-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 06/10/2013 03:31 PM, Michael Hennebry wrote:
On Mon, 10 Jun 2013, m.roth@5-cent.us wrote:
Michael Hennebry wrote:
On Mon, 10 Jun 2013, Michael Hennebry wrote:
On Mon, 10 Jun 2013, m.roth@5-cent.us wrote:
Michael Hennebry wrote:
On Mon, 10 Jun 2013, m.roth@5-cent.us wrote: > Frank Cox wrote: >> On Mon, 10 Jun 2013 12:15:15 -0500 (CDT) Michael Hennebry >> wrote:
<snip>
> And I trust the filesystem isn't full? Or is selinux > enforcing?
The filesystem is not full the workaround works. selinux is set for enforcing. [hennebry@96-18-56-186 t2]$ ls -Zd /tmp drwxrwxrwt. root root system_u:object_r:tmp_t:s0 /tmp
I had no trouble making the absent directory.
Ahhhh... were there any selinux AVCs from when you tried to save before?
<snip> > [root@96-18-56-186 ~]# grep AVC /var/log/audit/audit.log > [root@96-18-56-186 ~]# grep type= /var/log/audit/audit.log | wc 3571 > 52375 814962
ARGH!!! 3571 AVC's.... You need to find out what they're telling you, and
No AVC's at all. The first grep came up empty. I just put in type= to demonstrate that I was getting selinux messages.
fix that, a combination of setsebool, semanage -P <whatever>/restorecon -v <whatever>, and/or grep -i avc | tail 100 | audit2allow to show you what it would do, and check the manpage for audit2allow to get the flags right to create a module that you can then load, as per the examples in the manpage.
mark "hates selinux, is slowly learning more than he wants to know"
_______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
There are lots of messages in the audit.log that are not related to SELinux error messages that have type=.
ausearch -m avc,user_avc
WIll show you all AVC messages.