Cheat Sheet

Sunday, April 2, 2017

Working CentOS with SeLinux and hugetlbfs

0 comments
Recently i got this:

type=AVC msg=audit(1490657751.072:24243): avc:  denied  { write } for  pid=26274 comm="httpd" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=8360015 scontext=system_u:system_r:httpd_t:s0 tcontext=system_u:object_r:hugetlbfs_t:s0 tclass=file

One way to correct it, is like this:
setsebool -P httpd_execmem 1

grep hugetlbfs /var/log/audit/audit.log | audit2allow -M hugetlbfs
semodule -i hugetlbfs.pp


Posted by
0 comments

Postgresql generate series

0 comments 
SELECT to_char(d.serie, 'Mon-YYYY'), count(r.report_kes_id) FROM 
(SELECT serie, extract(year FROM serie) as tahun , extract(Month FROM serie) as bulan FROM generate_series(date '2013-01-01', date '2015-12-31' , interval '1 month') serie) d
LEFT JOIN  rekod.dadah_klien r ON r.tarikhperintah = d.tahun AND r.bulan_ks = d.bulan 
   GROUP BY d.serie ORDER BY d.serie

Posted by
0 comments

SELinux for HTTPD outside /var/www/,..

0 comments
Check with:
sudo ls -Z /opt/lampp/

Install semanage
sudo yum install policycoreutils-python

Set label and reset directories/files label
sudo semanage fcontext -a -t httpd_sys_script_exec_t "/opt/lampp/htdocs(/.*)?"
sudo restorecon -rv "/opt/lampp/htdocs"

Posted by
0 comments
Subscribe to: Posts (Atom)