On Mon, May 10, 2004 at 04:04:04PM +0200, Leonard den Ottolander wrote:
> Had to move in the /etc/security/selinux/policies because they were
> created as .rpmnews.
You had policy-sources installed as well? I think it's expected
behaviour in that case (policy-sources' %post scriptlet generates them
from source).
> Root console login:
> avc: denied { read } for pid=1559 exe=/bin/login
> name=.default_contexts dev=hda2 ino=437194
> scontext=system_u:system_r:local_login_t
> tcontext=root:object_r:staff_home_dir_t tclass=file
Looks like /root/.default_contexts has the wrong file context. Try after
running restorecon on it.
> ssh login and su - :
> avc: denied { read } for pid=3489 exe=/bin/su name=.default_contexts
> dev=hda2 ino=437194 scontext=user_u:user_r:user_su_t
> tcontext=root:object_r:staff_home_dir_t tclass=file
> avc: denied { getattr } for pid=3489 exe=/bin/su
> path=/root/.default_contexts dev=hda2 ino=437194
> scontext=user_u:user_r:user_su_t tcontext=root:object_r:staff_home_dir_t
> tclass=file
See above.
> avc: denied { add_name } for pid=3489 exe=/bin/su name=.xauthrQsUjb
> scontext=user_u:user_r:user_su_t tcontext=root:object_r:staff_home_dir_t
> tclass=dir
> avc: denied { create } for pid=3489 exe=/bin/su name=.xauthrQsUjb
> scontext=user_u:user_r:user_su_t
> tcontext=user_u:object_r:staff_home_dir_t tclass=file
> avc: denied { setattr } for pid=3489 exe=/bin/su name=.xauthrQsUjb
> dev=hda2 ino=437207 scontext=user_u:user_r:user_su_t
> tcontext=user_u:object_r:staff_home_dir_t tclass=file
This is in bugzilla already:
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=120108
Tim.
*/
Attachment:
pgp00005.pgp
Description: PGP signature