[CentOS] username.pem
m.roth at 5-cent.us
m.roth at 5-cent.usTue Apr 26 15:31:16 UTC 2016
- Previous message: [CentOS] evolution libsoup and samba bug 765106
- Next message: [CentOS] username.pem
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Hi, folks, Our system gets/creates /var/lib/ssh-x509-auth/<username>,pem, then deletes it when the log out. selinux (in permissive mode) complains. First, I changed the context to cert_t, and *now* it complains that ksh93 wants write, etc access on the directory. grep ssh-x509-auth /var/log/audit/audit.log | audit2allow offers me this: #============= sshd_t ============== allow sshd_t cert_t:dir write; allow sshd_t var_lib_t:file { write getattr create open ioctl }; So: first, is this an expected behavior; second, is that the correct fcontext, and, finally, is it safe for me to create this as a local policy? Thanks in advance. mark
- Previous message: [CentOS] evolution libsoup and samba bug 765106
- Next message: [CentOS] username.pem
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the CentOS mailing list