SELinux Attack!

Karl Larsen k5di at zianet.com
Sat Oct 13 11:55:42 UTC 2007 

Thomas Cameron wrote:
> On Fri, 2007-10-12 at 12:31 -0600, Karl Larsen wrote: 
>   
>> Thomas Cameron wrote:
>>     
>>> On Fri, 2007-10-12 at 09:24 -0600, Karl Larsen wrote:
>>>
>>>   
>>>       
>>>> Yes the ONLY problem is that a F7 that was working just fine all by 
>>>> itself found it can not locate cups. After 10 minutes it does find cups 
>>>> but then it can't find sendmail for around 5 minutes. Then it comes up 
>>>> very slow and when clear up into xwindows it still doesn't all work. 
>>>> When it got to a point I could operate the SELinux control panels I 
>>>> tried to turn SELinux off. To see what happens. Well just now looking at 
>>>> dmesg the dam SELinux is not turned off! So what is the best way to make 
>>>> sure this thing is turned off?
>>>>     
>>>>         
>>> Karl -
>>>
>>> What you are describing is almost surely a matter of your host not being
>>> able to resolve its own name.  Nothing whatsoever to do with SELinux.
>>>
>>> Post the contents of your /etc/hosts and /etc/resolv.conf files.
>>>
>>> I'm betting good money that localhost does not resolve.
>>>
>>>   
>>>       
>> [karl at k5di ~]$ cat /etc/hosts
>> # Do not remove the following line, or various programs
>> # that require network functionality will fail.
>> 127.0.0.1       localhost.localdomain   localhost
>> ::1     localhost6.localdomain6 localhost6
>> 192.168.0.1     dsl
>> [karl at k5di ~]$
>>
>> [karl at k5di ~]$ ping localhost
>> PING localhost.localdomain (127.0.0.1) 56(84) bytes of data.
>> 64 bytes from localhost.localdomain (127.0.0.1): icmp_seq=1 ttl=64 
>> time=0.060 ms
>> 64 bytes from localhost.localdomain (127.0.0.1): icmp_seq=2 ttl=64 
>> time=0.064 ms
>> 64 bytes from localhost.localdomain (127.0.0.1): icmp_seq=3 ttl=64 
>> time=0.066 ms
>> 64 bytes from localhost.localdomain (127.0.0.1): icmp_seq=4 ttl=64 
>> time=0.060 ms
>> 64 bytes from localhost.localdomain (127.0.0.1): icmp_seq=5 ttl=64 
>> time=0.065 ms
>>
>> --- localhost.localdomain ping statistics ---
>> 5 packets transmitted, 5 received, 0% packet loss, time 4000ms
>> rtt min/avg/max/mdev = 0.060/0.063/0.066/0.002 ms
>> [karl at k5di ~]$
>>
>> OK how much money were you going to send :-)
>>     
>
> In this case, none.  This is squarely your fault, nothing whatsoever to
> do with SELinux.
>
>   
>> [karl at k5di ~]$ cat /etc/resolv.conf
>> ; generated by /sbin/dhclient-script
>> nameserver 216.234.192.92
>> nameserver 216.234.213.130
>> [karl at k5di ~]$
>> [karl at k5di ~]$
>>
>> It all looks fine to me.
>>     
>
> And that is why you can't fix it.  You don't understand it.  With a
> little real information I (and I'm sure others on this list) see exactly
> what the issue was.  I was close - I thought it was localhost not
> resolving.  The answer is that your machine can't resolve its own name.
> "k5di" is not defined in /etc/hosts, and your DNS servers are public
> ones.  What is your full hostname?  k5di.xyz.com - what is the "xyz.com"
> part of your machine's name?
>
> 216.234.192.92 is ns1.zianet.com and 216.234.213.130 is ns2.zianet.com.
> They don't know anything about k5di.
>
> Change the line in /etc/hosts that looks like this:
>
> 127.0.0.1 localhost.localdomain localhost
>
> to this:
>
> 127.0.0.1 localhost.localdomain localhost k5di k5di.xyz.com
>
> Obviously, cahnge xyz.com to your domain name.  Once you do that I
> imagine your services will start in a timely manner.
>
> SELinux is not involved.  Please, until you understand of what you
> speak, keep quiet.
>   
    You are hunting ghosts. When I set up the network I changed the 
system host name to k5di.com  and it has been that for months. Years 
before that on FC4.

Yesterday I changed nothing but turning off SELinux and the problems 
have all disappeared.



-- 

	Karl F. Larsen, AKA K5DI
	Linux User
	#450462   http://counter.li.org.

More information about the fedora-list mailing list