Anybody understand SELinux?
Jason Azze
jason at azze.org
Fri Dec 23 21:17:07 UTC 2016
My SELinux is very rusty.
To find your current SELinux setting:
getenforce
To set it to Permissive mode in order to use Achim's suggestion for
log checking:
setenforce Permissive
This change won't persist across reboots.
To change the context of the file, try:
chcon -t system_u ntp.conf
It's at this point that I usually give up and disable SELinux. :-)
On Fri, Dec 23, 2016 at 2:59 PM, Hal Murray <hmurray at megapathdsl.net> wrote:
>
> Stromeko at Nexgo.DE said:
>> From what you've been showing I think the config file needs to be in the
>> system_u context in order for logrotate to not pick up any files that may
>> have been dropped into the directory maliciously.
>
> Thanks. That sounds right, but what do I type to make it happen? The whole
> area of files having a security context (I think that's the right term) is
> something I don't know anything about. Is there a HOWTO type document for
> things like this?
>
> I want to put a comment in the top of the file that says roughly:
>
> if you run SELinux, you need to do:
> what goes here?
> For more info see xxx
>
>
> --
> These are my opinions. I hate spam.
>
>
>
> _______________________________________________
> devel mailing list
> devel at ntpsec.org
> http://lists.ntpsec.org/mailman/listinfo/devel
More information about the devel
mailing list