On Mon, 10 Jun 2013, m.roth at 5-cent.us wrote: > Michael Hennebry wrote: >> On Mon, 10 Jun 2013, Michael Hennebry wrote: >>> On Mon, 10 Jun 2013, m.roth at 5-cent.us wrote: >>>> Michael Hennebry wrote: >>>>> On Mon, 10 Jun 2013, m.roth at 5-cent.us wrote: >>>>>> Frank Cox wrote: >>>>>>> On Mon, 10 Jun 2013 12:15:15 -0500 (CDT) >>>>>>> Michael Hennebry wrote: > <snip> > >>>>>> And I trust the filesystem isn't full? Or is selinux enforcing? >>>>> >>>>> The filesystem is not full the workaround works. >>>>> selinux is set for enforcing. >>>>> [hennebry at 96-18-56-186 t2]$ ls -Zd /tmp >>>>> drwxrwxrwt. root root system_u:object_r:tmp_t:s0 /tmp >>>>> >>>>> I had no trouble making the absent directory. >>>> >>>> Ahhhh... were there any selinux AVCs from when you tried to save >>>> before? > <snip> >> [root at 96-18-56-186 ~]# grep AVC /var/log/audit/audit.log >> [root at 96-18-56-186 ~]# grep type= /var/log/audit/audit.log | wc >> 3571 52375 814962 > > ARGH!!! 3571 AVC's.... You need to find out what they're telling you, and No AVC's at all. The first grep came up empty. I just put in type= to demonstrate that I was getting selinux messages. > fix that, a combination of setsebool, semanage -P <whatever>/restorecon -v > <whatever>, and/or grep -i avc | tail 100 | audit2allow to show you what > it would do, and check the manpage for audit2allow to get the flags right > to create a module that you can then load, as per the examples in the > manpage. > > mark "hates selinux, is slowly learning more than he wants to know" > > _______________________________________________ > CentOS mailing list > CentOS at centos.org > http://lists.centos.org/mailman/listinfo/centos > -- Michael hennebry at web.cs.ndsu.NoDak.edu "On Monday, I'm gonna have to tell my kindergarten class, whom I teach not to run with scissors, that my fiance ran me through with a broadsword." -- Lily