Þ•",/<ø ùR™Zkôf`VÇ^Á}Z? Yš 6ô Ž+ Cº €þ#£¸:Õ4 eUf»N"7q,©0Ö *‹KB×A–\[ó`Oˆ°¦9jàwK Yà n!äŒ!dq"cÖ"m:#û¨$Τ's*Çy-A1]1A}1¿12Ò1g2om2WÝ2<53Dr31·3é3ù3 4Ž'4N¶4I5¬O5  "  !   If httpd scripts should be allowed to write to public directories you need to turn on the $BOOLEAN boolean and change the file context of the public directory to public_content_rw_t. Read the httpd_selinux man page for further information: "setsebool -P $BOOLEAN=1; chcon -t public_content_rw_t " You must also change the default file context labeling files on the system in order to preserve public directory labeling even on a full relabel. "semanage fcontext -a -t public_content_rw_t " If you trust $TARGET_PATH to run correctly, you can change the file context to textrel_shlib_t. "chcon -t textrel_shlib_t '$TARGET_PATH'" You must also change the default file context files on the system in order to preserve them even on a full relabel. "semanage fcontext -a -t textrel_shlib_t '$FIX_TARGET_PATH'" If you want $SOURCE to continue, you must turn on the $BOOLEAN boolean. Note: This boolean will affect all applications on the system. SELinux is preventing $SOURCE_PATH from changing the access protection of memory on the heap. SELinux is preventing $SOURCE_PATH from loading $TARGET_PATH which requires text relocation. SELinux is preventing $SOURCE_PATH from making the program stack executable. SELinux policy is preventing an httpd script from writing to a public directory. SELinux policy is preventing an httpd script from writing to a public directory. If httpd is not setup to write to public directories, this could signal an intrusion attempt. SELinux prevented the ftp daemon from $ACCESS files stored on a CIFS filesystem. SELinux prevented the ftp daemon from $ACCESS files stored on a NFS filesystem. Sometimes a library is accidentally marked with the execstack flag, if you find a library with this flag you can clear it with the execstack -c LIBRARY_PATH. Then retry your application. If the app continues to not work, you can turn the flag back on with execstack -s LIBRARY_PATH. The $SOURCE application attempted to change the access protection of memory on the heap (e.g., allocated using malloc). This is a potential security problem. Applications should not be doing this. Applications are sometimes coded incorrectly and request this permission. The SELinux Memory Protection Tests web page explains how to remove this requirement. If $SOURCE does not work and you need it to work, you can configure SELinux temporarily to allow this access until the application is fixed. Please file a bug report against this package. The $SOURCE application attempted to load $TARGET_PATH which requires text relocation. This is a potential security problem. Most libraries do not need this permission. Libraries are sometimes coded incorrectly and request this permission. The SELinux Memory Protection Tests web page explains how to remove this requirement. You can configure SELinux temporarily to allow $TARGET_PATH to use relocation as a workaround, until the library is fixed. Please file a bug report. The $SOURCE application attempted to load $TARGET_PATH which requires text relocation. This is a potential security problem. Most libraries should not need this permission. The SELinux Memory Protection Tests web page explains this check. This tool examined the library and it looks like it was built correctly. So setroubleshoot can not determine if this application is compromised or not. This could be a serious issue. Your system may very well be compromised. Contact your security administrator and report this issue. The $SOURCE application attempted to make its stack executable. This is a potential security problem. This should never ever be necessary. Stack memory is not executable on most OSes these days and this will not change. Executable stack memory is one of the biggest security problems. An execstack error might in fact be most likely raised by malicious code. Applications are sometimes coded incorrectly and request this permission. The SELinux Memory Protection Tests web page explains how to remove this requirement. If $SOURCE does not work and you need it to work, you can configure SELinux temporarily to allow this access until the application is fixed. Please file a bug report. Change file context.Change label on the library.Contact your security administrator and report this issue.Enable booleansIf you believe that %s should not require execstackIf you do not think $SOURCE_PATH should need to map heap memory that is both writable and executable.If you do not think $SOURCE_PATH should need to map stack memory that is both writable and executable.If you want to allow $SOURCE_PATH to be able to write to shared public contentIf you want to allow ftpd to write to cifs file systemsYou can read '%s' man page for more details.You need to change the label on $FIX_TARGET_PATHexecstack -c %ssetsebool -P %s %syou must tell SELinux about thisyou need to change the label on $TARGET_PATH to public_content_rw_t, and potentially turn on the allow_httpd_sys_script_anon_write boolean.you need to report a bug. This is a potentially dangerous access.you need to report a bug. This is a potentially dangerous access.you should clear the execstack flag and see if $SOURCE_PATH works correctly. Report this as a bug on %s. You can clear the exestack flag by executing:Project-Id-Version: PACKAGE VERSION Report-Msgid-Bugs-To: PO-Revision-Date: 2019-12-28 03:22-0500 Last-Translator: Fabio Tomat Language-Team: Friulian Language: fur MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Plural-Forms: nplurals=2; plural=(n != 1) X-Generator: Zanata 4.6.2 Se i script di httpd a àn di vê il permès par scrivi tes cartelis publichis tu varâs di ativâ il boolean di $BOOLEAN e cambiâ il contest dal file de cartele publiche a public_content_rw_t. Lei la pagjine dal manuâl (man) httpd_selinux par vê plui informazions: "setsebool -P $BOOLEAN=1; chcon -t public_content_rw_t " Tu scugnis ancje cambiâ i file de etichetadure dal contest predefinide dai file sul sisteme par evitâ la etichetadure de cartele publiche ancje tal câs che si vedi di tornâ a etichetâ dut. "semanage fcontext -a -t public_content_rw_t " Se tu pensis che $TARGET_PATH al funzioni in maniere juste, tu puedis cambiâ il contest dal file a textrel_shlib_t. "chcon -t textrel_shlib_t '$TARGET_PATH'" Tu scugnis ancje cambiâ i file di contest file predefinîts sul sisteme par podê preservâju ancje tal câs che si vedi di tornâ a etichetâ dut. "semanage fcontext -a -t textrel_shlib_t '$FIX_TARGET_PATH'" Se tu vuelis che $SOURCE al continuedi, tu scugnis ativâ il boolean $BOOLEAN. Note: Chest boolean al valarà par dutis lis aplcazions sul sisteme. SELinux al sta impedint a $SOURCE_PATH di cambiâ la protezion di acès de memorie sul heap. SELinux al sta impedint a $SOURCE_PATH di cjariâ $TARGET_PATH che al necessite dal riposizionament dal test. SELinux al sta impedint a $SOURCE_PATH di rindi eseguibil il stack dal program. La politiche di SELinux e sta impedint a un script di httpd di scrivi suntune cartele publiche. La politiche di SELinux e sta impedint a un script di httpd di scrivi suntune cartele publiche. Se httpd nol è configurât par scrivi su cartelis publichis, chest al pues segnalâ une tentatîf di intrusion. SELinux al à impedît al demoni ftp di $ACCESS i file archiviâts suntun filesystem CIFS. SELinux al à impedît al demoni ftp di $ACCESS i file archiviâts suntun filesystem NFS. Cualchi volte une librarie e ven segnade par erôr cu la bandiere/opzion execstack, se tu cjatis une librarie cun cheste bandiere/opzion tu puedis netâle cul comant execstack -c LIBRARY_PATH. Daspò torne prove la tô aplicazion. Se e continue a no lâ, tu puedis tornâ a ativâ la bandiere/opzion sul comant execstack -s LIBRARY_PATH. La aplicazion $SOURCE e à provât a cambiâ la protezion di acès de memorie sul heap (p.e. assegnât doprant malloc). Cehst al è un potenziâl probleme di sigurece. Lis applicazions no lu varessin di fâ. Lis aplicazions, cualchi volte, a vegnin scritis in maniere sbaliade e a domandin chest permès. La pagjine web Provis di protezion de memorie di SELinux e spieghe ce mût gjavâ chest recuisît. Se $SOURCE nol funzione e tu âs bisugne che al funzionedi, tu puedis configurâ in maniere temporanie SELinux in mût di permeti chest acès fintremai che la aplicazion no vignedi justade. Par plasê invie une segnalazion di erôr par chest pachet. La aplicazion $SOURCE e à provât a cjariâ $TARGET_PATH che al necessite dal riposizionament dal test. Chest al è un potenziâl probleme di sigurece. La plui part des librariis no àn bisugne di chest permès. Cualchi volte lis librariis a son scritis in maniere sbaliade e a domandin chest permès. La pagjine web Provis di protezion de Memorie di SELinux e spieghe ce mût gjavâ chest recuisît. Tu puedis configurâ in maniere temporanie SELinux par podê permet a $TARGET_PATH di doprâ il riposizionament come repeç, fintremai che la librarie no ven comedade. Par plasê invie une segnalazion di erôr. La aplicazion $SOURCE e à provât a cjariâ $TARGET_PATH che al à bisugne di riposizionâ il test. Chest al è un potenziâl probleme di sigurece. La plui part des librariis no varessin di vê bisugne di chest permès. La pagjine web Provis di protezion de memorie di SELinux e spieghe chest control. Chest strument al à esaminât la librarie e al semee che e sedi stade compilade in maniere juste. Duncje setroubleshoot nol puès determinâ se cheste aplicazion e je stade comprometude o mancul. Chest al podarès jessi un probleme seri. Il sisteme al podarès jessi une vore comprometût. Contate l'aministradôr de sigurece e segnale chest probleme. La aplicazion $SOURCE e à provât a rindi eseguibil il so stack. Chest al è un potenziâl probleme di sigurece. Chest nol varès di sei necessari in nissune ocasion. La memorie di stack no je eseguibile te plui part dai sistemis operatîfs al dì di vuê e chest nol cambiarà. La memorie di stack eseguibile e je un dai problemis di sigurece plui grancj. Un erôr execstack al pues di fat jessi gjenerât di codiç malevul. Lis aplicazions cualchi volte a vegnin scritis in maniere sbaliade e a domandin chest permès. La pagjine web Provis di protezion de memorie di SELinux e spieghe ce mût gjavâ chest recuisît. Se $SOURCE nol funzione e tu âs bisugne che al funzionedi, tu puedis configurâ SELinux in maniere temporanie al fin di permeti chest acès, fintremai che la aplicazion no ven comedade. Par plasê invie une segnalazion di erôr. Cambie il contest dal file.Cambie etichete su la librarie.Contate il to aministradôr di sigurece e segnale chest probleme.Abilite i booleansSe tu crodis che %s nol vedi bisugne di execstackSe tu pensis che $SOURCE_PATH nol vedi di mapâ la memorie heap che e je sei scrivibile che eseguibile.Se tu pensis che $SOURCE_PATH nol vedi di mapâ la memorie di stack che e je sedi di scriture che di esecuzion.Se tu vuelis permeti a $SOURCE_PATH di podê scrivi su contignûts publics condividûtsSe tu desideris permeti a ftpd di scrivi sul filesystem cifsTu puedis lei la pagjine dal manuâl (man) '%s' par vê plui detais.Tu âs di cambiâ la etichete su $FIX_TARGET_PATHexecstack -c %ssetsebool -P %s %stu scugnis dîlu a SELinuxtu scugnis cambiâ la etichete su $TARGET_PATH a public_content_rw_t e in mût potenziâl ativâ il boolean allow_httpd_sys_script_anon_write.tu âs di segnalâ un erôr. Chest al è un acès potenzialmentri pericolôs.tu scugnis segnalâ un erôr. Chest al è un potenziâl acès pericolôs.tu varessis di netâ la bandiere/opzion execstack e viodi se $SOURCE_PATH al funzione. Segnale chest come erôr su %s. Tu puedis netâ la bandiere/opzion exestack eseguint: