I have a centos 6.6 laptop which is having trouble (intermittent boot failures, or more rightly so, multiple failures, intermittent booting). The laptop is running selinux. I pulled the second internal disk out to get my data off of it. I plugged it into my centos 5.x machine and mounted it. I was able to do a dir listing, but whrn I tried to cd into any of the directories, I get a bunch of AVC denials, and I can't see any files. The contos 5.x machine is selinux enforcing, and so is the centos 6.x box. The files are all owned by me, and have the same uid/gid on both boxes.
What is the right way to do this?
Meanwhile, I put it back into the laptop, and kept attempting to boot the machine, until I got lucky and it came up. I was able to rsync the data off the drive, so this isn't a crisis, just a learning moment.
thanks, -chuck
Chuck Campbell wrote:
I have a centos 6.6 laptop which is having trouble (intermittent boot failures, or more rightly so, multiple failures, intermittent booting).
The laptop
is running selinux. I pulled the second internal disk out to get my data
off of
it. I plugged it into my centos 5.x machine and mounted it. I was able
to do a
dir listing, but whrn I tried to cd into any of the directories, I get a
bunch of AVC
denials, and I can't see any files. The contos 5.x machine is selinux
enforcing,
and so is the centos 6.x box. The files are all owned by me, and have
the same
uid/gid on both boxes.
What is the right way to do this?
<snip> My reaction would have been simple: set selinux to permissive on your machine, back up what you wanted, then return it to enforcing.
mark
On 2/26/2015 12:33 PM, m.roth@5-cent.us wrote:
Chuck Campbell wrote:
I have a centos 6.6 laptop which is having trouble (intermittent boot failures, or more rightly so, multiple failures, intermittent booting).
The laptop
is running selinux. I pulled the second internal disk out to get my data
off of
it. I plugged it into my centos 5.x machine and mounted it. I was able
to do a
dir listing, but whrn I tried to cd into any of the directories, I get a
bunch of AVC
denials, and I can't see any files. The contos 5.x machine is selinux
enforcing,
and so is the centos 6.x box. The files are all owned by me, and have
the same
uid/gid on both boxes.
What is the right way to do this?
<snip> My reaction would have been simple: set selinux to permissive on your machine, back up what you wanted, then return it to enforcing.
mark
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Hah, I didn't actually think of that. If it is that simple, then live and learn. I had thought there were differences between 5.x and 6.x that were causing the problem, since the uid/gid are the same on both boxes for the file owner. There must have been something in the xattrs that didn't line up...
thanks, -chuck
On Thu, Feb 26, 2015 at 10:49 AM, Chuck Campbell campbell@accelinc.com wrote:
I have a centos 6.6 laptop which is having trouble (intermittent boot failures, or more rightly so, multiple failures, intermittent booting). The laptop is running selinux. I pulled the second internal disk out to get my data off of it. I plugged it into my centos 5.x machine and mounted it. I was able to do a dir listing, but whrn I tried to cd into any of the directories, I get a bunch of AVC denials, and I can't see any files. The contos 5.x machine is selinux enforcing, and so is the centos 6.x box. The files are all owned by me, and have the same uid/gid on both boxes.
What is the right way to do this?
Mount with a permissive context: mount -o context=unconfined_u:object_r:default_t
If you mount without that, ls -Z will show you the labeling and you can probably figure out why you're getting the denials based on the AVC message.
-
Chris Murphy -
Chuck Campbell -
m.roth@5-cent.us