Hi,
2009/1/28 Rob Kampen rkampen@kampensonline.com:
I'm seeing this every hour when the hourly cron job runs NULL security context for user, but SELinux in permissive mode, continuing
Try to use "ps -Z" to see if all your processes have appropriate security contexts. It's unlikely (impossible?) that one of them will not have, but start with that anyway.
Also you can use "ls -Z" to see if the files have security contexts or not. Maybe start with "ls -Z /etc/cron*" and "ls -Z /var/spool/cron/" to see if the files related to crontabs are covered.
Also have a look at what "semanage login -l" returns, in CentOS you should have an entry for "__default__" pointing to "user_u" and one for "root" pointing to "root".
I've tried fixfiles but obviously I'm missing something....
Sometimes fixfiles will not be able to do a thorough job if your system is booted and running. It's preferrable to do "touch /.autorelabel" and reboot the machine, that way "fixfiles" will run as the only process in the machine and will be able to label all files properly.
Any SELinux gurus that can point me in the right direction?
Far from being a guru, but maybe the information above will be useful for you to hunt the problem down.
HTH, Filipe