I am refering to this particular exmaple that you have provided me.
What is the significance of the numprocs?
If it equals to 1 , why does it show that the script is not running anymore?
I tried a simple csh script below and it doesn;t really work.
When it is sleeping, the name of the script which is "myscriptname" is not reflected during " ps -ef ", it only shows " usr 28951 28941 0 15:00:39 pts/7 0:00 sleep 100 ".
hello !
i am trying to activate my wireless network card on my laptop currently running :
2.6.18-1.2869.fc6 , but an error msg appears "ipw2200 device eth1 does not seem to be present, delaying initialization." the same msg also appears at the start up process, when trying to bring up eth1.
... (4 Replies)
Discussion started by: XinU*
4 Replies
2. Forum Support Area for Unregistered Users & Account Problems
Hi Administrators,
I've registered myself yesterday and have been waiting for my account to be activated. I've followed the instructions in the 'See this if you have an account but cannot post ' thread to request for an activation mail to be sent to my other email address, but still did not... (0 Replies)
Discussion started by: pl_cyber
0 Replies
3. Forum Support Area for Unregistered Users & Account Problems
Hi,
I got the username and activation code to my email id but when i click on the forum link and enter the activation code and username there then , It displays
"We could not activate your account because this web address is not valid. Make sure that you have the entire address from the... (1 Reply)
Discussion started by: MIKU
1 Replies
4. Forum Support Area for Unregistered Users & Account Problems
Hi,
I've been waiting for about 2 hours to receive my activation email but it hasn't arrived yet. I followed the 'resend activation information' link so I'm now expecting 2 activation emails, neither has arrived yet. How long do I expect this to take?
I've tested my email account from other... (2 Replies)
Discussion started by: cambridge
2 Replies
8. Forum Support Area for Unregistered Users & Account Problems
I received the email describing how to acivate my new account (I'm using Outlook 2007). I tried clicking the URL given and was told "invalid web address". I tried copying and pasting both URL's - "invalid web address. Lastly, I tried typing in the URL - "invalid web address". There were no spaces... (1 Reply)
hi everyone I'm newbie in this forum hope I can get some help here :)
I have a command in crontab that executed every 1 minute
sometime this command need more than 1 minute to finish
the problem is, the crontab execute this command although it's not finish processing yet and causing the system... (7 Replies)
Discussion started by: 2j4h
7 Replies
10. Forum Support Area for Unregistered Users & Account Problems
Hi...
I got my account created and after activation I'm not able to create new posts or start a new thread. Can you help on how to start a new thread?
Thanks. (1 Reply)
Discussion started by: Bang3095
1 Replies
LEARN ABOUT CENTOS
cronjob_selinux
cronjob_selinux(8) SELinux Policy cronjob cronjob_selinux(8)NAME
cronjob_selinux - Security Enhanced Linux Policy for the cronjob processes
DESCRIPTION
Security-Enhanced Linux secures the cronjob processes via flexible mandatory access control.
The cronjob processes execute with the cronjob_t SELinux type. You can check if you have these processes running by executing the ps com-
mand with the -Z qualifier.
For example:
ps -eZ | grep cronjob_t
ENTRYPOINTS
The cronjob_t SELinux type can be entered via the user_cron_spool_t, shell_exec_t file types.
The default entrypoint paths for the cronjob_t domain are the following:
/var/spool/at(/.*)?, /var/spool/cron, /bin/d?ash, /bin/zsh.*, /bin/ksh.*, /usr/bin/d?ash, /usr/bin/zsh.*, /usr/bin/ksh.*, /bin/esh,
/bin/mksh, /bin/sash, /bin/tcsh, /bin/yash, /bin/bash, /bin/fish, /bin/bash2, /usr/bin/esh, /usr/bin/sash, /usr/bin/tcsh, /usr/bin/yash,
/usr/bin/fish, /usr/bin/mksh, /usr/bin/bash, /sbin/nologin, /usr/sbin/sesh, /usr/bin/bash2, /usr/sbin/smrsh, /usr/bin/scponly,
/usr/sbin/nologin, /usr/libexec/sesh, /usr/sbin/scponlyc, /usr/bin/git-shell, /usr/libexec/git-core/git-shell
PROCESS TYPES
SELinux defines process types (domains) for each process running on the system
You can see the context of a process using the -Z option to ps
Policy governs the access confined processes have to files. SELinux cronjob policy is very flexible allowing users to setup their cronjob
processes in as secure a method as possible.
The following process types are defined for cronjob:
cronjob_t
Note: semanage permissive -a cronjob_t can be used to make the process type cronjob_t permissive. SELinux does not deny access to permis-
sive process types, but the AVC (SELinux denials) messages are still generated.
BOOLEANS
SELinux policy is customizable based on least access required. cronjob policy is extremely flexible and has several booleans that allow
you to manipulate the policy and run cronjob with the tightest access possible.
If you want to deny any process from ptracing or debugging any other processes, you must turn on the deny_ptrace boolean. Enabled by
default.
setsebool -P deny_ptrace 1
If you want to allow all domains to use other domains file descriptors, you must turn on the domain_fd_use boolean. Enabled by default.
setsebool -P domain_fd_use 1
If you want to allow all domains to have the kernel load modules, you must turn on the domain_kernel_load_modules boolean. Disabled by
default.
setsebool -P domain_kernel_load_modules 1
If you want to allow all domains to execute in fips_mode, you must turn on the fips_mode boolean. Enabled by default.
setsebool -P fips_mode 1
If you want to enable reading of urandom for all domains, you must turn on the global_ssp boolean. Disabled by default.
setsebool -P global_ssp 1
If you want to allow system to run with NIS, you must turn on the nis_enabled boolean. Disabled by default.
setsebool -P nis_enabled 1
MANAGED FILES
The SELinux process type cronjob_t can manage files labeled with the following file types. The paths listed are the default paths for
these file types. Note the processes UID still need to have DAC permissions.
user_home_t
/home/[^/]*/.+
user_tmp_t
/var/run/user(/.*)?
/tmp/hsperfdata_root
/var/tmp/hsperfdata_root
/tmp/gconfd-.*
COMMANDS
semanage fcontext can also be used to manipulate default file context mappings.
semanage permissive can also be used to manipulate whether or not a process type is permissive.
semanage module can also be used to enable/disable/install/remove policy modules.
semanage boolean can also be used to manipulate the booleans
system-config-selinux is a GUI tool available to customize SELinux policy settings.
AUTHOR
This manual page was auto-generated using sepolicy manpage .
SEE ALSO selinux(8), cronjob(8), semanage(8), restorecon(8), chcon(1), sepolicy(8) , setsebool(8)cronjob 14-06-10 cronjob_selinux(8)