11
Frage zu SELinux
Hallo,
ich verwende Ubuntu 14.04.2 und SELinux ist installiert. Ich möchte gern diese Anleitung durchführen.
Wenn ich aber den Befehl
ausführe, kommt diese Fehlermeldung:
Frage: Muss man irgendetwas konfigurieren oder nachinstallieren?
ich verwende Ubuntu 14.04.2 und SELinux ist installiert. Ich möchte gern diese Anleitung durchführen.
Wenn ich aber den Befehl
setsebool -P httpd_can_network_connect=1ausführe, kommt diese Fehlermeldung:
Boolean httpd_can_network_connect is not defined
Frage: Muss man irgendetwas konfigurieren oder nachinstallieren?
Share on Facebook
Share on Twitter
Share on Reddit
Share on LinkedinPlease also mark the comments that contributed to the solution of the article
Content-Key: 314258
Url: https://administrator.de/contentid/314258
Printed on: April 19, 2024 at 13:04 o'clock
11 Comments
Latest comment
Moin,
teste erstmal mit folgendem Befehl welche Variablen unter Ubuntu dafür überhaupt existieren:
Unter CentOS gibt es die Variable "httpd_can_network_connect" definitiv und diese ist per default auf "on".
Außerdem solltest du mal auf 14.04.5 upgraden
VG
Val
teste erstmal mit folgendem Befehl welche Variablen unter Ubuntu dafür überhaupt existieren:
getsebool -a | grep httpUnter CentOS gibt es die Variable "httpd_can_network_connect" definitiv und diese ist per default auf "on".
Außerdem solltest du mal auf 14.04.5 upgraden
VG
Val
Ergebnis:
Also nichts...
Sorry, war ein Tippfehler. Ich habe tatsächlich die Version 14.04.5.
root@xxx:# getsebool -a | grep http
root@xxx:#Also nichts...
Außerdem solltest du mal auf 14.04.5 upgraden
Sorry, war ein Tippfehler. Ich habe tatsächlich die Version 14.04.5.
ok eher schlecht
https://wiki.ubuntu.com/SELinux
Da Ubuntu auf AppArmor vertraut wird Selinux wohl nicht mehr wirklich gepflegt.
https://wiki.ubuntu.com/SELinux
Da Ubuntu auf AppArmor vertraut wird Selinux wohl nicht mehr wirklich gepflegt.
Es ist schon installiert... Deshalb war ja meine Frage, ob ich noch was konfigurieren muss.
Hi,
you did not install the default policies for the most common daemons
https://wiki.debian.org/SELinux/Setup
But I would never use SELinux on "Ubuntu"...whooaa this sends cold shivers up and down my spine.
Get a secure distribution wich is based on RedHat!
It seems you don't know what you are doing there and why -> very bad combination.
Regards
you did not install the default policies for the most common daemons
https://wiki.debian.org/SELinux/Setup
But I would never use SELinux on "Ubuntu"...whooaa this sends cold shivers up and down my spine.
Get a secure distribution wich is based on RedHat!
It seems you don't know what you are doing there and why -> very bad combination.
Regards
you did not install the default policies for the most common daemons
Now it's installed and I still get the error that something isn't defined.
But I would never use SELinux on "Ubuntu"
Why?
It's not actively maintained anymore, and there are other security flaws around, you can read many of them on the web.
Ubuntu is not a good choice hosting internet facing websites, if it comes to security. Ubuntu is the beginners choice, but not the pro's.
http://www.serverlab.ca/tutorials/linux/web-servers-linux/configuring-s ...
And don't use the equal sign between variable and boolean value.
Ubuntu is not a good choice hosting internet facing websites, if it comes to security. Ubuntu is the beginners choice, but not the pro's.
something isn't defined
If the apache policies are not installed you won't get this variable, should be clear.http://www.serverlab.ca/tutorials/linux/web-servers-linux/configuring-s ...
And don't use the equal sign between variable and boolean value.
I use Ubuntu and I will still use it, because it doesn't have any internet services like hosting websites and such. It's only for monitoring. Plus, i'm not a Linux pro.
Therefore it would be nice if there's a possibility to solve the SELinux problem on Ubuntu.
When I tried to install this package, I got this message:
Now I don't know what to do to be able to define the missing policy "httpd_can_network_connect".
Therefore it would be nice if there's a possibility to solve the SELinux problem on Ubuntu.
When I tried to install this package, I got this message:
policycoreutils (version 2.2.5-1) is already installed
Now I don't know what to do to be able to define the missing policy "httpd_can_network_connect".
Ubuntu uses Apparmor, it's definitely not recommended to run SELinux on it, so don't do it if you use ubuntu!! You will run into a mess of problems. Trust me. I already developed some linux drivers, i know what i'm talking about...
btw. you don't need SELinux to solve your problem, if you have the problem of your posted link! This is only for RedHat like systems where SELinux and these labels are installed by default. This will not work on ubuntu.
If you want to additionally secure your environment in Ubuntu use Apparmor.
If you want to additionally secure your environment in Ubuntu use Apparmor.
Zitat von @129813:
Ubuntu uses Apparmor, it's definitely not recommended to run SELinux on it, so don't do it if you use ubuntu!! You will run into a mess of problems.
Dem kann man nur absolut zustimmen.Ubuntu uses Apparmor, it's definitely not recommended to run SELinux on it, so don't do it if you use ubuntu!! You will run into a mess of problems.
Lass die Finger davon. Als Anfänger wirst du damit nicht fertig, vor allem wenn's hinterher ans Updaten geht bekommst du richtig Probleme.
Grüße Uwe
