Tag Archives: SELinux

Docker container on RHEL fails to start without error

Recently a Docker container refused to start for me without any hint about why in the OS or Docker container’s logs. It turns out that SELinux jumped in and blocked access without logging its interference. Containers which were running in … Continue reading

Posted in Linux Administration, Security | Tagged , , , | Comments Off on Docker container on RHEL fails to start without error

Manage SELinux boolean policies

Configuring a new service often means dealing with SELinux. The easiest way is most of the time to set an SELinux boolean. But what are SELiunx booleans and what exactly do they do? I will try to shed a little … Continue reading

Posted in Linux Administration, Security | Tagged , , | Comments Off on Manage SELinux boolean policies

Apache document root in users home directory with SELinux

Serving web-content from a user’s home directory allows the user to conveniently upload files. By default, the apache configuration in many Linux distributions assumes content is uploaded to a single directory owned by the webserver’s user, but it might be … Continue reading

Posted in Security, Web technologies | Tagged , , , | Comments Off on Apache document root in users home directory with SELinux

SSH-Key authentication is not working – SELinux

When configuring SSH passwordless login with ssh-key the ssh-key generated and transfered to the server seems to not work when I try to login. Whay is the ssh-key authentication failing? Continue reading

Posted in Linux Administration, Security | Tagged , , | 1 Comment

SELinux allow webserver to send email

When Wordpress tries to send email and you see “your host may have disabled the mail() function” it might be that SELinux is blocking it. Here is how to enable it. Continue reading

Posted in Linux Administration, Security | Tagged , , | Comments Off on SELinux allow webserver to send email

Migrate WordPress site with minimal downtime

Migrating a Wordpress installation from one server to the other sounds like a simple task. Just move the files, copy the database for Wordpress and lets go. But when you start dealing with the DNS entries the whole story gets tricky. Continue reading

Posted in DNS, Security | Tagged , , , | Comments Off on Migrate WordPress site with minimal downtime

Set up apache and the log path with SELinux

Depending on your backup strategy you might run into troubles of backup the entire /etc directory. Running a default installed Apache on CentOS will have the log directory of Apache linked from within the /etc/httpd/ directory. If you backup solution would backup those as well, the backups would contain the logs and get huge. Continue reading

Posted in Linux Administration, Security | Tagged , , | Comments Off on Set up apache and the log path with SELinux

Change SSH port in CentOS with SELinux

Since version 4 of CentOS, SELinux is providing an additional layer of security to the Linux distribution. As of SELinux in combination with sshd, changing the port or even listening on 2 ports is not as easy as just changing the sshd configuration file. Continue reading

Posted in Linux Administration, Security | Tagged , , | Comments Off on Change SSH port in CentOS with SELinux

yum – install package that contains a specific file

When i realised that the program to manage the SELinux rules is called “semanage” i tried to find a package of the same name in the yum repositories. But i could not find it. So i had to find it inside the yum repository. I am happy that yum provides an easy way to find a file that is provided within a package. Continue reading

Posted in Linux Administration, Security | Tagged , , , | Comments Off on yum – install package that contains a specific file