{"id":2600,"date":"2019-07-30T05:20:44","date_gmt":"2019-07-30T12:20:44","guid":{"rendered":"https:\/\/www.cloudinsidr.com\/content\/?p=2600"},"modified":"2019-07-30T06:37:41","modified_gmt":"2019-07-30T13:37:41","slug":"selinux-tips-tricks-hacks-and-gotchas","status":"publish","type":"post","link":"https:\/\/www.cloudinsidr.com\/content\/selinux-tips-tricks-hacks-and-gotchas\/","title":{"rendered":"SELinux tips, tricks, hacks and gotchas"},"content":{"rendered":"<p>Most of us have a love-hate relationship with SELinux.<\/p>\n<p><!--more--><\/p>\n<h2>Human readable time stamps in audit.log<\/h2>\n<p>SELinux writes its audit log files using a cryptic format that includes a time stamp in the Unix time format of all things. (The number of seconds since the beginning of the year 1970 in UTC time). Here is how to convert the time stamp to a human readable format:<\/p>\n<pre>grep -i avc \/var\/log\/audit\/audit.log | ausearch -i<\/pre>\n<h2>An SELinux bug can suppress cron jobs, here is the fix<\/h2>\n<p>In several versions of Fedora, crond is unable to access \/etc\/crontab courtesy of a bug in SELinux. The problem is well documented and it keeps popping up again and again. If your cron jobs keep failing silently unless run in permissive mode (not the idea!), there is an easy fix.<\/p>\n<p>First you want to diagnose the issue. Create a cronjob that is easy on system resources so it can run every minute. With SELinux enforcing (setenforce 1), reload the configuration of crond:<\/p>\n<pre>systemctl restart crond<\/pre>\n<p>Check what keeps your cron job from executing:<\/p>\n<pre>journalctl -xe<\/pre>\n<p>You will see errors resembling this:<\/p>\n<pre>crond[12724]: ((null)) Unauthorized SELinux context=system_u:system_r:system_cronjob_t:s0-s0:c0.c1023 file_context=unconfined_u:object_r:etc_t:s0 (\/etc\/crontab)\r\ncrond[12724]: (root) FAILED (loading cron table)<\/pre>\n<p>Verify your suspicions:<\/p>\n<pre>ls -laZ \/etc\/crontab<\/pre>\n<p>Save the correct context in the SELinux configuration (this survives a system reboot):<\/p>\n<pre>semanage fcontext -a -t system_cron_spool_t \"\/etc\/crontab\"<\/pre>\n<p>Restore the SELinux file context from the now corrected configuration:<\/p>\n<pre>restorecon -RFv \/etc\/crontab<\/pre>\n<p>Your dummy cron job should be running now. Make sure you replace it with your intended cron jobs and reload (or restart) crond.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Most of us have a love-hate relationship with SELinux.<\/p>\n","protected":false},"author":1,"featured_media":2601,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_genesis_hide_title":false,"_genesis_hide_breadcrumbs":false,"_genesis_hide_singular_image":false,"_genesis_hide_footer_widgets":false,"_genesis_custom_body_class":"","_genesis_custom_post_class":"","_genesis_layout":"","footnotes":""},"categories":[16],"tags":[70,256],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v14.5 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>SELinux tips, tricks, hacks and gotchas - CloudInsidr<\/title>\n<meta name=\"robots\" content=\"index, follow\" \/>\n<meta name=\"googlebot\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<meta name=\"bingbot\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.cloudinsidr.com\/content\/selinux-tips-tricks-hacks-and-gotchas\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"SELinux tips, tricks, hacks and gotchas - CloudInsidr\" \/>\n<meta property=\"og:description\" content=\"Most of us have a love-hate relationship with SELinux.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.cloudinsidr.com\/content\/selinux-tips-tricks-hacks-and-gotchas\/\" \/>\n<meta property=\"og:site_name\" content=\"CloudInsidr\" \/>\n<meta property=\"article:published_time\" content=\"2019-07-30T12:20:44+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2019-07-30T13:37:41+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.cloudinsidr.com\/content\/wp-content\/uploads\/2019\/07\/copper-1081825-1024x681.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1024\" \/>\n\t<meta property=\"og:image:height\" content=\"681\" \/>\n<meta name=\"twitter:card\" content=\"summary\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.cloudinsidr.com\/content\/#website\",\"url\":\"https:\/\/www.cloudinsidr.com\/content\/\",\"name\":\"CloudInsidr\",\"description\":\"Cyber security, infotech\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":\"https:\/\/www.cloudinsidr.com\/content\/?s={search_term_string}\",\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/www.cloudinsidr.com\/content\/selinux-tips-tricks-hacks-and-gotchas\/#primaryimage\",\"inLanguage\":\"en-US\",\"url\":\"https:\/\/www.cloudinsidr.com\/content\/wp-content\/uploads\/2019\/07\/copper-1081825.jpg\",\"width\":4256,\"height\":2832},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.cloudinsidr.com\/content\/selinux-tips-tricks-hacks-and-gotchas\/#webpage\",\"url\":\"https:\/\/www.cloudinsidr.com\/content\/selinux-tips-tricks-hacks-and-gotchas\/\",\"name\":\"SELinux tips, tricks, hacks and gotchas - CloudInsidr\",\"isPartOf\":{\"@id\":\"https:\/\/www.cloudinsidr.com\/content\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.cloudinsidr.com\/content\/selinux-tips-tricks-hacks-and-gotchas\/#primaryimage\"},\"datePublished\":\"2019-07-30T12:20:44+00:00\",\"dateModified\":\"2019-07-30T13:37:41+00:00\",\"author\":{\"@id\":\"https:\/\/www.cloudinsidr.com\/content\/#\/schema\/person\/dd6ee9cb21cf05763fd7cff3d6f11b2b\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.cloudinsidr.com\/content\/selinux-tips-tricks-hacks-and-gotchas\/\"]}]},{\"@type\":[\"Person\"],\"@id\":\"https:\/\/www.cloudinsidr.com\/content\/#\/schema\/person\/dd6ee9cb21cf05763fd7cff3d6f11b2b\",\"name\":\"Cloud Insidr\",\"image\":{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/www.cloudinsidr.com\/content\/#personlogo\",\"inLanguage\":\"en-US\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/8b2fa1415b3d573b97d818b8f8f83b7c?s=96&d=mm&r=g\",\"caption\":\"Cloud Insidr\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","_links":{"self":[{"href":"https:\/\/www.cloudinsidr.com\/content\/wp-json\/wp\/v2\/posts\/2600"}],"collection":[{"href":"https:\/\/www.cloudinsidr.com\/content\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.cloudinsidr.com\/content\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.cloudinsidr.com\/content\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.cloudinsidr.com\/content\/wp-json\/wp\/v2\/comments?post=2600"}],"version-history":[{"count":5,"href":"https:\/\/www.cloudinsidr.com\/content\/wp-json\/wp\/v2\/posts\/2600\/revisions"}],"predecessor-version":[{"id":2606,"href":"https:\/\/www.cloudinsidr.com\/content\/wp-json\/wp\/v2\/posts\/2600\/revisions\/2606"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.cloudinsidr.com\/content\/wp-json\/wp\/v2\/media\/2601"}],"wp:attachment":[{"href":"https:\/\/www.cloudinsidr.com\/content\/wp-json\/wp\/v2\/media?parent=2600"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.cloudinsidr.com\/content\/wp-json\/wp\/v2\/categories?post=2600"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.cloudinsidr.com\/content\/wp-json\/wp\/v2\/tags?post=2600"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}