The Acumen IT Support blog provides you with helpful articles about Linux software operating systems.

Several web sites provide good overviews.

Official Linux Overview

Linux Wikipedia

Linux Servers

Linux

Zabbix frontend shows “zabbix server is running” No

, ,

Zabbix Problem & Solution 

Zabbix Official Logo

 

This occurs when you confirm that the service is running, but the frontend still won’t show server is running.


Found that turning off SELinux with setenforce 0 would fix the problem, so it is clearly SELinux related. The problem is that by default, SELinux prevents apache/php from connecting to network ports, even on localhost. To fix this, you must allow the SELinux rule: httpd_can_network_connect.


Zabbix Solution


sudo setsebool httpd_can_network_connect on

sudo may not be necessary in your environment

sudo getsebool -a | grep httpd

look for httpd_can_network_connect –> on

sudo setenforce 1

This ensures that SELinux is running.


Do NOT just turn off SELinux. It is very effective at protecting your machine from attack.

We can provide assistance for your project. Please see our Linux consulting pages.

For more information, visit their Official Site.

https://www.linux.org/

SOLVED: SFTP Fatal in Selinux Log

Problem

When trying to configure sftp, you encounter “fatal: safely_chroot permission denied” in your SElinux audit.log.

Problem Scenario:

When you disable selinux with setenforce 0, sftp works.

When you enable selinux with setenforce 1, sftp fails and gives an error like:
Aug 7 18:01:19 server1 sshd[36015]: fatal: safely_chroot: stat(“/var/www”): Permission denied

Important facts:

You must have:
setsebool -P ssh_chroot_rw_homedirs=1
This will often error if you have an sftp user that also has a login shell (a big no-no), set it to /sbin/nologin with:
usermod -s /sbin/nologin mySFTPUser

But sftp still won’t work because the internal SELinux policies don’t allow sftp chroot. Create a custom SELinux policy to allow the chroot using audit2allow:
yum install setroubleshoot (to get audit2allow)

or

yum install policycoreutils-python (alternate package with audit2allow)
cd /root
grep chroot_user_t /var/log/audit/audit.log | audit2allow -M sftp_chroot_custom_policy > sftp_chroot_custom_policy.text
semodule -i sftp_chroot_custom_pol.pp

NOTE: The normal out put of this would be the .pp file generated by the -M flag. The .text file contains the human readable equivalent. You must use the .pp binary file with the semodule -i command.

This applies to Centos 6. It may apply to other Linux operating systems.

See our Linux Support and Consulting for more information on how we can help you or simply visit our IT Services Page.

HOWTO: Upgrade CentOS for Hyper-V with Linux

,

HOWTO: Upgrading the CentOS kernel for a Hyper-V virtual machine with Linux Integration Components.

A kernel upgrade will cause a kernel panic. These instructions prevent the boot crash.

 

Upgrade the kernel:

#yum upgrade

If you boot with this, you will get the kernel panic.  Don’t worry.  Just press space at boot time and boot from your old kernel.  Write down your new kernel number, such as 2.6.18-274.17.1.el5

 

Compile the Linux IC for your new kernel.  You can use the latest IC at this time is v3.2:

mkdir /opt/linux_ic_rtm
cp -r /media/CDROM/* /opt/linux_ic_rtm
cd /opt/linux_ic_rtm
grep -ilR uname * | xargs sed -i 's/uname -r/echo "2.6.18-274.17.1.el5"/g'
make && make install
reboot


You can now let grub boot to your default kernel without a kernel panic.

Thanks to http://www.sudonym.com/398/kernel-panic-after-yum-update-centos-with-hyper-v-linux-integration-components

 

For general IT service support, please visit us at: Acumen IT Support.

For Hyper-V consulting services, please visit us at:  Hyper-V Support.

See our Virtual Private Server Hosting Pages for more information!