Paolo
On Sat, Dec 19, 2009 at 1:04 PM, Petrus de Calguarium <kwhiskerz@xxxxxxxxx> wrote:
I am not very knowledgeable about selinux, but I will see what I can do.
The section in [] brackets says that since the command has a "permissive type", the
vinny wrote:
> [find has a permissive type (prelink_cron_system_t). This access was not
> denied.]
>
"access was not denied"; in other words the command ran without being hindered by
selinux, so you can read the security message as a warning.
This means that /var/lib/misc/prelink.full has the wrong file context (to check
> SELinux denied access requested by find. /var/lib/misc/prelink.full may
> be a
> mislabeled. /var/lib/misc/prelink.full default SELinux type is
> prelink_var_lib_t,
> but its current type is cron_var_lib_t. Changing this file back to the
> default
> type, may fix your problem.
>
context: ls -Z filename). Selinux should have blocked access, but the context is
permissive, so it didn't (refer to the section at the very beginning in the []
brackets).
> You can restore the default system context to this file by executing the
> restorecon command.
>
> /sbin/restorecon '/var/lib/misc/prelink.full'If this error message bothers you, even though selinux tells you that it didn't
>
prevent the command from executing, you have the option to restore the context of
the file using this command:
sudo /sbin/restorecon -v '/var/lib/misc/prelink.full'
-v means verbose, so you will see if a change was made to the context.
Sometimes files will get the wrong context each time you reboot, so you might have
to keep on doing this every time you reboot, or wait for an update that fixes the
default context. If you want to know which rpm package creates or supplies this
file:
yum provides */prelink.full
or
yum provides /var/lib/misc/prelink.full
I don't know what kind of file prelink.full is, but if it comes from an installed
rpm package from the fedora repositories, you could file a bug report at
bugzilla.redhat.com. If you created the file or edited the file, then you must
restore the context.
I hope this helps sufficiently.
--
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
-- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines