On Wed, 2006-02-22 at 21:35 +0000, Dovydas Sankauskas wrote:
> Yep!
> I see many lines in /var/log/audit/audit.log containing "sda1" or
> "muzika" similar to this line:
> type=AVC msg=audit(1140640101.729:211): avc: denied { getattr } for
> pid=8717 comm="proftpd" name="/" dev=sda1 ino=128
> scontext=root:system_r:ftpd_t tcontext=system_u:object_r:file_t
> tclass=dir
>
>
> And my /var/log/messages files are empty:
>
> # l /var/log/messages*
> -rw-r--r-- 1 root root 0 Feb 19 04:04 /var/log/messages
> -rw-r--r-- 1 root root 0 Feb 12 04:13 /var/log/messages.1
> -rw-r--r-- 1 root root 0 Feb 5 04:06 /var/log/messages.2
> -rw-r--r-- 1 root root 0 Jan 29 04:11 /var/log/messages.3
> -rw-r--r-- 1 root root 0 Jan 22 04:06 /var/log/messages.4
>
> That's a bit weird, isn't it?
Yes, that's rather wierd.
I see the the external drive is formatted xfs; I'm not sure if xfs
supports SELinux contexts fully, so I think there are two things to try.
First, try:
# chcon -R user_u:object_r:user_home_t /home/dovydas/muzika
An "ls -lZ /home/dovydas/muzika" should then show all files having the
context set above. If not, you'll need to change a mount option instead,
adding fscontext=user_u:object_r:user_home_t, e.g. in /etc/fstab:
/dev/sda1 /home/dovydas/muzika xfs fscontext=user_u:object_r:user_home_t
0 0
Paul.
