[CentOS] SELinux : please explain ...
Philippe Naudin
philippe.naudin at supagro.inra.frWed Aug 1 08:01:07 UTC 2012
- Previous message: [CentOS] samba3x PDC and Win XP (and now Win 7 Client ... off topic)
- Next message: [CentOS] SELinux : please explain ...
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Hello, This is somehow off-topic, since the problem appears on a modified CentOS-6.2 (turned into a xen-4.1 host) : I get SELinux errors, and I'm not able to understand them. From audit2why : type=AVC msg=audit(1343724164.898:298772): avc: denied { mac_admin } for pid=12399 comm="restore" capability=33 scontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=capability2 ... and from audit2allow : #============= unconfined_t ============== allow unconfined_t self:capability2 mac_admin; I don't know what triggers these records in /var/log/audit (everything seems to work). Running retorecon -rv / doesn't produce any error. Can someone tell me what is the mac_admin functionnality, and if it is safe to allow it ? If I understand correctly what I have found by googling around, it is not advised. Thanks, -- Philippe Naudin
- Previous message: [CentOS] samba3x PDC and Win XP (and now Win 7 Client ... off topic)
- Next message: [CentOS] SELinux : please explain ...
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the CentOS mailing list