Re: Problems with SELinux

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Tue, 2005-04-12 at 01:37 +0200, Vassilios Kotoulas wrote:
> hi,
> 
> I have this messages on boot and ntpdate fails on boot.
> The first time I had this messages I put SELinux into permissive mode
> but I now want to have SELinux protection.
> 
> ------------------cut----------------------------------
> audit(1113261840.303:0): avc:  denied  { read } for  pid=3636
> exe=/usr/sbin/ntpdate name=services dev=hda1 ino=17230721
> scontext=user_u:system_r:ntpd_t tcontext=system_u:object_r:mail_spool_t
> tclass=file
> audit(1113261840.303:0): avc:  denied  { read } for  pid=3636
> exe=/usr/sbin/ntpdate name=services dev=hda1 ino=17230721
> scontext=user_u:system_r:ntpd_t tcontext=system_u:object_r:mail_spool_t
> tclass=file
> audit(1113261840.505:0): avc:  denied  { read } for  pid=3649
> exe=/sbin/syslogd name=services dev=hda1 ino=17230721
> scontext=user_u:system_r:syslogd_t
> tcontext=system_u:object_r:mail_spool_t tclass=file
> audit(1113261840.559:0): avc:  denied  { read } for  pid=3653
> exe=/usr/sbin/ntpd name=services dev=hda1 ino=17230721
> scontext=user_u:system_r:ntpd_t tcontext=system_u:object_r:mail_spool_t
> tclass=file
> audit(1113261840.559:0): avc:  denied  { read } for  pid=3653
> exe=/usr/sbin/ntpd name=services dev=hda1 ino=17230721
> scontext=user_u:system_r:ntpd_t tcontext=system_u:object_r:mail_spool_t
> tclass=file
> audit(1113261840.560:0): avc:  denied  { read } for  pid=3653
> exe=/usr/sbin/ntpd name=services dev=hda1 ino=17230721
> scontext=user_u:system_r:ntpd_t tcontext=system_u:object_r:mail_spool_t
> tclass=file
> audit(1113261840.560:0): avc:  denied  { read } for  pid=3653
> exe=/usr/sbin/ntpd name=services dev=hda1 ino=17230721
> scontext=user_u:system_r:ntpd_t tcontext=system_u:object_r:mail_spool_t
> tclass=file
> audit(1113261840.560:0): avc:  denied  { read } for  pid=3653
> exe=/usr/sbin/ntpd name=services dev=hda1 ino=17230721
> scontext=user_u:system_r:ntpd_t tcontext=system_u:object_r:mail_spool_t
> tclass=file
> -------------------------------------cut-------------------------------
> 
> 

Maybe you need to relabel.  There are a couple of methods described at:

http://fedora.redhat.com/docs/selinux-faq-fc3/

Bob...
[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux