hi all,
with minimal installation on centos 5, selinux also included. how do i remove selinux or disable it at least?
t. hiep
On Tue, 4 Mar 2008, Tom Brown wrote:
with minimal installation on centos 5, selinux also included. how do i remove selinux or disable it at least?
cat /etc/sysconfig/selinux
you'll figure it out from there!
what command i can issue to enforce the change w/o reboot the box.
thanks. t. hiep
On Tue, Mar 4, 2008 at 3:29 PM, Hiep Nguyen hiep@ee.ucr.edu wrote:
On Tue, 4 Mar 2008, Tom Brown wrote:
with minimal installation on centos 5, selinux also included. how do i remove selinux or disable it at least?
cat /etc/sysconfig/selinux
you'll figure it out from there!
what command i can issue to enforce the change w/o reboot the box.
setenforce 0
On Tue, 4 Mar 2008 09:29:34 -0800 (PST) Hiep Nguyen hiep@ee.ucr.edu took out a #2 pencil and scribbled:
On Tue, 4 Mar 2008, Tom Brown wrote:
with minimal installation on centos 5, selinux also included. how do i remove selinux or disable it at least?
cat /etc/sysconfig/selinux
you'll figure it out from there!
what command i can issue to enforce the change w/o reboot the box.
thanks. t. hiep
man setenforce
Are you sure you really want to turn off selinux?
If you reboot, unless you change /etc/sysconfig/selinux, your machine will have selinux re-enabled.
Sincerely,
Alex White
On Tue, 4 Mar 2008, Alex White wrote:
On Tue, 4 Mar 2008 09:29:34 -0800 (PST) Hiep Nguyen hiep@ee.ucr.edu took out a #2 pencil and scribbled:
On Tue, 4 Mar 2008, Tom Brown wrote:
with minimal installation on centos 5, selinux also included. how do i remove selinux or disable it at least?
cat /etc/sysconfig/selinux
you'll figure it out from there!
what command i can issue to enforce the change w/o reboot the box.
thanks. t. hiep
man setenforce
Are you sure you really want to turn off selinux?
If you reboot, unless you change /etc/sysconfig/selinux, your machine will have selinux re-enabled.
for testing, i need to disable selinux, but something still not working right.
i'm trying to figure out why i can't access http://10.0.0.160 from the same network (10.0.0.x).
on 10.0.0.160 box, i can access http://localhost, or http://10.0.0.160, but from any other computer, i can't.
any advice how to troubleshoot this? thanks.
t. hiep
<snip>
for testing, i need to disable selinux, but something still not working right.
i'm trying to figure out why i can't access http://10.0.0.160 from the same network (10.0.0.x).
on 10.0.0.160 box, i can access http://localhost, or http://10.0.0.160, but from any other computer, i can't.
any advice how to troubleshoot this? thanks.
The port could be being blocked by iptables. Try #service iptables stop
t. hiep _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
On Tue, 4 Mar 2008, Dan Carl wrote:
<snip> > > for testing, i need to disable selinux, but something still not working > right. > > i'm trying to figure out why i can't access http://10.0.0.160 from the > same network (10.0.0.x). > > on 10.0.0.160 box, i can access http://localhost, or http://10.0.0.160, > but from any other computer, i can't. > > any advice how to troubleshoot this? thanks.
The port could be being blocked by iptables. Try #service iptables stop
you're exactly right, but i thought minimal installation doesn't include such. anyway, if i restart iptables service, what need to be done to iptables?
thanks, t. hiep
On Tue, 4 Mar 2008 11:11:22 -0800 (PST) Hiep Nguyen hiep@ee.ucr.edu took out a #2 pencil and scribbled:
On Tue, 4 Mar 2008, Dan Carl wrote:
<snip> > > for testing, i need to disable selinux, but something still > not working right. > > i'm trying to figure out why i can't access http://10.0.0.160 > from the same network (10.0.0.x). > > on 10.0.0.160 box, i can access http://localhost, or > http://10.0.0.160, but from any other computer, i can't. > > any advice how to troubleshoot this? thanks.
The port could be being blocked by iptables. Try #service iptables stop
you're exactly right, but i thought minimal installation doesn't include such. anyway, if i restart iptables service, what need to be done to iptables?
thanks, t. hiep
Also, are you simply getting a time out or a connection refused error? It sounds, as has been stated before, like an iptables issue.
If you're getting some other error it would be excellent to know what that error is. Are you seeing any errors in the /var/log/httpd/error_log or in /var/log/messages?
I'd think though that it's just iptables blocking the port.
Sincerely,
Alex White
On Tue, Mar 04, 2008 at 10:51:57AM -0800, Hiep Nguyen enlightened us:
On Tue, 4 Mar 2008 09:29:34 -0800 (PST)
Nguyen hiep@ee.ucr.edu took out a #2 pencil and scribbled:
On Tue, 4 Mar 2008, Tom Brown wrote:
with minimal installation on centos 5, selinux also included. how do i remove selinux or disable it at least?
cat /etc/sysconfig/selinux
you'll figure it out from there!
what command i can issue to enforce the change w/o reboot the box.
thanks. t. hiep
man setenforce
Are you sure you really want to turn off selinux?
If you reboot, unless you change /etc/sysconfig/selinux, your machine will have selinux re-enabled.
for testing, i need to disable selinux, but something still not working right.
i'm trying to figure out why i can't access http://10.0.0.160 from the same network (10.0.0.x).
on 10.0.0.160 box, i can access http://localhost, or http://10.0.0.160, but from any other computer, i can't.
any advice how to troubleshoot this? thanks.
As was suggested earlier, it sounds like a firewall issue. You should check your firewall settings. If you don't know how to do that, I'm sure it's in the guide I pointed you to yesterday.
Matt
Hiep Nguyen wrote:
On Tue, 4 Mar 2008, Alex White wrote:
On Tue, 4 Mar 2008, Hiep Nguyen wrote:
On Tue, 4 Mar 2008, Tom Brown wrote:
with minimal installation on centos 5, selinux also included. how do i remove selinux or disable it at least?
cat /etc/sysconfig/selinux
you'll figure it out from there!
what command i can issue to enforce the change w/o reboot the box.
man setenforce
Are you sure you really want to turn off selinux?
If you reboot, unless you change /etc/sysconfig/selinux, your machine will have selinux re-enabled.
for testing, i need to disable selinux, but something still not working right.
i'm trying to figure out why i can't access http://10.0.0.160 from the same network (10.0.0.x).
on 10.0.0.160 box, i can access http://localhost, or http://10.0.0.160, but from any other computer, i can't.
any advice how to troubleshoot this? thanks.
Try disabling iptables and see if you can then access it:
# service iptables stop
Then you know it's iptables, and can add an iptables entry for apache:
# service iptables start # iptables -I RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT # iptables -I RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 443 -j ACCEPT # iptables-save >/etc/sysconfig/iptables
Or do so graphically through /usr/bin/system-config-securitylevel
Or disable iptables all together (if behind a firewall) with:
# chkconfig iptables off
-Ross
______________________________________________________________________ This e-mail, and any attachments thereto, is intended only for use by the addressee(s) named herein and may contain legally privileged and/or confidential information. If you are not the intended recipient of this e-mail, you are hereby notified that any dissemination, distribution or copying of this e-mail, and any attachments thereto, is strictly prohibited. If you have received this e-mail in error, please immediately notify the sender and permanently delete the original and any copy or printout thereof.
thanks. i may well do that b/c i'm behind firewall anyway. also, i'm not ready to tackle iptables at this time.
t. hiep
Hiep Nguyen wrote:
On Tue, 4 Mar 2008, Alex White wrote:
On Tue, 4 Mar 2008, Hiep Nguyen wrote:
On Tue, 4 Mar 2008, Tom Brown wrote:
with minimal installation on centos 5, selinux also included. how do i remove selinux or disable it at least?
cat /etc/sysconfig/selinux
you'll figure it out from there!
what command i can issue to enforce the change w/o reboot the box.
man setenforce
Are you sure you really want to turn off selinux?
If you reboot, unless you change /etc/sysconfig/selinux, your machine will have selinux re-enabled.
for testing, i need to disable selinux, but something still not working right.
i'm trying to figure out why i can't access http://10.0.0.160 from the same network (10.0.0.x).
on 10.0.0.160 box, i can access http://localhost, or http://10.0.0.160, but from any other computer, i can't.
any advice how to troubleshoot this? thanks.
Try disabling iptables and see if you can then access it:
# service iptables stop
Then you know it's iptables, and can add an iptables entry for apache:
# service iptables start # iptables -I RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT # iptables -I RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 443 -j ACCEPT # iptables-save >/etc/sysconfig/iptables
Or do so graphically through /usr/bin/system-config-securitylevel
Or disable iptables all together (if behind a firewall) with:
# chkconfig iptables off
-Ross
______________________________________________________________________ This e-mail, and any attachments thereto, is intended only for use by the addressee(s) named herein and may contain legally privileged and/or confidential information. If you are not the intended recipient of this e-mail, you are hereby notified that any dissemination, distribution or copying of this e-mail, and any attachments thereto, is strictly prohibited. If you have received this e-mail in error, please immediately notify the sender and permanently delete the original and any copy or printout thereof.
_______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Hiep Nguyen wrote:
thanks. i may well do that b/c i'm behind firewall anyway. also, i'm not ready to tackle iptables at this time.
you can configure the simple default firewall with the GUI system-config-securitylevel, or the command line version, system-config-securitylevel-tui (uses curses to give a text menu interface)... this will allow you to enable ports, either standard services like www, or custom port numbers.
You can enable/disable selinux via either of these tools, too.
-
Alex White -
Dan Carl -
Hiep Nguyen -
John R Pierce -
Marcelo Roccasalva -
Matt Hyclak -
Philip Reynolds -
Ralph Angenendt -
Ross S. W. Walker -
Tom Brown