Selinux on It's a Binary World 2.0

Attempting a podman play on another VM

Mon, 11 Nov 2019 06:06:53 +0000

The podman saga continues. The podman equivalent of a docker-compose.yml can be created from a pod with the following command:

podman generate kube (name of pod) > (filename).yaml

So I did that with the pod that I’d created with an SELinux context. Now it was time to try it on another Fedora 31 VM to see if it would work. To be on the safe side, I started off creating the phpIPAM folder, chowning it to nobody and chmoding it to 777.

Full post

SELinux and Podman

Sun, 10 Nov 2019 05:18:15 +0000

Last time I messed around with Podman, I finally got things working and had what I think was a pretty good understanding of how to go forward. But in order to get things working, I’d had to turn off SELinux. Now it was time to see what I had to do to make Podman work with SELinux. I’ve got some ideas based on some Googling and might also need to try a program called udica to create the right contexts.

Full post

Fedora Print Debugging Tip

Wed, 19 Aug 2015 01:38:01 +0000

I was having trouble printing and couldn’t figure out what was going on. I tried everything, including reinstalling the printer and reinstalling the driver. I was getting a misleading “you are using the wrong driver” message. Turns out SELinux was to blame! I happened to check dmesg and see some audit messages. Then I did a

setenforce 0

to turn it off and printing worked. I tried some restorecons on some directories, but I don’t think that fixed it. What I think fixed it was going into the policycoreutils gui and checking as active the cups module “Allow cups execmem/execstack.” Obviously, I turned setenforce back on after checking the box.

Full post