Paul Smith wrote: > On Sun, Sep 7, 2008 at 12:48 AM, Stuart Sears <stuart@xxxxxxxxxxx> [...edited...] >> An 'AVC denial' is just telling you that SELinux has prevented >> something from happening on your system. We'd need the actual >> denial message to see what it's complaining about - click on the >> "Sheriff's badge" in your system tray and tell us what it says. > > Thanks, Stuart. The required information is below: > > ------------------------------ Summary: > > SELinux is preventing the rpcbind from using potentially mislabeled > files (./services). > > Detailed Description: > > SELinux has denied rpcbind access to potentially mislabeled file(s) > (./services). This means that SELinux will not allow rpcbind to use > these files. It is common for users to edit files in their home > directory or tmp directories and then move (mv) them to system > directories. The problem is that the files end up with the wrong file > context which confined applications are not allowed to access. > > Allowing Access: > > If you want rpcbind to access this files, you need to relabel them > using restorecon -v './services'. You might want to relabel the > entire directory using restorecon -R -v '.'. > > Additional Information: > > Source Context unconfined_u:system_r:rpcbind_t:s0 > Target Context > unconfined_u:object_r:rpm_script_tmp_t:s0 Target Objects > ./services [ file ] okay, the rpcbind service is trying to access a file called 'services' (the ./ path puzzles me, but I suspect /etc/services here) which is mislabelled if ls -Z /etc/services looks like this: -rw-r--r-- root root system_u:object_r:rpm_script_tmp_t:s0 /etc/services try correcting the labels like this... restorecon -v /etc/services which should tell you it is doing this - restorecon reset /etc/services context system_u:object_r:rpm_script_tmp_t:s0->system_u:object_r:etc_t:s0 Then try restarting the rpcbind (and probably nfs) services. incidentally, blindly following the advice of setroubleshoot is not always the correct response - in some cases all its advice boils down to is "If you want me to shut up and stop bothering you, try this..." Sometimes it is supposed to bother you :) Regards, Stuart -- Stuart Sears RHCA etc. "It's today!" said Piglet. "My favourite day," said Pooh. -- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
