[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: fc5: several troubles at my first attempt

From: Ron Yorston <rmy tigress co uk>
To: fedora-selinux-list redhat com
Subject: Re: fc5: several troubles at my first attempt
Date: Tue, 4 Apr 2006 21:02:10 +0100 (BST)

I wrote:
[snip lots of stuff]
>>> Mar 31 20:04:18 random kernel: audit(1143831757.360:451): avc:  denied  { search } for  pid=1384 comm="pam_console_app" name="var" dev=hde3 ino=62785 scontext=system_u:system_r:pam_console_t:s0-s0:c0.c255 tcontext=system_u:object_r:file_t:s0 tclass=dir

OK, I booted into single user mode, unmounted /var and ran

   chcon -t var_t /var

on the mount point.  Now when I boot I don't get 450 messages like the
above.

The underlying problem is that pam_console_apply is trying to access /var
before it's mounted.  We just happened to see it because the SELinux
context on the mount point won't allow it.

Ron

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]