Can't use new users?
Ben
bench at silentmedia.com
Fri Sep 2 18:50:12 UTC 2005
Stephen Smalley wrote:
>That message just shows you that permission was granted to switch
>enforcing mode, so /usr/sbin/getenforce should now show that you are now
>in Permissive mode, i.e. SELinux will only log permissions that would be
>denied by policy but not actually enforce the denial. If it is still
>broken, then the SELinux kernel permission checks are unlikely to be the
>cause.
>
>
getenforce does indeed show Permissive after running setenforce 0, so at
least that's working as expected. I can see how this seems like it would
make it unlikely to be a SELinux problem at this point, but then how
come I still see this when trying to su?
Warning! Could not relabel /dev/pts/3 with user_u:object_r:devpts_t,
not relabeling.Operation not permitted
Interestingly, if I try to ssh in, instead of su, I get this:
[root at dumont ~]# ssh nagios at localhost
nagios at localhost's password:
Last login: Fri Sep 2 11:40:25 2005 from dumont
-bash: /etc/profile: Permission denied
[root at dumont nagios]# ls -alZ
drwx------ nagios nagios root:object_r:user_home_dir_t .
drwxr-xr-x root root system_u:object_r:home_root_t ..
-rw------- nagios nagios user_u:object_r:user_home_t .bash_history
-rw-r--r-- nagios nagios root:object_r:user_home_t .bash_logout
-rw-r--r-- nagios nagios root:object_r:user_home_t .bash_profile
-rw-r--r-- nagios nagios root:object_r:user_home_t .bashrc
-rw-r--r-- nagios nagios root:object_r:user_home_t .emacs
-rw-r--r-- nagios nagios root:object_r:user_home_t .gtkrc
-rw-r--r-- nagios nagios root:object_r:user_home_t .zshrc
.... so it still seems like SELinux is hurting me, even though it's set
to be in permissive mode?
>Not sure it will work on FC3, but try enabling syscall auditing:
> /sbin/auditctl -e 1
>And then try again.
>
>
This didn't seem to have any impact I could see...
More information about the fedora-selinux-list
mailing list