SELinux alert when running yum update
Thomas Cameron
thomas.cameron at camerontech.com
Mon Dec 1 23:08:23 UTC 2008
Colin Paul Adams wrote:
>>>>>> "Thomas" == Thomas Cameron <thomas.cameron at camerontech.com> writes:
>
> You can do a couple of things. First, it's probably not a bad idea to
> Thomas> run these commands as root:
>
> Thomas> restorecon -vR /home restorecon -vR /usr
>
> OK. I've done that.
>
> Thomas> Then try again by opening your browser and going to a page
> Thomas> that caused errors before. If it still doesn't work you
>
> I don't know of a page that caused errors before.
Eh? What were you doing when you got the SELinux denial before? Can
you do it again?
> Thomas> can use audit2allow to create a policy. I set up all my
> Thomas> policies in a directory called /root/selinux. So as root,
> Thomas> do this:
>
> Thomas> mkdir selinux cd selinux setenforce 0 # open your web
>
> I did that too.
>
> Thomas> browser and go to a page with the plugin grep npviewer.bin
> Thomas> /var/log/audit/audit.log | audit2allow -a -M npviewer #
> Thomas> review npviewer.te so make sure it looks right.
>
> I don't know what a page with the plugin is.
Probably a flash based page.
> Thomas> semodule -i npviewer.pp setenforce 1
>
>
> semodule: Could not read file 'npviewer.pp': No such file or directory
Did you look at the npviewer.te file? Is there anything in it?
TC
More information about the fedora-list
mailing list