M A Young wrote:
On Wed, 8 Nov 2006, Paul Howarth wrote:
Mark Haney wrote:
Nov 8 10:34:26 localhost kernel: audit(1163000066.441:216): avc:
denied { sigkill } for pid=28872 comm="bash"
scontext=user_u:system_r:unconfined_t:s0
tcontext=root:system_r:unconfined_t:s0-s0:c0.c255 tclass=process
What I'm trying to kill is a perl script (rsnapshot).
Well that's a curious one. It would be allowed by policy here. Try
piping that error log entry through /usr/sbin/audit2why at your end.
You are trying to send the signal as root (ie. it is worth double checking
you aren't doing something that ordinary linux would block)?
It may also be worth checking what selinux type you are running - for most
circumstances "targeted" is the right choice - the other options "strict"
and "mls" are probably too paranoid for most purposes.
Michael Young
Yes, I'm trying to send the signal as root. The process itself is owned
and run by root, so I don't think that should be a problem. As for
which type of selinux I'm running, how do I check that? I'm pretty sure
I'm using targeted, but can't say for certain.
--
Ceterum censeo, Carthago delenda est.
Mark Haney
Sr. Systems Administrator
ERC Broadband
(828) 350-2415