selinux-policy-targeted-1.21.5-1 kernel-2.6.10-1.1115_FC4
one lot of:
type=KERNEL msg=audit(1107189317.896:165031): avc: denied { create } for pid= 3061 exe=/usr/sbin/htt_server name=.iiimp-unix scontext=user_u:system_r:i18n_inp ut_t tcontext=user_u:object_r:i18n_input_var_run_t tclass=dir
and many times:
type=KERNEL msg=audit(1107189602.159:494563): avc: denied { transition } for pid=3596 exe=/usr/sbin/crond path=/bin/bash dev=hda3 ino=1933320 scontext=user_u :system_r:crond_t tcontext=system_u:system_r:unconfined_t tclass=process
which seems to mean that all cron scripts are failing and I am getting a
execl: couldn't exec `/bin/sh' execl: Permission denied
message from crond every couple of minutes.
joe
Joe Orton wrote:
selinux-policy-targeted-1.21.5-1 kernel-2.6.10-1.1115_FC4
one lot of:
type=KERNEL msg=audit(1107189317.896:165031): avc: denied { create } for pid= 3061 exe=/usr/sbin/htt_server name=.iiimp-unix scontext=user_u:system_r:i18n_inp ut_t tcontext=user_u:object_r:i18n_input_var_run_t tclass=dir
and many times:
type=KERNEL msg=audit(1107189602.159:494563): avc: denied { transition } for pid=3596 exe=/usr/sbin/crond path=/bin/bash dev=hda3 ino=1933320 scontext=user_u :system_r:crond_t tcontext=system_u:system_r:unconfined_t tclass=process
which seems to mean that all cron scripts are failing and I am getting a
execl: couldn't exec `/bin/sh' execl: Permission denied
message from crond every couple of minutes.
joe
-- fedora-selinux-list mailing list fedora-selinux-list@redhat.com http://www.redhat.com/mailman/listinfo/fedora-selinux-list
Could you check out the selinux-policy-targeted-1.21.5-1 on
ftp://people.redhat.com/dwalsh/selinux/Fedora
I think this fixes the crond problem. I will fix the htt_server problem in 1.21.5-2
On Mon, Jan 31, 2005 at 02:49:14PM -0500, Daniel J Walsh wrote:
Could you check out the selinux-policy-targeted-1.21.5-1 on
ftp://people.redhat.com/dwalsh/selinux/Fedora
I found -1.21.5-5 from ftp://people.redhat.com/dwalsh/SELinux/Fedora/ - but it doesn't seem to have helped, I still get:
type=KERNEL msg=audit(1107252061.377:13600081): avc: denied { transition } for pid=25433 exe=/usr/sbin/crond path=/bin/bash dev=hda3 ino=1933320 scontext=root:system_r:crond_t tcontext=system_u:system_r:unconfined_t tclass=processss tclass=file
I notice we're back to a modified policy.18 from a stock install without -sources modifications:
[root@trash ~]# rpm -V selinux-policy-targeted S.5....T. c /etc/selinux/targeted/booleans ..5....T. /etc/selinux/targeted/contexts/files/file_contexts ..5....T. /etc/selinux/targeted/policy/policy.18
joe
Joe Orton wrote:
On Mon, Jan 31, 2005 at 02:49:14PM -0500, Daniel J Walsh wrote:
Could you check out the selinux-policy-targeted-1.21.5-1 on
ftp://people.redhat.com/dwalsh/selinux/Fedora
I found -1.21.5-5 from ftp://people.redhat.com/dwalsh/SELinux/Fedora/ - but it doesn't seem to have helped, I still get:
type=KERNEL msg=audit(1107252061.377:13600081): avc: denied { transition } for pid=25433 exe=/usr/sbin/crond path=/bin/bash dev=hda3 ino=1933320 scontext=root:system_r:crond_t tcontext=system_u:system_r:unconfined_t tclass=processss tclass=file
I notice we're back to a modified policy.18 from a stock install without -sources modifications:
[root@trash ~]# rpm -V selinux-policy-targeted S.5....T. c /etc/selinux/targeted/booleans ..5....T. /etc/selinux/targeted/contexts/files/file_contexts ..5....T. /etc/selinux/targeted/policy/policy.18
joe
-- fedora-selinux-list mailing list fedora-selinux-list@redhat.com http://www.redhat.com/mailman/listinfo/fedora-selinux-list
I think I have finally fixed the crond problem
selinux-policy-targeted-1.21.6-1
Sorry it took so long.
Dan
selinux@lists.fedoraproject.org