Facebook
TwitterIT Ufficio Key-One
Basic Pleskian
- Server operating system version
- Almalinux 8.10
- Plesk version and microupdate number
- Plesk Obsidian 18.0.71 #1
Hi, we just installed a VPS with Almalinux 8, Plesk Obsidian 18.0.71 #1, Selinux enforced. We upgraded then Mariadb to 11.4.7, enabled 360monitoring and imunify.
We're encountering a lot of continuous errors in /var/log/messages:
Jul 21 14:45:15 k1nvps05 systemd[1]: Starting SETroubleshoot daemon for processing new SELinux denial logs...
Jul 21 14:45:16 k1nvps05 dbus-daemon[743]: [system] Successfully activated service 'org.fedoraproject.Setroubleshootd'
Jul 21 14:45:16 k1nvps05 systemd[1]: Started SETroubleshoot daemon for processing new SELinux denial logs.
Jul 21 14:45:17 k1nvps05 dbus-daemon[743]: [system] Activating service name='org.fedoraproject.SetroubleshootPrivileged' requested by ':1.1722' (uid=994 pid=43555 comm="/usr/libexec/platform-python -Es /usr/sbin/setroub" label="system_u:system_r:setroubleshootd_t:s0") (using servicehelper)
Jul 21 14:45:17 k1nvps05 dbus-daemon[743]: [system] Successfully activated service 'org.fedoraproject.SetroubleshootPrivileged'
Jul 21 14:45:18 k1nvps05 setroubleshoot[43555]: SELinux is preventing sshd from write access on the sock_file mysql.sock. For complete SELinux messages run: sealert -l 7aa70624-4db4-49f3-822e-723888650f9f
Jul 21 14:45:18 k1nvps05 setroubleshoot[43555]: SELinux is preventing sshd from write access on the sock_file mysql.sock.#012#012***** Plugin catchall (100. confidence) suggests **************************#012#012If you believe that sshd should be allowed write access on the mysql.sock sock_file by default.#012Then you should report this as a bug.#012You can generate a local policy module to allow this access.#012Do#012allow this access for now by executing:#012# ausearch -c 'sshd' --raw | audit2allow -M my-sshd#012# semodule -X 300 -i my-sshd.pp#012
Should we proceed based on what is suggested on these lines (i.e.: ausearch -c 'sshd' --raw | audit2allow -M my-sshd#012# semodule -X 300 -i my-sshd.pp)
Thanks.
We're encountering a lot of continuous errors in /var/log/messages:
Jul 21 14:45:15 k1nvps05 systemd[1]: Starting SETroubleshoot daemon for processing new SELinux denial logs...
Jul 21 14:45:16 k1nvps05 dbus-daemon[743]: [system] Successfully activated service 'org.fedoraproject.Setroubleshootd'
Jul 21 14:45:16 k1nvps05 systemd[1]: Started SETroubleshoot daemon for processing new SELinux denial logs.
Jul 21 14:45:17 k1nvps05 dbus-daemon[743]: [system] Activating service name='org.fedoraproject.SetroubleshootPrivileged' requested by ':1.1722' (uid=994 pid=43555 comm="/usr/libexec/platform-python -Es /usr/sbin/setroub" label="system_u:system_r:setroubleshootd_t:s0") (using servicehelper)
Jul 21 14:45:17 k1nvps05 dbus-daemon[743]: [system] Successfully activated service 'org.fedoraproject.SetroubleshootPrivileged'
Jul 21 14:45:18 k1nvps05 setroubleshoot[43555]: SELinux is preventing sshd from write access on the sock_file mysql.sock. For complete SELinux messages run: sealert -l 7aa70624-4db4-49f3-822e-723888650f9f
Jul 21 14:45:18 k1nvps05 setroubleshoot[43555]: SELinux is preventing sshd from write access on the sock_file mysql.sock.#012#012***** Plugin catchall (100. confidence) suggests **************************#012#012If you believe that sshd should be allowed write access on the mysql.sock sock_file by default.#012Then you should report this as a bug.#012You can generate a local policy module to allow this access.#012Do#012allow this access for now by executing:#012# ausearch -c 'sshd' --raw | audit2allow -M my-sshd#012# semodule -X 300 -i my-sshd.pp#012
Should we proceed based on what is suggested on these lines (i.e.: ausearch -c 'sshd' --raw | audit2allow -M my-sshd#012# semodule -X 300 -i my-sshd.pp)
Thanks.
