[Arm-dev] Anyone running named on armv7 with selinux?

Fri Feb 3 14:38:49 UTC 2017
Gordan Bobic <gordan at redsleeve.org>

I am not sure what exactly that class binder error is referring to, but I'm
sure i've seen it on x86-64 as well, and from what I can tell it is safe to
ignore



On Fri, Feb 3, 2017 at 2:33 PM, Robert Moskowitz <rgm at htt-consult.com>
wrote:

>
>
> On 02/03/2017 09:05 AM, Gordan Bobic wrote:
>
> On Fri, Feb 3, 2017 at 1:58 PM, Robert Moskowitz <rgm at htt-consult.com>
> wrote:
>
>> Gordon,
>>
>> One would think that, but there is something off with at least the
>> CubieTruck build.  I will check that all those rpms are installed (pretty
>> sure they are), but when I set up a web server with personal directories, i
>> got permission errors on listing the files, but no problem displaying
>> individual files.  Plus there are all these SELinux warnings I am getting
>> that seem to indicate something is amiss.
>>
>> I am reaching the point of focusing on Fedora server for now.  I had
>> hopes of pushing Centos7-arm in a couple of business venues.
>>
>
>
>
> Are you certain it is an SELinux problem, and if so, are parent directory
> labels correct?
> The symptoms you are describing seem more typically indicative of an
> Apache configuration problem.
> Do tail -f on /var/log/audit/audit.log and see what appears there. If
> there is a SELinux violation, it will show up in there.
>
>
> I will switch drives back to the http drive, from my current dns setup
> work to try that.
>
> Meanwhile, on this new drive I just tested to insure that the
> selinux-policy and -targeted were installed.  Seems that there is an update
> (I have not run yum update on this install test yet) and got the
> following.  You can see that there is something wrong in SELinux land.
> What is "Class binder not defined in policy." and why is it not defined:
>
> # yum install selinux-policy selinux-policy-targeted
> Loaded plugins: fastestmirror
> base                                                     | 3.6 kB
> 00:00
> centos-kernel                                            | 2.9 kB
> 00:00
> extras                                                   | 2.9 kB
> 00:00
> updates                                                  | 2.9 kB
> 00:00
> Loading mirror speeds from cached hostfile
> Resolving Dependencies
> --> Running transaction check
> ---> Package selinux-policy.noarch 0:3.13.1-102.el7 will be updated
> ---> Package selinux-policy.noarch 0:3.13.1-102.el7.7 will be an update
> ---> Package selinux-policy-targeted.noarch 0:3.13.1-102.el7 will be
> updated
> ---> Package selinux-policy-targeted.noarch 0:3.13.1-102.el7.7 will be an
> update
> --> Finished Dependency Resolution
>
> Dependencies Resolved
>
> ============================================================
> ====================
>  Package                     Arch       Version               Repository
> Size
> ============================================================
> ====================
> Updating:
>  selinux-policy              noarch     3.13.1-102.el7.7      updates
> 412 k
>  selinux-policy-targeted     noarch     3.13.1-102.el7.7      updates
> 6.4 M
>
> Transaction Summary
> ============================================================
> ====================
> Upgrade  2 Packages
>
> Total download size: 6.8 M
> Is this ok [y/d/N]: y
> Downloading packages:
> Delta RPMs disabled because /usr/bin/applydeltarpm not installed.
> (1/2): selinux-policy-3.13.1-102.el7.7.noarch.rpm          | 412 kB
> 00:06
> (2/2): selinux-policy-targeted-3.13.1-102.el7.7.noarch.rpm | 6.4 MB
> 00:09
> ------------------------------------------------------------
> --------------------
> Total                                              719 kB/s | 6.8 MB
> 00:09
> Running transaction check
> Running transaction test
> Transaction test succeeded
> Running transaction
>   Updating   : selinux-policy-3.13.1-102.el7.7.noarch
> 1/4
>   Updating   : selinux-policy-targeted-3.13.1-102.el7.7.noarch
> 2/4
> [58759.850413] SELinux:  Class binder not defined in policy.
> [58759.855917] SELinux: the above unknown classes and permissions will be
> allowed
>   Cleanup    : selinux-policy-targeted-3.13.1-102.el7.noarch
> 3/4
>   Cleanup    : selinux-policy-3.13.1-102.el7.noarch
> 4/4
>   Verifying  : selinux-policy-3.13.1-102.el7.7.noarch
> 1/4
>   Verifying  : selinux-policy-targeted-3.13.1-102.el7.7.noarch
> 2/4
>   Verifying  : selinux-policy-targeted-3.13.1-102.el7.noarch
> 3/4
>   Verifying  : selinux-policy-3.13.1-102.el7.noarch
> 4/4
>
> Updated:
>   selinux-policy.noarch 0:3.13.1-102.el7.7
>
>   selinux-policy-targeted.noarch 0:3.13.1-102.el7.7
>
>
> Complete!
>
>
> _______________________________________________
> Arm-dev mailing list
> Arm-dev at centos.org
> https://lists.centos.org/mailman/listinfo/arm-dev
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.centos.org/pipermail/arm-dev/attachments/20170203/7916db64/attachment-0006.html>