Rename to policy.16 and now I got bigger problems
yonas abraham
yonasb at netzero.com
Mon Apr 5 22:39:45 UTC 2004
probably you need to relabel the files after you change the policy. i.e
rename policy to policy.16
relabel
reboot.
--yonas
jim tate wrote:
> Rename /etc/security/selinux/policy. to policy.16 and went into
> /etc/sysconfig/selinux
> and set SELINUX=enforcing and reboot computer and bootup hungup and
> gave me
> all kinds of error messages,see below.
> and I changed back to SELINUX=permissive and still got error messages,
> but I could
> at least I could get to user login window I now have SELINUX=disable
> but I couldn't login as mickey user, had to login as root desktop
> only. Got error message when trying to login user:
> ERROR Unable to set executable context.
>
> Thanks
> Jim Tate
>
> pr 5 16:27:23 mickeyboy kernel: audit(1081200443.557:0): avc: denied {
> getattr } for pid=2247 exe=/usr/sbin/utempter path=/etc/passwd
> dev=hda2 ino=3181518 scontext=root:sysadm_r:utempter_t
> tcontext=system_u:object_r:file_t tclass=file
>
> Apr 5 16:27:23 mickeyboy kernel: audit(1081200443.558:0): avc:
> denied { read write } for pid=2247 exe=/usr/sbin/utempter name=utmp
> dev=hda2 ino=3883013 scontext=root:sysadm_r:utempter_t
> tcontext=system_u:object_r:var_run_t tclass=file
> Apr 5 16:27:23 mickeyboy kernel: audit(1081200443.558:0): avc:
> denied { lock } for pid=2247 exe=/usr/sbin/utempter
> path=/var/run/utmp dev=hda2 ino=3883013
> scontext=root:sysadm_r:utempter_t tcontext=system_u:object_r:var_run_t
> tclass=file
> Apr 5 16:27:23 mickeyboy gconfd (root-2249): starting (version
> 2.6.0), pid 2249 user 'root'
> Apr 5 16:27:23 mickeyboy gconfd (root-2249): Resolved address
> "xml:readonly:/etc/gconf/gconf.xml.mandatory" to a read-only config
> source at position 0
> Apr 5 16:27:23 mickeyboy gconfd (root-2249): Resolved address
> "xml:readwrite:/root/.gconf" to a writable config source at position 1
> Apr 5 16:27:23 mickeyboy gconfd (root-2249): Resolved address
> "xml:readonly:/etc/gconf/gconf.xml.defaults" to a read-only config
> source at position 2
> Apr 5 16:27:25 mickeyboy kernel: audit(1081200445.809:0): avc:
> denied { unix_read unix_write } for pid=1987
> exe=/usr/X11R6/bin/XFree86 key=0 scontext=system_u:system_r:kernel_t
> tcontext=root:sysadm_r:sysadm_t tclass=shm
> Apr 5 16:27:25 mickeyboy kernel: audit(1081200445.809:0): avc:
> denied { read write } for pid=1987 exe=/usr/X11R6/bin/XFree86 key=0
> scontext=system_u:system_r:kernel_t tcontext=root:sysadm_r:sysadm_t
> tclass=shm
> Apr 5 16:27:25 mickeyboy kernel: audit(1081200445.809:0): avc:
> denied { use } for pid=1987 path=/SYSV00000000 (deleted) dev=
> ino=196608 scontext=system_u:system_r:kernel_t
> tcontext=root:sysadm_r:sysadm_t tclass=fd
> Apr 5 16:27:25 mickeyboy kernel: audit(1081200445.809:0): avc:
> denied { getattr associate } for pid=1987 exe=/usr/X11R6/bin/XFree86
> key=0 scontext=system_u:system_r:kernel_t
> tcontext=root:sysadm_r:sysadm_t tclass=shm
> Apr 5 16:29:05 mickeyboy kernel: audit(1081200545.650:0): avc: denied
>
>
>
More information about the fedora-test-list
mailing list