CentOS

Emacs has auto-save-mode: https://www.gnu.org/software/emacs/manu ... -Save.html
See also: http://xahlee.info/emacs/emacs/emacs_au ... ackup.html

The autosaves are separate from the *~ that holds the previous version after you do save a buffer.

Selinux does not log everything by default. See man semanage-dontaudit


'audit2why' translates messages into description:

The rpm -q --changelog python-syspurpose | grep -i cve shows nothing, but rpm -qi python-syspurpose tells: Version : 1.24.52 Release : 2.el7.centos Build Date : Wed 23 Aug 2023 The https://access.redhat.com/errata/RHSA-2023:4701 shows that Red Hat has released Tue 22 Aug 2023 errata that includes pa...

The RSA keys have to be at least 2048 bits.
See https://access.redhat.com/documentation ... c-policies

I've shifted to ed25519 keys. They work on el7, el8, and el9.

verbal_666 wrote: ↑

2023/09/14 12:44:14

Last kernel update solved the problem

Is that kernel-5.14.0-364.el9?

You could run that systemctl daemon-reload as the output suggests. The firewalld.service seems to be masked, so everything should be ok. I do agree with Trevor that complete removal of FirewallD is the most clean option. The removal of firewall* on CentOS 7 system probably removes: firewall-applet, ...

yildizabdullah wrote: ↑

2023/09/12 13:37:59

Is there any side effect of leaving the state of the firewalld.service as it is?

Do show output of systemctl status firewalld

A masked service points to /dev/null and cannot possibly start. A merely disabled service -- not masked -- could be started by some other process.

I had to convert the rules to firewalld. It is already chosen not by me. Thank you for your answer. Although you have to use FirewallD, that does not dictate how to configure it. Rather than talking directly to firewalld, one can use an Ansible playbook . See https://www.redhat.com/en/blog/automati...

Which part of documentation says it is destination port? I am sorry i couldnt find it. My bad, that is not written explicitly. We do know that the (xml) definition can have attributes "port" and "source-port". Can we be confident that the "source-port" is a source port? I think so. That leaves the ...

For completeness: But i am not sure this is right because as you can see we have destionation ports in our iptables rules but i cannot find "a destination port configuration" for a firewalld service. By the way my default zone is public right now. So eth1 interface zone is public. I am not even sure...