I'm getting and error when i'm trying to run this command:
chcon -t textrel_shlib_t /usr/lib/vmware-vcli/bin/esxcli/_ssl.so
The error that i got:
chcon: can't apply partial context to unlabeled file `/usr/lib/vmware-vcli/bin/esxcli/_ssl.so'
Any idea how to solve it?
Try to run this:
chcon -h system_u:object_r:httpd_sys_content_t /usr/lib/vmware-vcli/bin/esxcli/_ssl.so
instead of:
chcon -t textrel_shlib_t /usr/lib/vmware-vcli/bin/esxcli/_ssl.so
There's not quite enough context of what your goal is to answer with great accuracy, but here's some things that may help.
If you want to restore a context to a section of a directory tree:
restorecon -rnv /path/to/dir
the flags are recursive, no-changes, and verbose
You can also use use
chcon --reference=file_with_good_perms your_file
ls -Z --> to view selinux contexts
Related
I am trying to execute screen as another user using sudo.
I'm using the command:
echo 'userpassword' | /usr/bin/sudo -u 'myuser' -S '/usr/bin/screen -ls'
Any help found on the internet says that the sudo clears the environment variables (like PATH). So I decided to use the full path to the applications but I'm still getting the command not found error.
Error:
sudo: /usr/bin/screen -ls: command not found
Sudo is installed on the system.
Screen is installed on the system.
For sudo, I have tried the -E and -H flag but it doesn't help.
I tried to set PATH variable using something like this:
... | /usr/bin/sudo -u 'myuser' -S 'env PATH=$PATH; /usr/bin/screen -ls'
Supposedly the $PATH was suppose to expand before the command executes but I was getting other errors...
Can someone provide a command that will let me execute commands as another user and explain what each part of the command does so I can understand it?
Thanks.
Try,
export PATH=/usr/bin:/bin:/usr/sbin:/sbin:/usr/local/bin:$PATH
Probably you replaced the path variable while trying to set a new path variable.
Going forward, do 'echo $PATH' before adding a new path variable.
There doesn's seem to be any need to encapsulate command in quotes, without them it even works.
echo 'userpassword' | /usr/bin/sudo -u 'myuser' -S screen -ls
I am getting this error when trying to modify the SELinux label on a pre-commit hook.
My first try was
chcon -t httpd_exec_t pre-commit
Then I tried by adding the full context to the command
chcon -u unconfined_u -r object_r -t httpd_exec_t pre-commit
But got the same error. Checking the labels I figured out that it doesn't have the SELinux label at all. The ls -Z command returns the following
-rwxr-x--x apache apache ? pre-commit
Notice the ? symbol it should look something like this
-rwxr-x--x apache apache unconfined_u:object_r:httpd_exec_t:s0 pre-commit
I think that the error makes sense since the file does't have the SELinux label for some reason, the question is why and how to solve this.
I tried to restore the default SELinux context with the "restorecon -R -v /hooks" command but it doesn't work as expected.
try this:
chcon -R -h unconfined_u:object_r:httpd_exec_t:s0 pre-commit
i am trying to get folder lists from remote server, and it is not possible to mount remote server into my local computer (because of the permission issue).
i used
smbclient "//165.186.89.21/DeptDQ_141Q_FOTA" "--user=myid" -c 'ls;'
to get lists of the folder.
and the result was success.
but, actually i want to use ls -l with the above the command line
and when i try to get results using the line
smbclient "//165.186.89.21/DeptDQ_141Q_FOTA" "--user=LGE\final.lee" -c 'ls -l;'
it returns
NT_STATUS_NO_SUCH_FILE listing \-l
64000 blocks of size 16777216. 6503 blocks available
...
how should i use smbclient operator with ls -l option?
please help me!
smbclient ls does not run a native ls command, but rather invokes built-in functionality. As such, it does not support the usual options which a native, POSIX-compliant ls command would provide.
Thus, you cannot do this.
If your goal is to read metadata, consider trying the smbclient stat [filename] subcommand instead (if your server supports UNIX extensions), or smbclient allinfo [filename] (otherwise).
I am currently having trouble running linux perf, mostly because /proc/sys/kernel/kptr_restrict is currently set to 1.
However, if I try to /proc/sys/kernel/kptr_restrict by echoing 0 to it as follows...
echo 0 > /proc/sys/kernel/kptr_restrict
I get a permission denied error. I don't think I can change permissions on it either.
Is there a way to set this directly somehow? I am super user. I don't think perf will function acceptably without this being set.
In your example, echo is running as root, but your shell is running as you.
So please try this command:
sudo sh -c " echo 0 > /proc/sys/kernel/kptr_restrict"
All the files located in /proc/sys can only be modified by root (actually 99.9% files, check with ls -l). Therefore you have to use sudo to modify those files (or your preferred way to execute commands as root).
The proper way to modify the files in /proc/sys is to use the sysctl tool. Note that yu should replace the slashes (/) with dots (.) and omit the /proc/sys/ prefix... read the fine manual.
Read the current value:
$ sysctl kernel.kptr_restrict
kernel.kptr_restrict = 1
Modify the value:
$ sudo sysctl -w kernel.kptr_restrict=0
sysctl kernel.kptr_restrict=1
To make your modifications reboot persistent, you should edit /etc/sysctl.conf or create a file in /etc/sysctl.d/50-mytest.conf (edit the file as root or using sudoedit), containing:
kernel.kptr_restrict=1
In which case you should execute this command to reload your configuration:
$ sysctl -p /etc/sysctl.conf
P.S. it is possible to directly write in the virtual file. https://stackoverflow.com/users/321730/cdyson37 command is quite elegant: echo 0 | sudo tee /proc/sys/kernel/kptr_restrict
I am writing a shell script. The tutorial that I am reading have the first line like this :
#!/usr/bin/env bash/
but it isn't working for me. (error : no such directory)
How can I find out which bash I am using and where is it located?
Appreciate for any advice and help.
Thanks a lot. It works now.
solution is #!/usr/bin/env bash
Another problem: Why it just can't read the word 'restart'
my code in the start.sh:
#!/usr/bin/env bash/
RESTART="apachectl restart"
$RESTART
I does not work.
Usage: /usr/local/apache2/bin/httpd [-D name] [-d directory] [-f file]
[-C "directive"] [-c "directive"]
[-k start|restart|graceful|graceful-stop|sto p]
[-v] [-V] [-h] [-l] [-L] [-t] [-S]
Options:
-D name : define a name for use in <IfDefine name> directives
-d directory : specify an alternate initial ServerRoot
-f file : specify an alternate ServerConfigFile
-C "directive" : process directive before reading config files
-c "directive" : process directive after reading config files
-e level : show startup errors of level (see LogLevel)
-E file : log startup errors to file
-v : show version number
-V : show compile settings
-h : list available command line options (this page)
-l : list compiled in modules
-L : list available configuration directives
-t -D DUMP_VHOSTS : show parsed settings (currently only vhost settings)
-S : a synonym for -t -D DUMP_VHOSTS
-t -D DUMP_MODULES : show all loaded modules
-M : a synonym for -t -D DUMP_MODULES
-t : run syntax check for config files
why is it like that? it seems that it can read the word restart.
Thank you all! I have fixed it now.
solution: edit the file in unix (vim/nano and whatever but not in windows)
Thank again :)
Yet another way: echo $SHELL.
If you remove the / from bash/, it should work.
You ca try the following command
which bash
at a shell. Then put
#!<the output of which bash>
To find out where bash is, issue the command:
type bash
at your command prompt. and to make sure it is always found by your script use:
#!bash
this has the problem that some other bash may be found and used, which could be security issue, but I have been doing this for years.
Remove the extra character(s) you have at the end of lines. No slash is required and
dos2unix yourscript will remove the unwanted CRs.
#!/usr/bin/env bash
Actually better would be to open a new question for your restart problem.
Most probably you are not at the directory where the restart command is
defined or restart is not in your path. Try putting the whole path.