selinux April 2004

selinux@lists.fedoraproject.org

84 participants
96 discussions

by murphy pope

How can I create a new Linux user account such that the home directory is assigned the proper context? I want to create a new user (fred). I want fred's home directory to he located in the default location (/home/fred). And I want the context for /home/fred to be: fred:user_r:user_home_dir_t. useradd doesn't work. It seems to have two problems: 1) If my context (when I run useradd fred) is root:staff_r:staff_t, useradd sets the home directory to root:object_r:home_root_t. 2) If my context is root:sysadm_r:sysadm_t, useradd sets the home directory to root:object_r:user_home_dir_t Item 1 seems like a bug - why would it choose :home_root_t instead of :user_home_dir_t? In either case, the identity is wrong. I think the problem here is that fred is a Linux user, but not an identity. So, I tried seuseradd instead. That doesn't work either - it seems to create the identity (how would I know???) but the identity assigned to the home directory is still 'root'. Here are my questions: 1) Why is this so bloody difficult? Can you really expect the average user/administrator to deal with problems like this? 2) How can I create a new user whose home directory is assigned the proper identity? 3) How can I get a list of valid identities? 4) Can I add identities with a simple command (i.e. without recompiling the policy)? I know about seuserx, but that takes forever to run and is about as friendly as Windows 3.1. Thanks in advance. -- Murphy

19 years, 6 months

2
1
0 / 0

FC1 compatibility - was [Bug 119719] New: SELinux FAQ - SELinux FAQ - suggested questions on FC1 compatability

by Karsten Wade

-----Forwarded Message----- > https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=119719 > > > Here are two questions likely to be frequently asked, missing from the > FAQ. They belong right after "Q: I installed Fedora Core on a system > with an existing /home partition, and now I can't log in." Thanks, good questions. Just because I'm brave, I'm going to start answers to these questions, but am hoping others will soon chime in and help with the final answers for the FAQ. Please! > Q: If I relabel my existing /home partition after upgrading to FC2, > will I still be able to read it if I need to revert to FC1? (In other > words, am I burning my bridges when I run setfiles or fixfiles?) You (should?) be able to read the files from an FC1 system, but if the FC1 system does not have SELinux installed or enabled, any writes it does to that partition will be without file context. (Would this include changing timestamps? What about writing to existing files which do have file contexts?) > Q: Can an NFS-mountable /home partition be shared by FC1 and FC2 > installations? Yes. You can mount a non-SELinux partition with the context= option, e.g.: mount -t nfs -o context=system_u:object_r:tmp_t server:/some/path /mnt/wherever All of the files on the mount will appear to have the context system_u:object_r:tmp_t to SELinux. Any files written by a non-SELinux system will not have file contexts, and the contexts of existing files are affected how? thx - Karsten -- Karsten Wade, Sr. Tech Writer this is not the .signature you are looking for http://people.redhat.com/kwade/ gpg fingerprint: 2680 DBFD D968 3141 0115 5F1B D992 0E06 AD0E 0C41

19 years, 6 months

2
1
0 / 0

Postfix and SELinux

by Rudi Chiarito

I successfully - or so it seems - convinced a box to work in enforcing mode, but as of today I still see these error messages whenever postfix is started: Mar 29 17:33:35 pizza kernel: audit(1080603215.577:0): avc: denied { write } for pid=5102 exe=/usr/sbin/postalias name=aliases.db dev=sda3 ino=245461 scontext=root:system_r:postfix_master_t tcontext=system_u:object_r:postfix_etc_t tclass=file Mar 29 17:33:36 pizza kernel: audit(1080603216.592:0): avc: denied { search } for pid=5103 exe=/bin/bash dev= ino=1 scontext=root:system_r:postfix_master_t tcontext=system_u:object_r:devpts_t tclass=dir Mar 29 17:33:36 pizza kernel: audit(1080603216.597:0): avc: denied { execute } for pid=5104 exe=/bin/bash name=master dev=sda3 ino=1407396 scontext=root:system_r:postfix_master_t tcontext=system_u:object_r:lib_t tclass=file Does this ring a bell? As far as I can tell, all contexts are properly set. To play safe, I even removed and reinstalled the postfix RPM. The system has all the latest Raw Hide packages. Rudi

19 years, 6 months

5
5
0 / 0

kernel RPM install avc message

by Dax Kelson

I have a fresh FC2T2 install. I did the following to make up2date work: /usr/bin/setfilecon system_u:object_r:rpm_exec_t /usr/sbin/up2date Then I ran "up2date-nox kernel" The following appeared. It seems the kernel did install OK. audit(1080787992.351:0): avc: denied { search } for pid=20375 exe=/bin/bash name=root dev=hda8 ino=179873 scontext=root:sysadm_r:bootloader_t tcontext=root:object_r:staff_home_dir_t tclass=dir /bin/bash: /root/.bashrc: Permission denied audit(1080787998.806:0): avc: denied { search } for pid=20791 exe=/sbin/grubby name=root dev=hda8 ino=179873 scontext=root:sysadm_r:bootloader_t tcontext=root:object_r:staff_home_dir_t tclass=dir

19 years, 6 months

3
2
0 / 0

FCT2 avc messages

by Dax Kelson

I did an "everything" install of FC2T2. On the first boot I saw a few avc messages, but now I just see these ones on boot: audit(1080783274.603:0): avc: denied { append } for pid=1281 exe=/sbin/syslogd name=news.crit dev=hda8 ino=135289 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:innd_log_t tclass=file audit(1080783274.603:0): avc: denied { append } for pid=1281 exe=/sbin/syslogd name=news.err dev=hda8 ino=135290 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:innd_log_t tclass=file audit(1080783274.604:0): avc: denied { append } for pid=1281 exe=/sbin/syslogd name=news.notice dev=hda8 ino=135288 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:innd_log_t tclass=file On shutdown this command fails because of SELINUX with an avc message (which I don't have): Line 69 of /etc/init.d/halt : /bin/aumix-minimal -f /etc/.aumixrc -S The write to /etc/.aumixrc is denied. Other avc messages: Note that the ones at 4:03 AM are from the /etc/cron.daily/ being processed. Mar 31 00:21:27 mentor kernel: audit(1080717667.113:0): avc: denied { append } for pid=1182 exe=/sbin/syslogd name=news.crit dev=hda8 ino=135289 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:innd_log_t tclass=file Mar 31 00:21:27 mentor kernel: audit(1080717667.113:0): avc: denied { append } for pid=1182 exe=/sbin/syslogd name=news.err dev=hda8 ino=135290 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:innd_log_t tclass=file Mar 31 00:21:27 mentor kernel: audit(1080717667.113:0): avc: denied { append } for pid=1182 exe=/sbin/syslogd name=news.notice dev=hda8 ino=135288 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:innd_log_t tclass=file Mar 31 00:21:52 mentor kernel: audit(1080717712.300:0): avc: denied { unix_read unix_write } for pid=50 exe=/usr/X11R6/bin/XFree86 key=0 scontext=system_u:system_r:xdm_xserver_t tcontext=system_u:system_r:initrc_t tclass=shm Mar 31 00:24:41 mentor kernel: audit(1080717881.247:0): avc: denied { unix_read unix_write } for pid=50 exe=/usr/X11R6/bin/XFree86 key=0 scontext=system_u:system_r:xdm_xserver_t tcontext=system_u:system_r:initrc_t tclass=shm Mar 31 00:26:41 mentor kernel: audit(1080718001.819:0): avc: denied { write } for pid=3405 exe=/bin/rm name=fd dev= ino=223150089 scontext=system_u:system_r:initrc_t tcontext=system_u:system_r:initrc_t tclass=dir Mar 31 00:28:12 mentor kernel: audit(1080718084.130:0): avc: denied { append } for pid=1280 exe=/sbin/syslogd name=news.crit dev=hda8 ino=135289 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:innd_log_t tclass=file Mar 31 00:28:12 mentor kernel: audit(1080718084.131:0): avc: denied { append } for pid=1280 exe=/sbin/syslogd name=news.err dev=hda8 ino=135290 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:innd_log_t tclass=file Mar 31 00:28:13 mentor kernel: audit(1080718084.131:0): avc: denied { append } for pid=1280 exe=/sbin/syslogd name=news.notice dev=hda8 ino=135288 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:innd_log_t tclass=file Mar 31 00:59:31 mentor kernel: audit(1080719971.236:0): avc: denied { write } for pid=3354 exe=/bin/aumix-minimal name=etc dev=hda8 ino=392449 scontext=root:system_r:sound_t tcontext=system_u:object_r:etc_t tclass=dir Mar 31 01:00:00 mentor kernel: audit(1080720000.160:0): avc: denied { search } for pid=3355 exe=/bin/aumix-minimal name=tmp dev=hda8 ino=98113 scontext=root:system_r:sound_t tcontext=system_u:object_r:tmp_t tclass=dir Mar 31 02:09:05 mentor kernel: audit(1080724145.771:0): avc: denied { getattr } for pid=12497 exe=/usr/bin/slocate path=/var/named/chroot/dev/random dev=hda8 ino=133233 scontext=system_u:system_r:locate_t tcontext=system_u:object_r:named_conf_t tclass=chr_file Mar 31 02:09:05 mentor kernel: audit(1080724145.772:0): avc: denied { getattr } for pid=12497 exe=/usr/bin/slocate path=/var/named/chroot/dev/null dev=hda8 ino=133232 scontext=system_u:system_r:locate_t tcontext=system_u:object_r:named_conf_t tclass=chr_file Mar 31 02:09:05 mentor kernel: audit(1080724145.824:0): avc: denied { getattr } for pid=12497 exe=/usr/bin/slocate path=/var/named/chroot/var/named/chroot/dev/random dev=hda8 ino=133249 scontext=system_u:system_r:locate_t tcontext=system_u:object_r:named_conf_t tclass=chr_file Mar 31 02:09:05 mentor kernel: audit(1080724145.824:0): avc: denied { getattr } for pid=12497 exe=/usr/bin/slocate path=/var/named/chroot/var/named/chroot/dev/null dev=hda8 ino=133250 scontext=system_u:system_r:locate_t tcontext=system_u:object_r:named_conf_t tclass=chr_file Mar 31 02:09:07 mentor kernel: audit(1080724147.313:0): avc: denied { getattr } for pid=12497 exe=/usr/bin/slocate path=/initrd/dev/ram dev=ram0 ino=17 scontext=system_u:system_r:locate_t tcontext=system_u:object_r:file_t tclass=blk_file Mar 31 02:09:07 mentor kernel: audit(1080724147.313:0): avc: denied { getattr } for pid=12497 exe=/usr/bin/slocate path=/initrd/dev/tty3 dev=ram0 ino=18 scontext=system_u:system_r:locate_t tcontext=system_u:object_r:file_t tclass=chr_file Mar 31 02:09:07 mentor kernel: audit(1080724147.313:0): avc: denied { getattr } for pid=12497 exe=/usr/bin/slocate path=/initrd/dev/tty1 dev=ram0 ino=19 scontext=system_u:system_r:locate_t tcontext=system_u:object_r:file_t tclass=chr_file Mar 31 02:09:07 mentor kernel: audit(1080724147.314:0): avc: denied { getattr } for pid=12497 exe=/usr/bin/slocate path=/initrd/dev/null dev=ram0 ino=20 scontext=system_u:system_r:locate_t tcontext=system_u:object_r:file_t tclass=chr_file Mar 31 02:09:07 mentor kernel: audit(1080724147.314:0): avc: denied { getattr } for pid=12497 exe=/usr/bin/slocate path=/initrd/dev/tty4 dev=ram0 ino=21 scontext=system_u:system_r:locate_t tcontext=system_u:object_r:file_t tclass=chr_file Mar 31 02:09:07 mentor kernel: audit(1080724147.314:0): avc: denied { getattr } for pid=12497 exe=/usr/bin/slocate path=/initrd/dev/tty2 dev=ram0 ino=22 scontext=system_u:system_r:locate_t tcontext=system_u:object_r:file_t tclass=chr_file Mar 31 02:09:07 mentor kernel: audit(1080724147.314:0): avc: denied { getattr } for pid=12497 exe=/usr/bin/slocate path=/initrd/dev/systty dev=ram0 ino=23 scontext=system_u:system_r:locate_t tcontext=system_u:object_r:file_t tclass=chr_file Mar 31 02:09:07 mentor kernel: audit(1080724147.315:0): avc: denied { getattr } for pid=12497 exe=/usr/bin/slocate path=/initrd/dev/console dev=ram0 ino=24 scontext=system_u:system_r:locate_t tcontext=system_u:object_r:file_t tclass=chr_file Mar 31 04:03:58 mentor kernel: audit(1080731038.214:0): avc: denied { getattr } for pid=16683 exe=/usr/bin/slocate path=/var/named/chroot/dev/random dev=hda8 ino=133233 scontext=system_u:system_r:locate_t tcontext=system_u:object_r:named_conf_t tclass=chr_file Mar 31 04:03:58 mentor kernel: audit(1080731038.215:0): avc: denied { getattr } for pid=16683 exe=/usr/bin/slocate path=/var/named/chroot/dev/null dev=hda8 ino=133232 scontext=system_u:system_r:locate_t tcontext=system_u:object_r:named_conf_t tclass=chr_file Mar 31 04:03:58 mentor kernel: audit(1080731038.230:0): avc: denied { getattr } for pid=16683 exe=/usr/bin/slocate path=/var/named/chroot/var/named/chroot/dev/random dev=hda8 ino=133249 scontext=system_u:system_r:locate_t tcontext=system_u:object_r:named_conf_t tclass=chr_file Mar 31 04:03:58 mentor kernel: audit(1080731038.230:0): avc: denied { getattr } for pid=16683 exe=/usr/bin/slocate path=/var/named/chroot/var/named/chroot/dev/null dev=hda8 ino=133250 scontext=system_u:system_r:locate_t tcontext=system_u:object_r:named_conf_t tclass=chr_file Mar 31 04:03:59 mentor kernel: audit(1080731039.591:0): avc: denied { getattr } for pid=16683 exe=/usr/bin/slocate path=/initrd/dev/ram dev=ram0 ino=17 scontext=system_u:system_r:locate_t tcontext=system_u:object_r:file_t tclass=blk_file Mar 31 04:03:59 mentor kernel: audit(1080731039.592:0): avc: denied { getattr } for pid=16683 exe=/usr/bin/slocate path=/initrd/dev/tty3 dev=ram0 ino=18 scontext=system_u:system_r:locate_t tcontext=system_u:object_r:file_t tclass=chr_file Mar 31 04:03:59 mentor kernel: audit(1080731039.592:0): avc: denied { getattr } for pid=16683 exe=/usr/bin/slocate path=/initrd/dev/tty1 dev=ram0 ino=19 scontext=system_u:system_r:locate_t tcontext=system_u:object_r:file_t tclass=chr_file Mar 31 04:03:59 mentor kernel: audit(1080731039.592:0): avc: denied { getattr } for pid=16683 exe=/usr/bin/slocate path=/initrd/dev/null dev=ram0 ino=20 scontext=system_u:system_r:locate_t tcontext=system_u:object_r:file_t tclass=chr_file Mar 31 04:03:59 mentor kernel: audit(1080731039.593:0): avc: denied { getattr } for pid=16683 exe=/usr/bin/slocate path=/initrd/dev/tty4 dev=ram0 ino=21 scontext=system_u:system_r:locate_t tcontext=system_u:object_r:file_t tclass=chr_file Mar 31 04:03:59 mentor kernel: audit(1080731039.593:0): avc: denied { getattr } for pid=16683 exe=/usr/bin/slocate path=/initrd/dev/tty2 dev=ram0 ino=22 scontext=system_u:system_r:locate_t tcontext=system_u:object_r:file_t tclass=chr_file Mar 31 04:03:59 mentor kernel: audit(1080731039.593:0): avc: denied { getattr } for pid=16683 exe=/usr/bin/slocate path=/initrd/dev/systty dev=ram0 ino=23 scontext=system_u:system_r:locate_t tcontext=system_u:object_r:file_t tclass=chr_file Mar 31 04:03:59 mentor kernel: audit(1080731039.594:0): avc: denied { getattr } for pid=16683 exe=/usr/bin/slocate path=/initrd/dev/console dev=ram0 ino=24 scontext=system_u:system_r:locate_t tcontext=system_u:object_r:file_t tclass=chr_file Mar 31 10:25:41 mentor kernel: audit(1080753941.211:0): avc: denied { write } for pid=18069 exe=/bin/rm name=fd dev= ino=1184169993 scontext=system_u:system_r:initrc_t tcontext=system_u:system_r:initrc_t tclass=dir Mar 31 18:34:38 mentor kernel: audit(1080783274.603:0): avc: denied { append } for pid=1281 exe=/sbin/syslogd name=news.crit dev=hda8 ino=135289 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:innd_log_t tclass=file Mar 31 18:34:38 mentor kernel: audit(1080783274.603:0): avc: denied { append } for pid=1281 exe=/sbin/syslogd name=news.err dev=hda8 ino=135290 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:innd_log_t tclass=file Mar 31 18:34:38 mentor kernel: audit(1080783274.604:0): avc: denied { append } for pid=1281 exe=/sbin/syslogd name=news.notice dev=hda8 ino=135288 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:innd_log_t tclass=file

19 years, 6 months

2
1
0 / 0

install of kernel 2.6.4-1.298 does not work

by Richard Hally

when I ran up2date today it appeared to install kernel 2.6.4-1.298. There were no errors reported. But it did not update grub as usual, it did not put any files in /boot, and when I do rpm -q kernel it does not show 2.6.4-1.298 (It shows the other kernels 253 etc) [root@old1 boot]# rpm -q kernel kernel-2.6.3-2.1.242 kernel-2.6.3-2.1.253 kernel-2.6.3-2.1.246 kernel-2.6.3-2.1.253.2.1 Below are the messages in the up2date log file. [Tue Mar 30 20:50:28 2004] up2date installing packages: ['GConf2-2.6.0-1', 'GConf2-devel-2.6.0-1', 'Guppi-0.40.3-18', 'Guppi-devel-0.40.3-18', 'ImageMagick-5.5.7.15-1.3', 'ImageMagick-c++-5.5.7.15-1.3', 'ImageMagick-c++-devel-5.5.7.15-1.3', 'ImageMagick-devel-5.5.7.15-1.3', 'ImageMagick-perl-5.5.7.15-1.3', 'Maelstrom-3.0.6-3', 'a2ps-4.13b-37', 'amanda-2.4.4p2-3', 'amanda-client-2.4.4p2-3', 'amanda-devel-2.4.4p2-3', 'amanda-server-2.4.4p2-3', 'anaconda-9.92-0.20040323181753', 'anaconda-runtime-9.92-0.20040323181753', 'apr-0.9.4-11', 'apr-devel-0.9.4-11', 'apr-util-0.9.4-12', 'apr-util-devel-0.9.4-12', 'aumix-2.8-8', 'beecrypt-3.1.0-3', 'beecrypt-devel-3.1.0-3', 'beecrypt-python-3.1.0-3', 'bind-9.2.3-13', 'bind-chroot-9.2.3-13', 'bind-devel-9.2.3-13', 'bind-libs-9.2.3-13', 'bind-utils-9.2.3-13', 'binutils-2.15.90.0.1.1-2', 'busybox-1.00.pre8-2', 'busybox-anaconda-1.00.pre8-2', 'control-center-2.5.4-2', 'dhclient-3.0.1rc12-4', 'dhcp-3.0.1rc12-4', 'dhcp-devel-3.0.1rc12-4', 'esound-0.2.34-1', 'esound-devel-0.2.34-1', 'file-4.07-3', 'freeglut-2.2.0-11', 'freeglut-devel-2.2.0-11', 'gaim-0.75.99-20040328cvs', 'gedit-2.5.92-1', 'gedit-devel-2.5.92-1', 'glibc-2.3.3-20', 'glibc-common-2.3.3-20', 'glibc-devel-2.3.3-20', 'glibc-headers-2.3.3-20', 'glibc-profile-2.3.3-20', 'glibc-utils-2.3.3-20', 'gnome-mime-data-2.4.1-3', 'gnome-vfs2-2.6.0-1', 'gnome-vfs2-devel-2.6.0-1', 'gnome-vfs2-smb-2.6.0-1', 'gok-0.9.10-2', 'gpm-1.20.1-45', 'gpm-devel-1.20.1-45', 'hotplug-2004_03_11-1', 'htdig-3.2.0b5-7', 'htdig-web-3.2.0b5-7', 'httpd-2.0.49-1', 'httpd-devel-2.0.49-1', 'httpd-manual-2.0.49-1', 'hwdata-0.114-1', 'initscripts-7.49-1', 'ipxutils-2.2.4-1', 'kdebase-3.2.1-1.5', 'kdebase-devel-3.2.1-1.5', 'kdegames-3.2.1-2', 'kdegames-devel-3.2.1-2', 'kdenetwork-3.2.1-3', 'kdenetwork-devel-3.2.1-3', 'kdepim-3.2.1-4', 'kdepim-devel-3.2.1-4', 'kernel-2.6.4-1.298', 'kernel-doc-2.6.4-1.298', 'kernel-source-2.6.4-1.298', 'kernel-utils-2.4-9.1.126', 'kinput2-canna-wnn6-v3.1-17', 'less-382-3', 'libbonobo-2.6.0-2', 'libbonobo-devel-2.6.0-2', 'libselinux-1.6-5', 'libselinux-devel-1.6-5', 'libwnck-2.5.90-3', 'libwnck-devel-2.5.90-3', 'libxml2-2.6.8-1', 'libxml2-devel-2.6.8-1', 'libxml2-python-2.6.8-1', 'lm_sensors-2.8.3-5', 'lm_sensors-devel-2.8.3-5', 'man-1.5m2-5', 'mod_ssl-2.0.49-1', 'modutils-2.4.26-14', 'ncpfs-2.2.4-1', 'neon-0.24.4-4', 'neon-devel-0.24.4-4', 'net-snmp-5.1.1-1', 'net-snmp-devel-5.1.1-1', 'net-snmp-perl-5.1.1-1', 'net-snmp-utils-5.1.1-1', 'nptl-devel-2.3.3-20', 'nscd-2.3.3-20', 'nss_ldap-217-1', 'openssl-0.9.7a-35', 'openssl-devel-0.9.7a-35', 'openssl-perl-0.9.7a-35', 'pcre-4.5-2', 'pcre-devel-4.5-2', 'policy-1.9.1-2', 'policy-sources-1.9.1-2', 'policycoreutils-1.9-16', 'qt-3.3.1-0.7', 'qt-MySQL-3.3.1-0.7', 'qt-ODBC-3.3.1-0.7', 'qt-PostgreSQL-3.3.1-0.7', 'qt-designer-3.3.1-0.7', 'qt-devel-3.3.1-0.7', 'rhythmbox-0.7.1-2', 'rp-pppoe-3.5-12', 'rpmdb-fedora-1.91-0.20040330', 'samba-3.0.3-1.pre1', 'samba-client-3.0.3-1.pre1', 'samba-common-3.0.3-1.pre1', 'samba-swat-3.0.3-1.pre1', 'sash-3.7-3', 'setools-1.2.1-3', 'setools-devel-1.2.1-3', 'setools-gui-1.2.1-3', 'shared-mime-info-0.14-1', 'slocate-2.7-8', 'sylpheed-0.9.10-2', 'system-config-bind-2.0.2-4', 'system-config-date-1.7.3-1', 'system-config-display-1.0.12-1', 'system-config-netboot-0.1.3-4', 'system-config-printer-0.6.98-1', 'system-config-printer-gui-0.6.98-1', 'system-config-samba-1.2.9-1', 'system-config-securitylevel-1.3.9-1', 'system-config-securitylevel-tui-1.3.9-1', 'system-config-services-0.8.8-4', 'tetex-2.0.2-13', 'tetex-afm-2.0.2-13', 'tetex-doc-2.0.2-13', 'tetex-dvips-2.0.2-13', 'tetex-fonts-2.0.2-13', 'tetex-latex-2.0.2-13', 'tetex-xdvi-2.0.2-13', 'udev-023-1', 'util-linux-2.12-15', 'vim-X11-6.2.403-1', 'vim-common-6.2.403-1', 'vim-enhanced-6.2.403-1', 'vim-minimal-6.2.403-1', 'vnc-4.0-1.beta4.9', 'vnc-server-4.0-1.beta4.9', 'w3m-0.5-1', 'webalizer-2.01_10-22', 'xinitrc-3.38-1', 'zip-2.3-22'] [Tue Mar 30 22:05:51 2004] up2date Modifying bootloader config to include the new kernel info [Tue Mar 30 22:05:51 2004] up2date Adding 2.6.4-1.298 to bootloader config [Tue Mar 30 22:05:51 2004] up2date Adding 2.6.4-1.298 to bootloader config [Tue Mar 30 22:05:52 2004] up2date Running lilo with the new configuration [Tue Mar 30 22:05:53 2004] up2date Modifying bootloader config to include the new kernel info [Tue Mar 30 22:05:53 2004] up2date Adding 2.6.4-1.298 to bootloader config [Tue Mar 30 22:05:53 2004] up2date Running lilo with the new configuration [root@old1 boot]# This shows (supposedly) that all those packages were updated. If the kernel was not installed when the log says it was, how many others were not really updated? another problem is that I use grub! ( have never used lilo on this box) and it was not updated. the log shows that the kernel install tried to update lilo. btw I am running in enforcing mode as root (with role sysmgr_r): Where do I start with the bug reports? the kernel 'cause it did not install? up2date because it did not report any errors when something was very worng? selinux policy? there are hundreds of avc denied messages... please let me know how to proceed with getting my system updated in enforcing mode and if there is additional information I can provide. the messages file is 796261 bytes and I have saved a copy. thanks, Richard Hally Richard Hally

19 years, 6 months

7
7
0 / 0

← Newer
1
2
3
4
5
6
7
8
9
10
Older →

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

selinux April 2004