Understandig SELinux...

Barrow H Kwan bhkwan at thoughtworks.com
Sun Dec 5 03:24:56 UTC 2004 

I don't know if this is the appropriate way to get rid of those messages..

run "getselinux -a" and see if syslogd_disable_trans' active=0.  If so, 
run setselinux to set it to true.  You might want to update 
/etc/selinux/targeted/booleans





Giuseppe Greco <giuseppe.greco at agamura.com> 
Sent by: fedora-list-bounces at redhat.com
12/04/2004 09:29 AM
Please respond to
For users of Fedora Core releases <fedora-list at redhat.com>


To
Fedora Core <fedora-list at redhat.com>
cc

Subject
Understandig SELinux...






Hi all,

I've lots of problems related to SELinux on FC3...

I get tonnes of messages like

  ...
  audit(1102179993.228:0): avc: denied { append } for pid=2624
    exe=/sbin/syslogd name=boot.log dev=md-6 ino=128104
    scontex=root:system_r:syslogd_t tcontext=system_u:object_r:file_t
    tclass=file
  syslog: /var/log/boot.log: Permissin denied
  ...

Same problem with dhcpd, portmap, etc.
I've tried this

  [root at murphy etc]# ls -alZ /var/log/boot.log
    -rw-------  root     root    /var/log/boot.log

... and then this

  [root at murphy etc]# chcon -t var_log_t /var/log/boot.log

but I always get the error message

  "chcon: can't apply partial context to unlabeled file boot.log"

What I'm trying to understand is why system files like this are
not already labeled as they should, and what I've to do to get
my boxes working without complying... 

Thanks for helping a poor novice,
j3d.

-- 
----------------------------------------
Giuseppe Greco

::agamura::

phone:  +41 (0)91 604 67 65
mobile: +41 (0)76 390 60 32
email:  giuseppe.greco at agamura.com
web:    www.agamura.com
----------------------------------------

-- 
fedora-list mailing list
fedora-list at redhat.com
To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/fedora-list/attachments/20041204/1c8d5bdb/attachment-0001.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 4104 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/fedora-list/attachments/20041204/1c8d5bdb/attachment-0001.bin>

More information about the fedora-list mailing list