selinux and ppp
Gene C.
czar at czarc.net
Sat Apr 3 18:39:09 UTC 2004
On Friday 02 April 2004 18:57, shrek-m at gmx.de wrote:
> bastard operater wrote:
> > Thank you for the response. After doing what you suggested I now get
> > the following message:
> >
> > Apr 1 21:20:01 excalibur kernel: PPP generic driver version 2.4.2
> > Apr 1 21:20:01 excalibur pppd[2403]: pppd 2.4.1 started by root, uid 0
> > Apr 1 21:20:02 excalibur kernel: audit(1080876002.324:0): avc:
> > denied { execute } for pid=2404 exe=/bin/bash name=ppp-on-dialer
> > dev=sdb2 ino=32702 scontext=root:system_r:pppd_t
> > tcontext=root:object_r:pppd_etc_t tclass=file
> > Apr 1 21:20:02 excalibur pppd[2403]: Connect script failed
> > Apr 1 21:20:03 excalibur pppd[2403]: Exit.
> >
> > To answer your question, a file was created in the /etc/ppp directory
> > called connect-errors.
>
> give it a try and disable selinux
>
> /etc/sysconfig/selinux
> SELINUX=disable
>
> and reboot
> or see
> http://people.redhat.com/kwade/fedora-docs/selinux-faq-en/
Actually, you should be able to do this without a reboot by running
"setenforce 0" as either root or a sysadm user. This turns off enforceing
but the deny messages will still go into /var/log/messages. You will need
these deny message for any policy-related bugzilla reports you do.
--
Gene
More information about the fedora-test-list
mailing list