Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: SE Linux write permission denied
Operating Systems Linux Red Hat SE Linux write permission denied Post 302957714 by fpmurphy on Wednesday 14th of October 2015 07:26:24 AM
Old 10-14-2015
You can remove the SELINUX context for these files using
Code:
semanage fcontext -d

Read up about this command before using it.
 

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

permission denied??

i'm trying to set up my internet connection and i was told i need to edit the file /etc/ppp/pap-secrets but i get a permission denied message...why?? (6 Replies)
Discussion started by: justchillin
6 Replies

2. UNIX for Dummies Questions & Answers

Permission Denied

I just started computer science at UW Milwaukee. When I access the university Solaris system from PuTTY, I get permission denied when I try to access the file I wrote. Now I really have no idea what I'm doing, I just don't understand why I get permission denied in my won directory. Thank You ... (0 Replies)
Discussion started by: howeezy
0 Replies

3. UNIX for Advanced & Expert Users

Permission denied

Hi, I can not execute a .env file $ . /Data/oracle/d03/mydbora/8.0.6/MYDB.env -bash: /Data/oracle/d03/mydbora/8.0.6/MYDB.env: Permission denied Even if : -rwxrwxrwx 1 oracle dba 2903 Mar 5 2007 /Data/oracle/d03/mydbora/8.0.6/MYDB.env Please help. Many thanks. (1 Reply)
Discussion started by: big123456
1 Replies

4. UNIX for Dummies Questions & Answers

Why do I keep getting .:Permission denied?

I'll start off by saying that I know very little about Unix - however, I do know that I have a .profile file in my home directory, and that I should be able to invoke it by typing . profile. However, when I do this for ANY .filename, I get ".: Permission denied". I'm pretty sure that there is... (12 Replies)
Discussion started by: bbersani
12 Replies

5. UNIX for Dummies Questions & Answers

Permission denied

I would like to copy data from local mechine to cluster. Basically, I typed scp -r DVD/ acount@cluster:/ it shows Permission denied. Could anyone please give me a clue to write permission on cluster, please? The poperty of where on cluster I'd like to put is drwxr-xr-x Any idea would... (1 Reply)
Discussion started by: su_in99
1 Replies

6. Red Hat

Permission denied

Hi guys im new to this db i have a small prob while installing websphereportal6.1i think i was installed succesfully but the error im getting is while starting server. check this out # ./serverStatus.sh -all Error loading: /usr/wps61/AppServer/java/jre/bin/classic/libjvm.so: cannot... (1 Reply)
Discussion started by: varma917989
1 Replies

7. Shell Programming and Scripting

Permission denied

I created a user so that when he logs in he will be directed to a menu /etc/passwd user1:x:115:1:Support -SysAd:/export/home/user1:/export/home/suppotrmenu/script.sh However when I logged in remotely from another server by ssh user1@1.1.1.1 , it saysexport/home/suppotrmenu/script.sh:... (4 Replies)
Discussion started by: lhareigh890
4 Replies

8. Linux

Showing "permission denied" when trying to login in - Montavista Linux

Hello friends, I have scratched my system and after that when I am trying to access the console via root login it's failing with an error message of "permission denied". I am able to access the other login, I am having only problem with root and some other user login. I am using an telnet... (2 Replies)
Discussion started by: sanoop
2 Replies

9. UNIX for Advanced & Expert Users

Showing "permission denied" when trying to login in - Montavista Linux

Hello friends, I have scratched my system and after that when I am trying to access the console via root login it's failing with an error message of "permission denied". I am able to access the other login, I am having only problem with root and some other user login. I am using an telnet... (7 Replies)
Discussion started by: sanoop
7 Replies

10. UNIX for Beginners Questions & Answers

Linux sftp — how to add new user to access exist directory with write permission?

I have built a website and I can access and edit the website'files on server via the root user. The current file and directory structures are not changeable. Now I am hiring a webpage designer to help me re-design some pages, I am going to let the designer edit the files directly on the server. So... (5 Replies)
Discussion started by: uwo-g-xw
5 Replies

LEARN ABOUT CENTOS

dmidecode_selinux

dmidecode_selinux(8)					     SELinux Policy dmidecode					      dmidecode_selinux(8)

NAME

       dmidecode_selinux - Security Enhanced Linux Policy for the dmidecode processes

DESCRIPTION

       Security-Enhanced Linux secures the dmidecode processes via flexible mandatory access control.

       The  dmidecode  processes  execute with the dmidecode_t SELinux type. You can check if you have these processes running by executing the ps
       command with the -Z qualifier.

       For example:

       ps -eZ | grep dmidecode_t

ENTRYPOINTS

       The dmidecode_t SELinux type can be entered via the dmidecode_exec_t file type.

       The default entrypoint paths for the dmidecode_t domain are the following:

       /usr/sbin/dmidecode, /usr/sbin/ownership, /usr/sbin/vpddecode, /usr/sbin/biosdecode

PROCESS TYPES

       SELinux defines process types (domains) for each process running on the system

       You can see the context of a process using the -Z option to ps

       Policy governs the access confined processes have to files.  SELinux dmidecode policy is very flexible allowing users to setup their dmide-
       code processes in as secure a method as possible.

       The following process types are defined for dmidecode:

       dmidecode_t

       Note:  semanage permissive -a dmidecode_t can be used to make the process type dmidecode_t permissive. SELinux does not deny access to per-
       missive process types, but the AVC (SELinux denials) messages are still generated.

BOOLEANS

       SELinux policy is customizable based on least access required.  dmidecode policy is extremely flexible and has several booleans that  allow
       you to manipulate the policy and run dmidecode with the tightest access possible.

       If  you	want  to  deny	any  process  from ptracing or debugging any other processes, you must turn on the deny_ptrace boolean. Enabled by
       default.

       setsebool -P deny_ptrace 1

       If you want to allow all domains to use other domains file descriptors, you must turn on the domain_fd_use boolean. Enabled by default.

       setsebool -P domain_fd_use 1

       If you want to allow all domains to have the kernel load modules, you must turn on  the	domain_kernel_load_modules  boolean.  Disabled	by
       default.

       setsebool -P domain_kernel_load_modules 1

       If you want to allow all domains to execute in fips_mode, you must turn on the fips_mode boolean. Enabled by default.

       setsebool -P fips_mode 1

       If you want to enable reading of urandom for all domains, you must turn on the global_ssp boolean. Disabled by default.

       setsebool -P global_ssp 1

FILE CONTEXTS

       SELinux requires files to have an extended attribute to define the file type.

       You can see the context of a file using the -Z option to ls

       Policy  governs the access confined processes have to these files.  SELinux dmidecode policy is very flexible allowing users to setup their
       dmidecode processes in as secure a method as possible.

       STANDARD FILE CONTEXT

       SELinux defines the file context types for the dmidecode, if you wanted to store files with these types in a diffent  paths,  you  need	to
       execute the semanage command to sepecify alternate labeling and then use restorecon to put the labels on disk.

       semanage fcontext -a -t dmidecode_exec_t '/srv/dmidecode/content(/.*)?'
       restorecon -R -v /srv/mydmidecode_content

       Note: SELinux often uses regular expressions to specify labels that match multiple files.

       The following file types are defined for dmidecode:

       dmidecode_exec_t

       - Set files with the dmidecode_exec_t type, if you want to transition an executable to the dmidecode_t domain.

       Paths:
	    /usr/sbin/dmidecode, /usr/sbin/ownership, /usr/sbin/vpddecode, /usr/sbin/biosdecode

       Note:  File context can be temporarily modified with the chcon command.	If you want to permanently change the file context you need to use
       the semanage fcontext command.  This will modify the SELinux labeling database.	You will need to use restorecon to apply the labels.

COMMANDS

       semanage fcontext can also be used to manipulate default file context mappings.

       semanage permissive can also be used to manipulate whether or not a process type is permissive.

       semanage module can also be used to enable/disable/install/remove policy modules.

       semanage boolean can also be used to manipulate the booleans

       system-config-selinux is a GUI tool available to customize SELinux policy settings.

AUTHOR

       This manual page was auto-generated using sepolicy manpage .

SEE ALSO

       selinux(8), dmidecode(8), semanage(8), restorecon(8), chcon(1), sepolicy(8) , setsebool(8)

dmidecode							     14-06-10						      dmidecode_selinux(8)
All times are GMT -4. The time now is 10:09 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy