Bind & selinux
olga at urbantimes.net
olga at urbantimes.net
Mon Dec 4 22:35:36 UTC 2006
>> olga at urbantimes.net wrote:
>>> Hi,
>>>
>>> I just configured named to run on a machine with selinux enabled. But
>>> for
>>> some reason I can't start/restart named from an ssh session. Gives me
>>> the
>>> following error:
>>>
>>> host1 kernel: audit(1165261031.810:23): security_compute_sid: invalid
>>> context root:sysadm_r:named_t for scontext=root:sysadm_r:initrc_t
>>> tcontext=system_u:object_r:named_exec_t tclass=process
>>> Dec 4 13:37:11 host1 named: execvp: Permission denied
>>> Dec 4 13:37:11 host1 named: named startup failed
>>>
>>> However, I can start it from the X session at the server. Named starts
>>> fine without any errors.
>>>
>>> Do I need to configure ssh in this case? Or tweak named further?
>>>
>>> Thank you.
>>>
>>> Olga
>>>
>>>
>> Try run_init named start
>>
>> You are being bitten by RBAC. sysadm_r is not allowed to transition to
>> named_t.
>>
>
> Actually I can't seem to start any services from an ssh session. They
> start fine from the server.
>
> run_init command didn't work.
>
> Any suggestions?
Sorry, run_init command worked. I wasn't providing the full path...
Thank you!
More information about the fedora-list
mailing list