Cloud Insidr

Cybersecurity in the Age of the Machine

  • Subscribe!
  • Privacy Policy
  • Legal
  • Contact Us

Join us on Twitter: @CloudInsidr

  • news & alerts
    • events
    • industry analysis
    • industry gossip
    • people
  • cloud, edge & co.
    • AWS
    • administration & orchestration
      • web servers in the cloud
      • mail servers
      • databases
  • cybersec & warfare
    • encryption
  • blockchain
Home cloud, edge and everything in between administration and orchestration SELinux tips, tricks, hacks and gotchas
SELinux tips, tricks, hacks and gotchas

Cloud Insidr 2019-07-30 4 Comments

SELinux tips, tricks, hacks and gotchas

Most of us have a love-hate relationship with SELinux.

Human readable time stamps in audit.log

SELinux writes its audit log files using a cryptic format that includes a time stamp in the Unix time format of all things. (The number of seconds since the beginning of the year 1970 in UTC time). Here is how to convert the time stamp to a human readable format:

grep -i avc /var/log/audit/audit.log | ausearch -i

An SELinux bug can suppress cron jobs, here is the fix

In several versions of Fedora, crond is unable to access /etc/crontab courtesy of a bug in SELinux. The problem is well documented and it keeps popping up again and again. If your cron jobs keep failing silently unless run in permissive mode (not the idea!), there is an easy fix.

First you want to diagnose the issue. Create a cronjob that is easy on system resources so it can run every minute. With SELinux enforcing (setenforce 1), reload the configuration of crond:

systemctl restart crond

Check what keeps your cron job from executing:

journalctl -xe

You will see errors resembling this:

crond[12724]: ((null)) Unauthorized SELinux context=system_u:system_r:system_cronjob_t:s0-s0:c0.c1023 file_context=unconfined_u:object_r:etc_t:s0 (/etc/crontab)
crond[12724]: (root) FAILED (loading cron table)

Verify your suspicions:

ls -laZ /etc/crontab

Save the correct context in the SELinux configuration (this survives a system reboot):

semanage fcontext -a -t system_cron_spool_t "/etc/crontab"

Restore the SELinux file context from the now corrected configuration:

restorecon -RFv /etc/crontab

Your dummy cron job should be running now. Make sure you replace it with your intended cron jobs and reload (or restart) crond.

Filed Under: administration and orchestration Tagged With: SELinux, time stamp

Comments

  1. pragmatic play says

    2022-11-20 at 8:51 am

    Hi there! This is kind of off topic but I need some guidance from an established blog.
    Is it tough to set up your own blog? I’m not very techincal but I
    can figure things out pretty quick. I’m thinking about creating my
    own but I’m not sure where to start. Do you have any
    tips or suggestions? Many thanks

    Reply
  2. ag+ says

    2022-11-17 at 5:27 am

    Ꮃere you taugһt appropriate spot located on the Ƅall to kick to Ƅe aƅle
    to the desired location to kick the ball to or was
    this perhaps ɑn old style, outdated or more time effective using current sⲟccer balls otherwise the ball in order to
    using however? How about your shoes? How do you know you choose the most cost effective shⲟes more
    efficient surface area you are playing by? How does the worкing surface
    affect your level of pⅼay? Would you undeгstand the particular combination of your type of shoes, various of soccer ball, the playing surface
    and the еlements conditions tomorrow ɑll affect your discontinue?

    The the fact only expert gamblers exactly what the real Soccer Betting tips are.
    But even though they know these things, that Ԁoesn’t mean they never lose; surely they lose sometimes, it is simply they
    make more cash than the thingѕ they loѕe.

    Target setting is in order to as the targeted amount money οne ѡould choose mɑke ᴡithіn 24 hours or 7 Ԁays or
    jᥙst a month. When your target is met, you have to pull back, relax and enjoy your obtaining victory in.

    Ꭲip#2: Your able to use the internet to your
    benefit. The internet is maybe the bеst associated with informatiоn on team composition and key players.
    Yow will discover scores of іnternet from Soccer Odds wheгe you can obtain useful informatіon on these situatіons.

    1) Know your team inside օut – Die hard fans know added about thеir
    very teams along with the they play than bookmakers do.
    Individuals in the lower league. If you know your teаm plаʏs better
    with certain starting line upѕ or against other
    teamѕ that play from a certain style tһen make the most of this when cоming develop
    your gambling bets.

    Winning at soccer bettіng is very possible. Are usually only three outcomes to handle with, win, lose or draw
    ѕo before you stɑrt you have a 33% possibility of getting it right.
    Undoubtedly the оdds the booқmakers offer on these soccer
    games will reflect right after between the two Soccer analysis sides.
    Use of the intеrnet though to check out eɑch team should an individual to to make a soccer betting investment witһ assurancе.

    For instance you may well consider that your partіcular participant ԝithin a sprint features
    25% regarding wіnning an infant. Divide this by 100 for to achieve a ⲣossibilitiеs of 0.25.

    You are then buy some new probability into odds
    by dividing three.25 into 1. Incredibly leave you wіth likelіhߋod of
    400 or 10.00 (decimɑl/euro) or 4/1 (fгaϲtion).

    Fеel free to visit my site ag+

    Reply
  3. the economic times says

    2022-09-09 at 11:56 am

    First of all, congratses on this article. This is
    actually remarkable but that is actually why you always crank out my pal.

    Wonderful articles that we may sink our teeth in to and
    actually visit operate.

    I adore this blog message and also you recognize you are actually.
    Due to the fact that there is actually therefore much involved
    yet its like just about anything else, blog writing can be incredibly mind-boggling for a great deal of individuals.

    Everything takes time as well as all of us have the very same quantity of
    hours in a time thus placed them to excellent make use of.
    All of us possess to begin somewhere as well as your
    program is actually best.

    Fantastic share and also thanks for the acknowledgment here,
    wow … Just how awesome is actually that.

    Off to discuss this article right now, I desire all those brand new
    blog owners to observe that if they do not already have a program 10 they perform
    right now.

    My site the economic times

    Reply
  4. Allen J Newton says

    2020-09-04 at 9:28 pm

    In Fedora 31, this problem has recurred with cronie-1.5.4-2.fc31.x86_64. The above fix doesn’t work here because the context on /etc/crontab and /etc/cron.d are already correct as system_u:object_r:system_cron_spool_t:s0
    systemctl start crond.service results in these messages:
    (CRON) STARTUP (1.5.4)
    (CRON) INFO (RANDOM_DELAY will be scaled with factor 23% if used.)
    ((null)) No SELinux security context (/etc/crontab)
    (root) FAILED (loading cron table)
    ((null)) No SELinux security context (/etc/cron.d/0hourly)
    (root) FAILED (loading cron table)

    This happened on both of my F31 machines when they updated cronie some time ago. It appears to me that crond is broken somehow and can’t read the contexts on those files, even though it is also running with the right context:

    ps -eZ | grep cron
    system_u:system_r:crond_t:s0-s0:c0.c1023 1579 ? 00:00:00 atd
    system_u:system_r:crond_t:s0-s0:c0.c1023 37317 ? 00:00:00 crond

    Can anyone help with this? My cron jobs are not running unless I go to permissive mode (not ideal). Thank you.

    Reply

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Subscribe

Find the monitor that's right for you.

SSL/TLS Certificate Square (250 x 250)

Tag Cloud

AWS AWS Billing Dashboard AWS Config AWS Cost Explorer AWS EBS AWS Resource Explorer AWS Tag Editor AWS Trusted Advisor cipher suites cyber security Diffie-Hellman EBS EC2 ECDHE Five Eyes Alliance FLAME HSTS HTTP/2 Java Linux Log4j NGINX NVMe PHP RCE Route 53 SELinux SHA-1 SHA-2 SQL SSL TLS

Pearson Education (InformIT)

SSL/TLS Certificate Medium Rectangle (300 x 250)

©2022 CybrAnalytiqa OÜ

  • Content purchasing and syndication