Situation: installed on Centos6.4 this samba4 package
samba4-4.0.1-4.centos6.1.x86_64(wich had the path /usr/share/samba4 /var/lock/samba4,etc)
I use selinux so i put in context
and then
but when i try to start service failed
selinux log said
Someone can help?
Thanks
I am on a fedora core 2.6.9-1.677 i686
which is selinux enabled unlike the version I was on before .. which had to be manually enabled ..and if you knew nothing of the sort you were lost.. that was the case for me anyway! like i was saying ... now I am on a system that is enabled I have just... (1 Reply)
When I installed Fedora 10 I set the option to encrypt my file systems but now I can't open either of my two HDD's. I asks me for my password and gives me three options concerning the "remembering" of my password but when I put the password in nothing happens at all. Any ideas? Thanks. (3 Replies)
Hi,
Has anyone enabled SELinux on Amazon EC2?
I tried to enable SELinux using a CentOS image, and the steps in the following post, but it didn't work!!
Amazon Web Services Developer Community : Has anyone successfully enabled SELinux ...
The steps i took:
1)I started with CentOS 5.3 base... (5 Replies)
Hi All,
Will some one kindly explian below ?
selinux
What is the effect of installing a server using this kickstart option as follows:
selinux --enforcing
and
selinux --disabled (1 Reply)
Hi, I can not start named service:
/etc/init.d/named start
Iniciando named:
Error in named configuration:
zone default.domain/IN: loading from master file /home/admin/conf/dns/default.domain.db failed: permission denied
zone default.domain/IN: not loaded due to errors.... (2 Replies)
Hi,
in /etc/httpd/conf/httpd.conf
#DocumentRoot "/var/www/html"
DocumentRoot "/home/phpmy/html"
when I restarted httpd
# /etc/init.d/httpd restart
Stopping httpd:
Starting httpd: Syntax error on line 293 of /etc/httpd/conf/httpd.conf:... (0 Replies)
I worked all night on creating an RHEL 7 template customized for our private cloud and almost had it ready. While doing the final part, enabling GDM, I made the blunder of disabling SELINUX. Now I am not able to re-enable or put into permissive mode again. Earlier, when this happened on RHEL 6... (3 Replies)
Discussion started by: satish51392111
3 Replies
LEARN ABOUT DEBIAN
selabel_media
selabel_media(5) SELinux API documentation selabel_media(5)NAME
selabel_media - userspace SELinux labeling interface and configuration file format for the media contexts backend.
SYNOPSIS
#include <selinux/label.h>
int selabel_lookup(struct selabel_handle *hnd,
security_context_t *context,
const char *device_name, int unused);
int selabel_lookup_raw(struct selabel_handle *hnd,
security_context_t *context,
const char *device_name, int unused);
DESCRIPTION
The media contexts backend maps from media device names such as "cdrom" or "floppy" into security contexts. It is used to find the appro-
priate context for establishing context mounts on these devices. The returned context must be freed using freecon(3).
selabel_lookup(3) describes the function with its return and error codes.
The integer lookup argument is currently unused and should be set to zero.
Any messages generated by selabel_lookup are sent to stderr by default, although this can be changed by selinux_set_callback(3).
selabel_lookup_raw behaves identically to selabel_lookup but does not perform context translation.
The FILES section details the configuration files used to determine the media context.
OPTIONS
In addition to the global options described in selabel_open(3), this backend recognizes the following options:
SELABEL_OPT_PATH
A non-null value for this option specifies a path to a file that will be opened in lieu of the standard media contexts file.
FILES
The media context file used to retrieve a default context depends on the SELABEL_OPT_PATH parameter passed to selabel_open(3). If NULL,
then the SELABEL_OPT_PATH value will default to the active policy media contexts location (as returned by selinux_media_context_path(3)),
otherwise the actual SELABEL_OPT_PATH value specified is used.
The default media contexts file is:
/etc/selinux/{SELINUXTYPE}/contexts/files/media
Where {SELINUXTYPE} is the entry from the selinux configuration file config (see selinux_config(5)).
Should there not be a valid entry in the media file, then the default removable_context file will be read (see removable_context(5)).
FILE FORMAT
Each line within the media file is as follows:
device_name context
Where:
device_name
The media identifier (e.g. cdrom, floppy, disk and usb).
context
The context to be used for labeling the device.
Example:
# contexts/files/media
cdrom system_u:object_r:removable_device_t
floppy system_u:object_r:removable_device_t
disk system_u:object_r:fixed_disk_device_t
NOTES
If contexts are to be validated, then the global option SELABEL_OPT_VALIDATE must be set before calling selabel_open(3). If this is not
set, then it is possible for an invalid context to be returned.
SEE ALSO selinux(8), selabel_open(3), selabel_lookup(3), selabel_stats(3), selabel_close(3), selinux_set_callback(3), selinux_media_context_path(3),
freecon(3), selinux_config(5), removable_context(5)Security Enhanced Linux 29 Nov 2011 selabel_media(5)