[CentOS] evince file could not be saved

Tue Jun 11 15:09:03 UTC 2013
Daniel J Walsh <dwalsh at redhat.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 06/10/2013 03:31 PM, Michael Hennebry wrote:
> On Mon, 10 Jun 2013, m.roth at 5-cent.us wrote:
> 
>> Michael Hennebry wrote:
>>> On Mon, 10 Jun 2013, Michael Hennebry wrote:
>>>> On Mon, 10 Jun 2013, m.roth at 5-cent.us wrote:
>>>>> Michael Hennebry wrote:
>>>>>> On Mon, 10 Jun 2013, m.roth at 5-cent.us wrote:
>>>>>>> Frank Cox wrote:
>>>>>>>> On Mon, 10 Jun 2013 12:15:15 -0500 (CDT) Michael Hennebry
>>>>>>>> wrote:
>> <snip>
>> 
>>>>>>> And I trust the filesystem isn't full? Or is selinux
>>>>>>> enforcing?
>>>>>> 
>>>>>> The filesystem is not full the workaround works. selinux is set
>>>>>> for enforcing. [hennebry at 96-18-56-186 t2]$ ls -Zd /tmp 
>>>>>> drwxrwxrwt. root root system_u:object_r:tmp_t:s0       /tmp
>>>>>> 
>>>>>> I had no trouble making the absent directory.
>>>>> 
>>>>> Ahhhh... were there any selinux AVCs from when you tried to save 
>>>>> before?
>> <snip>
>>> [root at 96-18-56-186 ~]# grep AVC /var/log/audit/audit.log 
>>> [root at 96-18-56-186 ~]# grep type= /var/log/audit/audit.log | wc 3571
>>> 52375  814962
>> 
>> ARGH!!! 3571 AVC's.... You need to find out what they're telling you,
>> and
> 
> No AVC's at all. The first grep came up empty. I just put in type= to
> demonstrate that I was getting selinux messages.
> 
>> fix that, a combination of setsebool, semanage -P <whatever>/restorecon
>> -v <whatever>, and/or grep -i avc | tail 100 | audit2allow to show you
>> what it would do, and check the manpage for audit2allow to get the flags
>> right to create a module that you can then load, as per the examples in
>> the manpage.
>> 
>> mark "hates selinux, is slowly learning more than he wants to know"
>> 
>> _______________________________________________ CentOS mailing list 
>> CentOS at centos.org http://lists.centos.org/mailman/listinfo/centos
>> 
> 
There are lots of messages in the audit.log that are not related to SELinux
error messages that have type=.


ausearch -m avc,user_avc

WIll show you all AVC messages.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iEYEARECAAYFAlG3PY8ACgkQrlYvE4MpobMPXwCfQl5t8IDlg0EV2N5zrJXnR3rc
8uAAoLKqmtySJaJKipOqPDr0dKJQj2ij
=fzzb
-----END PGP SIGNATURE-----