On Tue, 2011-01-04 at 01:08 -0800, Gordon Messmer wrote:
> On 01/02/2011 06:45 AM, Matthew Saltzman wrote: > Aha! In
> /var/log/messages, on the other hand, this happens: > > Jan 2
> 09:40:36 yankee setroubleshoot: SELinux is preventing /usr/sbin/sshd
> from search access on the directory /var/lib/amanda. For complete
> SELinux messages. run sealert -l d477003b-6568-4441-95d8-60bda5a6c0e5
> > Jan 2 09:40:36 yankee setroubleshoot: SELinux is preventing
> /usr/sbin/sshd from search access on the directory /var/lib/amanda. For
> complete SELinux messages. run sealert -l
> d477003b-6568-4441-95d8-60bda5a6c0e5 ... > So I will file the bug.
>
> I believe you'll need to fix that like so:
>
> # semanage fcontext -a -t user_home_dir_t /var/lib/amanda # semanage
> fcontext -a -t user_home_t "/var/lib/amanda/.*" # restorecon -r
> /var/lib/amanda
>
Dan Walsh's suggestion was
chcon -Rt ssh_home_t /var/lib/amanda/.ssh
Should fix the problem.
I haven't tested it yet, but that's the patch he proposed in response
to the bug. He seems to know what he's doing with SELinux 8^).
(Although it isn't transparent--has to be done when the directory is
created.)
Thanks, tho.
--
Matthew Saltzman
Clemson University Math Sciences
mjs AT clemson DOT edu
http://www.math.clemson.edu/~mjs
--
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
