object_r:proc:s0…
anika
  • 153
  • 1
  • 2
  • 6
1
2 3
44 45