On 11/27/2010 01:53 AM, Eero Volotinen wrote:
2010/11/27 Alisonpenguin@alisoncc.com:
Hi,
total newbie on CentOS. Just firing up an install of 5.5 on a development webserver. Installed Webmin, Awstats, PHPMyAdmin and Drupal successfully. Yet to work on Sendmail and Samba. SELinux in enforcing mode, reporting "SELinux preventing ifconfig (ifconfig_t) "read write" to /var/webminsessiondb.pag (var_t)".
Googled the error message without real success in finding fix - bug reports showing. Question is whether worth pursuing as SELinux is the way of the future. Or is SELinux a good idea that never really made it's way into the sun. Thoughts please.
Just turn selinux off. setenforce "0" works without rebooting server, but /etc/sysconfig/selinux is correct place to finalize setting..
What's with people recommending to turn off SELinux?! That's just bad advice and like recommending people keep their doors unlocked at all times. Really, stop doing that. SELinux is there for a reason.
Afaik Webmin does not have a very good reputation when it comes to security. With that in mind your advice makes Alison's box much more vulnerable.
My advice to Alison is to remove Webmin and use the tools that come with CentOS 5.5. Also make sure that phpMyAdmin can only be accessed from your local LAN, use strong passwords, turn on a tight firewall and do anything else that one should do to keep the bad guys from gaining illegal access to your server.
The NSA has some nice guides how to keep your server secure. The guides are on this page: http://www.nsa.gov/ia/guidance/security_configuration_guides/operating_syste...
Regards, Patrick