Page 3 of 3 FirstFirst 123
Results 21 to 24 of 24

Thread: 2.5.0b1 test reports

  1. #21
    Join Date
    Oct 2005
    Location
    Bay Area, CA
    Posts
    124

    Default

    The attachment file shows no error. The AVC messages are positive acknowledgement s- (granted). Is there any other AVC messages like denied and/or sendbackup? Search /var/log/messages for sendbackup.

    Looking at the your previous post, here is what's failing:
    ==========
    ajax:/ 0 driver: (aborted:could not connect to data port: Connection refused)(too many dumper retry)
    ==========
    We need to find out what's restricting the data port connection. Also I need answers to the following:
    1) amanda works well when it's in permissive mode?
    2) is there a firewall between the server and the client?

    --Kevin Till

  2. #22

    Default

    1) amanda works well when it's in permissive mode? -- Yes it does.
    2) is there a firewall between the server and the client? -- Yes there is.

    If RedHat is watching this list, maybe someone there can explain why amand.te is not in the targeted-source rpm...
    Attached Files Attached Files

  3. #23
    Join Date
    Oct 2005
    Location
    Bay Area, CA
    Posts
    124

    Default

    >1) amanda works well when it's in permissive mode? -- Yes it does.
    permissive mode with firewall running, amanda works?

    >2) is there a firewall between the server and the client? -- Yes there is.
    what have you done to the firewall to accomodate amanda.

    >If RedHat is watching this list, maybe someone there can explain why amand.te is not in >the targeted-source rpm...
    because amanda is not one of the few daemons that targeted policy is enforcing.
    Strict policy will enforce every daemons and thus amanda.te is in
    selinux-policy-strict-sources-1.17.30-2.noarch.rpm.

  4. #24

    Default

    >1) amanda works well when it's in permissive mode? -- Yes it does.
    permissive mode with firewall running, amanda works? -- This workstation is running permissive and it gets backed up every night.

    >2) is there a firewall between the server and the client? -- Yes there is.
    what have you done to the firewall to accomodate amanda. Out of 11 or so machines backed up with this system both locally and remotely only those running SEL targeted enforcing fail.

    >If RedHat is watching this list, maybe someone there can explain why amand.te is not in >the targeted-source rpm...
    because amanda is not one of the few daemons that targeted policy is enforcing.
    Strict policy will enforce every daemons and thus amanda.te is in
    selinux-policy-strict-sources-1.17.30-2.noarch.rpm.

    As much as I would like to move up to strict, I'm afraid of how it might break things in the name of security. This is a public-facing system I inherited. Unfortunately I don't have enough infrastructure built into my test systems to adequately test a production look-alike. So my approach is to solve small things, one at a time.

    I'm going to grab that package to extract that version...hopefully that will compile better than the one I have.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •