2019-2-12

坐在这里发呆很久,代码一行没写。我不知道我在难过什么,更不知道在气愤什么,也不知道在埋怨什么。

- Read More -

宝贝生日快乐

陪宝贝度过的第一个生日

哭哭啼啼的度过了

宝贝为了让我好好睡觉,假装开心的陪我到这么晚,她应该还会去看一会儿小埋才肯去睡

宝贝情感洁癖严重,希望下辈子能让宝贝慢慢释怀

很爱你,宝贝,愿意跟你不离不弃

Modifying SElinux configure for allowing nginx reverse proxy local site

Read about audit2allow and used it to create a policy to allow access to the denied requests for nginx.

    [root]# sudo cat /var/log/audit/audit.log | grep nginx | grep denied | audit2allow -m nginxlocalconf > nginxlocalconf.te
    [root]# cat nginxlocalconf.te 
    
    module nginxlocalconf 1.0;
    
    require {
        type httpd_t;
        type var_t;
        type transproxy_port_t;
        class tcp_socket name_connect;
        class file { read getattr open };
    }
    
    #============= httpd_t ==============
    
    #!!!! This avc can be allowed using the boolean 'httpd_can_network_connect'
    allow httpd_t transproxy_port_t:tcp_socket name_connect;
    allow httpd_t var_t:file { read getattr open };
    [root]# sudo cat /var/log/audit/audit.log | grep nginx | grep denied | audit2allow -M nginxlocalconf
    ******************** IMPORTANT ***********************
    To make this policy package active, execute:
    
    semodule -i nginxlocalconf.pp
    
    [root]# semodule -i nginxlocalconf.pp

岁末

好几天没来了,倒不是忘了这个地方了。每天都会上来看一眼,想写些什么又总是无处下手。我不知道是因为开心的日子没什么想吐槽的所以没文字可写,还是难过的时候怕写些东西惹人不快所以不想写。总之就是好几天没写了,我可能也就这么点本事了,写几行字矫情矫情。

- Read More -