Michael Hennebry wrote: > On Mon, 10 Jun 2013, Michael Hennebry wrote: >> On Mon, 10 Jun 2013, m.roth at 5-cent.us wrote: >>> Michael Hennebry wrote: >>>> On Mon, 10 Jun 2013, m.roth at 5-cent.us wrote: >>>>> Frank Cox wrote: >>>>>> On Mon, 10 Jun 2013 12:15:15 -0500 (CDT) >>>>>> Michael Hennebry wrote: <snip> >>>>> And I trust the filesystem isn't full? Or is selinux enforcing? >>>> >>>> The filesystem is not full the workaround works. >>>> selinux is set for enforcing. >>>> [hennebry at 96-18-56-186 t2]$ ls -Zd /tmp >>>> drwxrwxrwt. root root system_u:object_r:tmp_t:s0 /tmp >>>> >>>> I had no trouble making the absent directory. >>> >>> Ahhhh... were there any selinux AVCs from when you tried to save >>> before? <snip> > [root at 96-18-56-186 ~]# grep AVC /var/log/audit/audit.log > [root at 96-18-56-186 ~]# grep type= /var/log/audit/audit.log | wc > 3571 52375 814962 ARGH!!! 3571 AVC's.... You need to find out what they're telling you, and fix that, a combination of setsebool, semanage -P <whatever>/restorecon -v <whatever>, and/or grep -i avc | tail 100 | audit2allow to show you what it would do, and check the manpage for audit2allow to get the flags right to create a module that you can then load, as per the examples in the manpage. mark "hates selinux, is slowly learning more than he wants to know"