Search found 39 matches

by sawozny
2020/07/04 23:52:55
Forum: CentOS 7 - Software Support
Topic: Updating a SO library from source that was originally installed by a package manager
Replies: 0
Views: 12

Updating a SO library from source that was originally installed by a package manager

Dear CentOS Gurus, OK, so the situation is that I need to update gpgme on my CentOS 7 minimal install to 1.4.3 or higher (project is currently at 1.13). If you’re curious why, see here: https://community.greenbone.net/t/problem-building-gpgmeutils-c-o-in-gvm-lib-10-0-2-on-centos-7-minimal/5854/3 The...
by sawozny
2020/06/23 17:47:41
Forum: CentOS 7 - General Support
Topic: grepping stacks of gzip file - zgrep?
Replies: 2
Views: 90

Re: grepping stacks of gzip file - zgrep?

zgrep is a standard utility installed as part of CentOS - it's part of the gzip package. I swear the first thing I did when I heard about zgrep was try to use it and I got a "command not found" back. Checked again when you said it was installed by default and there it is! Must have fat fingered it ...
by sawozny
2020/06/22 20:56:12
Forum: CentOS 7 - General Support
Topic: grepping stacks of gzip file - zgrep?
Replies: 2
Views: 90

grepping stacks of gzip file - zgrep?

Greeting, Gurus! :) I need to grep a stack of files in a directory tree but the files are gzip'ed so I'm looking for recommendation on how to do that. Unzipping, grepping and rezipping afterwards in a script sounds like a huge PITA... I found mentions of zgrep online, but I can't see it (or the zuti...
by sawozny
2020/05/24 17:28:22
Forum: CentOS 7 - Security Support
Topic: Can SELinux policies target a wildcard type?
Replies: 2
Views: 206

Re: Can SELinux policies target a wildcard type?

This is for an AVC allow rule which has source and target type, so the goal is to allow the Qemu guest agent to read the properties of directories which are the mount point for a resource not on the system disk WITHOUT knowing in advance what type that directory is labeled with. The directory names ...
by sawozny
2020/05/18 23:35:04
Forum: CentOS 7 - Security Support
Topic: Can SELinux policies target a wildcard type?
Replies: 2
Views: 206

Can SELinux policies target a wildcard type?

I’m trying to snapshot KVM guests which fails when the system has a second virtual disk that is occupied. I’ve advised RedHat that their virt_qemu_ga_t policy is incomplete here (https://bugzilla.redhat.com/show_bug.cgi?id=1782615 ) but they closed it as a “won’t fix”. I can always run a sudo semana...
by sawozny
2020/04/27 21:49:43
Forum: CentOS 7 - Software Support
Topic: Weirdness with PHP-FPM and UDS sockets (and, possibly, ProxySQL)
Replies: 6
Views: 198

Re: Weirdness with PHP-FPM and UDS sockets (and, possibly, ProxySQL)

Doh! Did another read through now that I'm less stressed out about this and I see this: If true, sets up a new file system namespace for the executed processes and mounts private /tmp and /var/tmp directories inside it that is not shared by processes outside of the namespace. This is useful to secur...
by sawozny
2020/04/27 21:45:08
Forum: CentOS 7 - Software Support
Topic: Weirdness with PHP-FPM and UDS sockets (and, possibly, ProxySQL)
Replies: 6
Views: 198

Re: Weirdness with PHP-FPM and UDS sockets (and, possibly, ProxySQL)

Winner Winner! Chicken Dinner! :) When I relocate the socket file to /run/proxysql/proxysql.sock PHP-FPM speaks to it just fine and retrieves the data, as requested. Any idea why this is? I'm not really a stranger to troubleshooting and writing custom policies for SELinux and I couldn't see any comp...
by sawozny
2020/04/27 20:29:29
Forum: CentOS 7 - Software Support
Topic: Weirdness with PHP-FPM and UDS sockets (and, possibly, ProxySQL)
Replies: 6
Views: 198

Re: Weirdness with PHP-FPM and UDS sockets (and, possibly, ProxySQL)

I think centos by default requires sockets to exist under /run (previously /var/run) and SELinux contexts has some enforcement requirements for that. From your error it seems like php-fpm can't find the socket file. As TrevorH mentioned, check the php-fpm service for any extra restrictions. Usually...
by sawozny
2020/04/27 20:14:03
Forum: CentOS 7 - Software Support
Topic: Weirdness with PHP-FPM and UDS sockets (and, possibly, ProxySQL)
Replies: 6
Views: 198

Re: Weirdness with PHP-FPM and UDS sockets (and, possibly, ProxySQL)

Perhaps your php-fpm has PrivateTmp=True in its systemd unit file? It does, indeed. Could you help me understand why that would be a problem? I would understand if ProxySQL had PrivateTmp enabled (making the /tmp socket file I'm having a problem getting to inaccessible to other processes) but I che...
by sawozny
2020/04/26 21:16:53
Forum: CentOS 7 - Software Support
Topic: Weirdness with PHP-FPM and UDS sockets (and, possibly, ProxySQL)
Replies: 6
Views: 198

Weirdness with PHP-FPM and UDS sockets (and, possibly, ProxySQL)

In my CentOS -> Apache -> PHP-FPM -> ProxySQL -> MariaDB stack I have this weird problem where when I have PHP code that talks to a local ProxySQL instance through PHP-FPM via 127.0.0.1:3306 the code works fine, but when I try to make contact through a UDS socket, the request doesn't work and my tro...

Go to advanced search