-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 06/10/2013 03:31 PM, Michael Hennebry wrote: > On Mon, 10 Jun 2013, m.roth at 5-cent.us wrote: > >> Michael Hennebry wrote: >>> On Mon, 10 Jun 2013, Michael Hennebry wrote: >>>> On Mon, 10 Jun 2013, m.roth at 5-cent.us wrote: >>>>> Michael Hennebry wrote: >>>>>> On Mon, 10 Jun 2013, m.roth at 5-cent.us wrote: >>>>>>> Frank Cox wrote: >>>>>>>> On Mon, 10 Jun 2013 12:15:15 -0500 (CDT) Michael Hennebry >>>>>>>> wrote: >> <snip> >> >>>>>>> And I trust the filesystem isn't full? Or is selinux >>>>>>> enforcing? >>>>>> >>>>>> The filesystem is not full the workaround works. selinux is set >>>>>> for enforcing. [hennebry at 96-18-56-186 t2]$ ls -Zd /tmp >>>>>> drwxrwxrwt. root root system_u:object_r:tmp_t:s0 /tmp >>>>>> >>>>>> I had no trouble making the absent directory. >>>>> >>>>> Ahhhh... were there any selinux AVCs from when you tried to save >>>>> before? >> <snip> >>> [root at 96-18-56-186 ~]# grep AVC /var/log/audit/audit.log >>> [root at 96-18-56-186 ~]# grep type= /var/log/audit/audit.log | wc 3571 >>> 52375 814962 >> >> ARGH!!! 3571 AVC's.... You need to find out what they're telling you, >> and > > No AVC's at all. The first grep came up empty. I just put in type= to > demonstrate that I was getting selinux messages. > >> fix that, a combination of setsebool, semanage -P <whatever>/restorecon >> -v <whatever>, and/or grep -i avc | tail 100 | audit2allow to show you >> what it would do, and check the manpage for audit2allow to get the flags >> right to create a module that you can then load, as per the examples in >> the manpage. >> >> mark "hates selinux, is slowly learning more than he wants to know" >> >> _______________________________________________ CentOS mailing list >> CentOS at centos.org http://lists.centos.org/mailman/listinfo/centos >> > There are lots of messages in the audit.log that are not related to SELinux error messages that have type=. ausearch -m avc,user_avc WIll show you all AVC messages. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.13 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEARECAAYFAlG3PY8ACgkQrlYvE4MpobMPXwCfQl5t8IDlg0EV2N5zrJXnR3rc 8uAAoLKqmtySJaJKipOqPDr0dKJQj2ij =fzzb -----END PGP SIGNATURE-----