Fixing broken DNS lookups in spamassassin

I talked about the joys of running my own mail server last week only to find that my mail server was broken yesterday. Spamassassin stopped doing DNS lookups for RBL and SPF checks. I had one of these moments:

My logs looked like this: plugin: eval failed: available_nameservers: No DNS servers available! plugin: eval failed: available_nameservers: No DNS servers available! rules: failed to run NO_DNS_FOR_FROM RBL test, skipping: (available_nameservers: [.

Read more →

Text missing in chrome on Linux

I’m in the process of trying Fedora 20 on my retina MacBook and I ran into a peculiar issue with Chrome. Some sites would load up normally and I could read everything on the page. Other sites would load up and only some of the text would be displayed. Images were totally unaffected. It wasn’t this way on the initial installation of Fedora but it cropped up somewhere along the way as I installed software.
Read more →

Launch secure LXC containers on Fedora 20 using SELinux and sVirt

Getting started with LXC is a bit awkward and I’ve assembled this guide for anyone who wants to begin experimenting with LXC containers in Fedora 20. As an added benefit, you can follow almost every step shown here when creating LXC containers on Red Hat Enterprise Linux 7 Beta (which is based on Fedora 19). You’ll need a physical machine or a VM running Fedora 20 to get started. (You could put a container in a container, but things get a little dicey with that setup.
Read more →

Come and get your SELinux shirts!

After my podcast interview at the 2013 Red Hat Summit, Dan Walsh posted a photo of himself in the SELinux shirt that I gave him at the Summit: Needless to say, I was flooded with requests for shirts after that. Someone suggested using the Overpass font and I have new shirts ready for purchase on Spreadshirt.

I set all the prices as low as the vendor will allow and I’m not making any profit for each purchase.

Read more →

Confine untrusted users (including your children) with SELinux

The confined user support in SELinux is handy for ensuring that users aren’t able to do something that they shouldn’t. It seems more effective and easier to use than most of the other methods I’ve seen before. Thanks to Dan for reminding me about this during his SELinux in the Enterprise talk from this year’s Red Hat Summit. There are five main SELinux user types (and a handy chart in the Fedora documentation):
Read more →