F7 : ntpd and selinux
Daniel J Walsh
dwalsh at redhat.com
Mon Jun 4 18:41:58 UTC 2007
Skunk Worx wrote:
> I can see similar comments in bugzilla, so I think this is already
> being worked.
> ---
> John
>
> > avc: denied { sys_time } for comm="ntpdate" egid=38 euid=38
> > avc: denied { kill } for comm="ntpd" egid=0 euid=0 exe="/bin/bash"
> exit=0
> > avc: denied { sys_nice } for comm="ntpdate" egid=0 euid=0
> > avc: denied { setgid } for comm="ntpdate" egid=0 euid=0
> exe="/usr/sbin/ntpdate"
> > avc: denied { setcap } for comm="ntpdate" egid=38 euid=38
> > avc: denied { name_bind } for comm="ntpdate" egid=0 euid=0
> > avc: denied { setsched } for comm="ntpdate" egid=0 euid=0
> > avc: denied { read } for comm="ntpdate" dev=dm-0 egid=0 euid=0
> > avc: denied { signal } for comm="ntpd" egid=0 euid=0 exe="/bin/bash"
> exit=0
> > avc: denied { ioctl } for comm="ntpd" dev=dm-0 egid=0 euid=0
> exe="/bin/bash"
> > avc: denied { read } for comm="ntpd" dev=dm-0 egid=0 euid=0
> exe="/bin/bash"
> > avc: denied { getattr } for comm="ntpd" dev=dm-0 egid=0 euid=0
> exe="/bin/bash"
> > avc: denied { setuid } for comm="ntpdate" egid=38 euid=38
>
Please attach the log file to show what is causing these messages. I
can't generate rules from just this info.
More information about the fedora-list
mailing list