[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: SELinux Attack!



On Fri, 2007-10-12 at 12:31 -0600, Karl Larsen wrote: 
> Thomas Cameron wrote:
> > On Fri, 2007-10-12 at 09:24 -0600, Karl Larsen wrote:
> >
> >   
> >> Yes the ONLY problem is that a F7 that was working just fine all by 
> >> itself found it can not locate cups. After 10 minutes it does find cups 
> >> but then it can't find sendmail for around 5 minutes. Then it comes up 
> >> very slow and when clear up into xwindows it still doesn't all work. 
> >> When it got to a point I could operate the SELinux control panels I 
> >> tried to turn SELinux off. To see what happens. Well just now looking at 
> >> dmesg the dam SELinux is not turned off! So what is the best way to make 
> >> sure this thing is turned off?
> >>     
> >
> > Karl -
> >
> > What you are describing is almost surely a matter of your host not being
> > able to resolve its own name.  Nothing whatsoever to do with SELinux.
> >
> > Post the contents of your /etc/hosts and /etc/resolv.conf files.
> >
> > I'm betting good money that localhost does not resolve.
> >
> >   
> [karl k5di ~]$ cat /etc/hosts
> # Do not remove the following line, or various programs
> # that require network functionality will fail.
> 127.0.0.1       localhost.localdomain   localhost
> ::1     localhost6.localdomain6 localhost6
> 192.168.0.1     dsl
> [karl k5di ~]$
> 
> [karl k5di ~]$ ping localhost
> PING localhost.localdomain (127.0.0.1) 56(84) bytes of data.
> 64 bytes from localhost.localdomain (127.0.0.1): icmp_seq=1 ttl=64 
> time=0.060 ms
> 64 bytes from localhost.localdomain (127.0.0.1): icmp_seq=2 ttl=64 
> time=0.064 ms
> 64 bytes from localhost.localdomain (127.0.0.1): icmp_seq=3 ttl=64 
> time=0.066 ms
> 64 bytes from localhost.localdomain (127.0.0.1): icmp_seq=4 ttl=64 
> time=0.060 ms
> 64 bytes from localhost.localdomain (127.0.0.1): icmp_seq=5 ttl=64 
> time=0.065 ms
> 
> --- localhost.localdomain ping statistics ---
> 5 packets transmitted, 5 received, 0% packet loss, time 4000ms
> rtt min/avg/max/mdev = 0.060/0.063/0.066/0.002 ms
> [karl k5di ~]$
> 
> OK how much money were you going to send :-)

In this case, none.  This is squarely your fault, nothing whatsoever to
do with SELinux.

> [karl k5di ~]$ cat /etc/resolv.conf
> ; generated by /sbin/dhclient-script
> nameserver 216.234.192.92
> nameserver 216.234.213.130
> [karl k5di ~]$
> [karl k5di ~]$
> 
> It all looks fine to me.

And that is why you can't fix it.  You don't understand it.  With a
little real information I (and I'm sure others on this list) see exactly
what the issue was.  I was close - I thought it was localhost not
resolving.  The answer is that your machine can't resolve its own name.
"k5di" is not defined in /etc/hosts, and your DNS servers are public
ones.  What is your full hostname?  k5di.xyz.com - what is the "xyz.com"
part of your machine's name?

216.234.192.92 is ns1.zianet.com and 216.234.213.130 is ns2.zianet.com.
They don't know anything about k5di.

Change the line in /etc/hosts that looks like this:

127.0.0.1 localhost.localdomain localhost

to this:

127.0.0.1 localhost.localdomain localhost k5di k5di.xyz.com

Obviously, cahnge xyz.com to your domain name.  Once you do that I
imagine your services will start in a timely manner.

SELinux is not involved.  Please, until you understand of what you
speak, keep quiet.
-- 
Thomas Cameron, RHCE, RHCI, CNE, MCSE, MCT
Can a hearse carrying a corpse drive in the carpool lane?


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]