upgrade of selinux-policy-targeted doing recursive restorecon on NFS mounts a bad idea
by Jason Vas Dias
I'm now doing an upgrade to
selinux-policy-targeted-1.17.30-2.83 on FC3,
and it seems to be doing a recursive restorecon
on all the NFS mounts on the system - including
/home/boston, /mnt/redhat, etc.
I don't think this is a good idea at all!
This single update of selinux-policy-targeted
is probably going to take all day, and I hope
the restorecon on NFS mounts as root is not
going to harm other people's mounts of shared
NFS systems like /home/boston and /mnt/redhat !
Restorecon in recursive mode should ignore NFS mounts -
or the spec file should weed out NFS mounts from the
restorecon command line.
Should I raise a bug on this ?
18 years, 9 months
File Contexts error?
by Hongwei Li
Hi,
I have run up2date to update many packages of my fc3 system. My system info:
RedHat FC3 linux, kernel 2.6.10-1.766_FC3, selinux enforced (targeted),
iptables enabled
selinux-policy-targeted: 1.17.30-2.19
Then, the root received the following mail:
Invalid File Contexts
/etc/blkid.tab
/etc/asound.state
/etc/ld.so.cache
/etc/.pwd.lock
/etc/hotplug/usb.usermap
/etc/freshclam.conf
/etc/sysconfig/firstboot
/etc/sysconfig/hwconf
/.autofsck
/.fonts.cache-1
/lost+found
/root/install.log
/root/install.log.syslog
/lib/modules/2.6.10-1.766_FC3/modules.ccwmap
/lib/modules/2.6.10-1.766_FC3/modules.alias
/lib/modules/2.6.10-1.766_FC3/modules.dep
/lib/modules/2.6.10-1.766_FC3/modules.inputmap
/lib/modules/2.6.10-1.766_FC3/modules.usbmap
/lib/modules/2.6.10-1.766_FC3/modules.isapnpmap
/lib/modules/2.6.10-1.766_FC3/modules.pcimap
/lib/modules/2.6.10-1.766_FC3/modules.ieee1394map
/lib/modules/2.6.10-1.766_FC3/modules.symbols
/lib/modules/2.6.9-1.667/modules.ccwmap
/lib/modules/2.6.9-1.667/modules.alias
/lib/modules/2.6.9-1.667/modules.dep
/lib/modules/2.6.9-1.667/modules.inputmap
/lib/modules/2.6.9-1.667/modules.usbmap
/lib/modules/2.6.9-1.667/modules.isapnpmap
/lib/modules/2.6.9-1.667/modules.pcimap
/lib/modules/2.6.9-1.667/modules.ieee1394map
/lib/modules/2.6.9-1.667/modules.symbols
/home/lost+found
/tmp/lost+found
/usr/lost+found
/var/log/rpmpkgs
/var/log/httpd/ssl_error_log
/var/log/httpd/ssl_request_log
/var/log/httpd/ssl_access_log
/var/log/httpd/error_log
/var/log/httpd/access_log
/var/log/yum.log
/var/lost+found
/var/run/utmp
/var/lib/squirrelmail/prefs/qlily.pref
/var/lib/squirrelmail/prefs/qlily.abook
/var/lib/php/session/sess_bd54786e5c301c251fd139a22c129872
I don't know which package's updating caused this problem. Then, I run:
# restorecon -R /etc/*
# restorecon -R /var/*
# restorecon -R /lib/*
# restorecon -R /usr/*
I got a lot of warning about sybolic links, that's probably okay. Now,
the problem is that the user qlily cannot login to squirrelmail. The
error message is:
Preference file, /var/lib/squirrelmail/prefs/qlily.pref.tmp, could not be
opened. Contact your system administrator to resolve this issue.
Check the files:
# ls -lZ /var/lib/squirrelmail/prefs/qlily.*
-rw-r--r-- apache apache system_u:object_r:var_lib_t
/var/lib/squirrelmail/prefs/qlily.abook
-rw------- apache apache system_u:object_r:var_lib_t
/var/lib/squirrelmail/prefs/qlily.pref
-rw-r--r-- apache apache system_u:object_r:var_lib_t
/var/lib/squirrelmail/prefs/qlily.pref.tmp
and the log shows:
Mar 2 15:49:03 pippo kernel: audit(1109800143.922:0): avc: denied {
write } for pid=1458 exe=/usr/sbin/httpd name=qlily.pref.tmp dev=hda2
ino=2540354 scontext=root:system_r:httpd_t
tcontext=system_u:object_r:var_lib_t tclass=file
Mar 2 15:49:03 pippo kernel: audit(1109800143.924:0): avc: denied {
write } for pid=1458 exe=/usr/sbin/httpd
name=sess_bd54786e5c301c251fd139a22c129872 dev=hda2 ino=2540345
scontext=root:system_r:httpd_t tcontext=system_u:object_r:var_lib_t
tclass=file
....
qlily is the only user I created so far in the system. This user can
send/receive email through pine. To test the situation, I created another
user msnet. He can login to ssh console, but cannot login to
squirrelmail, the error message is:
You must be logged in to access this page
although the password is correct. his pref file is:
# ls -lZ /var/lib/squirrelmail/prefs/msnet.pref
-rw------- apache apache root:object_r:httpd_var_lib_t
/var/lib/squirrelmail/prefs/msnet.pref
What's wrong? What package updating caused this problem? How to fix the
problem?
Thanks a lot!
Hongwei Li
18 years, 9 months
Re: selinux and ASP for Linux
by Jason Dravet
While asp works, I get the following in my /var/log/messages
Mar 2 17:14:05 cisit6 kernel: audit(1109805245.364:0): avc: denied { read
write } for pid=5516 exe=/opt/casp/tools/bin/linux2_i686/perl5/bin/perl
name=1 dev=devpts ino=3 scontext=root:system_r:httpd_sys_script_t
tcontext=root:object_r:devpts_t tclass=chr_file
Mar 2 17:14:05 cisit6 kernel: audit(1109805245.365:0): avc: denied { read
write } for pid=5516 exe=/opt/casp/tools/bin/linux2_i686/perl5/bin/perl
path=/dev/pts/1 dev=devpts ino=3 scontext=root:system_r:httpd_sys_script_t
tcontext=root:object_r:devpts_t tclass=chr_file
Mar 2 17:14:05 cisit6 kernel: audit(1109805245.367:0): avc: denied {
execute } for pid=5516 path=/usr/lib/locale/locale-archive dev=dm-0
ino=263488 scontext=root:system_r:httpd_sys_script_t
tcontext=root:object_r:locale_t tclass=file
Mar 2 17:14:05 cisit6 kernel: audit(1109805245.368:0): avc: denied {
execute } for pid=5516 path=/usr/lib/locale/en_US.utf8/LC_IDENTIFICATION
dev=dm-0 ino=261166 scontext=root:system_r:httpd_sys_script_t
tcontext=system_u:object_r:locale_t tclass=file
What can I do to fix this? I have not had time to try a database connection
yet. I am sure that will generate a few more avc messages.
Thanks,
Jason Dravet
18 years, 9 months
Re: selinux and ASP for Linux
by Jason Dravet
Here is what I come up with so far to get ASP for Linux to work:
chcon -R -h -t httpd_sys_content_t /opt/casp/INSTALL/
chcon -h -t httpd_sys_content_t
/opt/casp/module/linux2_i686_optimized/apache_2.0.x/20020903/standard/*.so
restorecon /opt/casp/server/lib/linux2_i686_optimized/*
I tried a
chcon -R -h -t httpd_sys_script_t /opt/casp/INSTALL
and I get Permission denied
I also tried the chcon -R -h -t httpd_t /opt/casp/INSTALL
and again I get Permission denied
I did a restorecon on
/opt/casp/module/linux2_i686_optimized/apache_2.0.x/20020903/standard/*.so
but that gave me
Mar 1 19:48:26 cisit6 httpd: Cannot load
/opt/casp/module/linux2_i686_optimized/apache_2.0.x/20020903/standard/mod_ca
sp2.so into server:
/opt/casp/module/linux2_i686_optimized/apache_2.0.x/20020903/standard/mod_ca
sp2.so: failed to map segment from shared object: Permission denied
While the three commands at the top get things to work I get the following
in my /var/log/messages:
Mar 3 13:06:29 cisit6 kernel: audit(1109876789.001:0): avc: denied { read
} for pid=9976 exe=/opt/casp/tools/bin/linux2_i686/perl5/bin/perl
path=/proc/5896/cmdline dev=proc ino=386400268
scontext=root:system_r:httpd_sys_script_t
tcontext=root:system_r:unconfined_t tclass=file
Mar 3 13:06:29 cisit6 kernel: audit(1109876789.001:0): avc: denied { read
write } for pid=9976 exe=/opt/casp/tools/bin/linux2_i686/perl5/bin/perl
path=socket:[42392] dev=sockfs ino=42392
scontext=root:system_r:httpd_sys_script_t
tcontext=root:system_r:unconfined_t tclass=tcp_socket
Mar 3 13:06:29 cisit6 kernel: audit(1109876789.001:0): avc: denied { read
write } for pid=9976 exe=/opt/casp/tools/bin/linux2_i686/perl5/bin/perl
path=/tmp/.pm-chili-psm dev=dm-0 ino=48581
scontext=root:system_r:httpd_sys_script_t tcontext=root:object_r:tmp_t
tclass=file
Mar 3 13:06:29 cisit6 kernel: audit(1109876789.002:0): avc: denied { read
write } for pid=9976 exe=/opt/casp/tools/bin/linux2_i686/perl5/bin/perl
path=/tmp/.casp5101/.pm-chili-psm dev=dm-0 ino=81192
scontext=root:system_r:httpd_sys_script_t tcontext=root:object_r:tmp_t
tclass=file
Mar 3 13:06:29 cisit6 kernel: audit(1109876789.002:0): avc: denied { read
write } for pid=9976 exe=/opt/casp/tools/bin/linux2_i686/perl5/bin/perl
path=socket:[43453] dev=sockfs ino=43453
scontext=root:system_r:httpd_sys_script_t
tcontext=root:system_r:unconfined_t tclass=tcp_socket
Mar 3 13:06:29 cisit6 kernel: audit(1109876789.002:0): avc: denied { read
write } for pid=9976 exe=/opt/casp/tools/bin/linux2_i686/perl5/bin/perl
path=socket:[43465] dev=sockfs ino=43465
scontext=root:system_r:httpd_sys_script_t
tcontext=root:system_r:unconfined_t tclass=tcp_socket
Mar 3 13:06:29 cisit6 kernel: audit(1109876789.006:0): avc: denied {
execute } for pid=9976 path=/usr/lib/locale/locale-archive dev=dm-0
ino=263488 scontext=root:system_r:httpd_sys_script_t
tcontext=root:object_r:locale_t tclass=file
Mar 3 13:06:29 cisit6 kernel: audit(1109876789.007:0): avc: denied {
execute } for pid=9976 path=/usr/lib/locale/en_US.utf8/LC_IDENTIFICATION
dev=dm-0 ino=261166 scontext=root:system_r:httpd_sys_script_t
tcontext=system_u:object_r:locale_t tclass=file
Is there any good documentation for selinux that I can read to try to figure
how to fix the above? Something that can explain what the messages mean.
Thanks,
Jason
18 years, 9 months
ntpd drift.TEMP file
by mroselinux@eastgranby.k12.ct.us
I have just built an FC3 samba server using the K12LTSP iso's and am
getting the following messages on the log.
Jan 21 01:55:14 admin ntpd[9988]: can't open /etc/ntp/drift.TEMP:
Permission denied
Jan 21 01:55:14 admin kernel: audit(1106290514.375:0): avc: denied {
write } for pid=9988 exe=/usr/sbin/ntpd name=ntp dev=hda3 ino=3392705
scontext=root:system_r:ntpd_t tcontext=system_u:object_r:etc_t tclass=dir
With SELinux enabled, the drift file could not be created. In permissive
mode, the drift file is properly created and updated. What have I done
wrong?
[root@admin ntp]# ls -dZ .
drwxr-xr-x ntp ntp system_u:object_r:etc_t
[root@admin ntp]# ls -lZ drift
-rw-r--r-- ntp ntp root:object_r:etc_t drift
Mark Orenstein
East Granby, CT School System
18 years, 9 months
Re: selinux and ASP for Linux
by Jason Dravet
>On Wed, 2005-03-02 at 15:45 -0600, Jason Dravet wrote:
>>I have installed Sun's new asp for Linux (4.02) product on my Linux
>>server.
>>What the software does is provide asp support to httpd on Linux platforms.
>>The Sun installer adds a module to the system so httpd can handle asp
>>requests. When I try to start httpd I get the following messages. If I
>>run
>>setenforce 0 and start httpd, asp works great so the problem is with the
>>way
>>asp and selinux interact. I have to run with selinux enabled so disabling
>>it is not a solution. What do I have to do to get this to work? I have
>>contacted Sun but they don't know anything about selinux.
>
>First, note that you can disable SELinux enforcement just for httpd
>without doing setenforce 0; see:
>http://fedora.redhat.com/docs/selinux-faq-fc3/index.html#using-s-c->securit
ylevel
>
>>Mar 1 19:45:28 cisit6 kernel: audit(1109727928.415:0): avc: denied {write}
>>for pid=8390 exe=/usr/sbin/httpd
>>path=/opt/casp/INSTALL/database/tmp/tmp.0.5541 dev=dm-0 ino=426791
>>scontext=root:system_r:httpd_t tcontext=root:object_r:usr_t tclass=file
>
>Hmmm. Hard to say what this is. You could try:
>
> chcon -R -h -t httpd_sys_content_t /opt/casp/INSTALL/
>
>>path=/opt/casp/module/linux2_i686_optimized/apache_2.0.x/20020903/standard
>>/mod_casp2.so dev=dm-0 ino=633455 scontext=root:system_r:httpd_t
>>tcontext=root:object_r:usr_t tclass=file
>
>My suggestion:
>
> chcon -h -t shlib_t
>/opt/casp/module/linux2_i686_optimized/apache_2.0.x/20020903/standard/*.so
I used setenforce 0 just to check if asp actually installed correctly. I
know that I can off selinux just for httpd, but as I said turn off selinux
(or any part there of) is not an option at this time.
I did the two commands that you suggested and now I get the following
messages so progress is being made:
Mar 2 16:49:18 cisit6 kernel: audit(1109803758.925:0): avc: denied {
execute } for pid=5438
path=/opt/casp/server/lib/linux2_i686_optimized/libcasp2ap.so dev=dm-0
ino=551452 scontext=root:system_r:httpd_t tcontext=root:object_r:usr_t
tclass=file
Mar 2 16:49:18 cisit6 httpd: mod_casp2: failed to open
/opt/casp/server/lib/linux2_i686_optimized/libcasp2ap.so, aborting.
Mar 2 16:49:18 cisit6 httpd: mod_casp2:
/opt/casp/server/lib/linux2_i686_optimized/libcasp2ap.so: failed to map
segment from shared object: Permission denied
Mar 2 16:49:18 cisit6 httpd: httpd startup failed
So I did a
chcon -h -t shlib_t /opt/casp/server/lib/linux2_i686_optimized/libcasp2ap.so
which got me to
Starting httpd: casp2ap: error loading Sun Java System Active Server Pages
dispatcher library -
/opt/casp/server/lib/linux2_i686_optimized/libaspdisp.so
casp2ap: /opt/casp/server/lib/linux2_i686_optimized/libaspdisp.so: failed to
map segment from shared object: Permission denied
so then I did
chcon -h -t shlib_t /opt/casp/server/lib/linux2_i686_optimized/libaspdisp.so
and now it appears to be working fine. The simple tests have passed with
flying colors. I have to test the database parts next.
So in short to get asp for linux working you have to do the following:
chcon -R -h -t httpd_sys_content_t /opt/casp/INSTALL/
chcon -h -t shlib_t
/opt/casp/module/linux2_i686_optimized/apache_2.0.x/20020903/standard/*.so
chcon -h -t shlib_t /opt/casp/server/lib/linux2_i686_optimized/libcasp2ap.so
chcon -h -t shlib_t /opt/casp/server/lib/linux2_i686_optimized/libaspdisp.so
Can this be added to the targeted policy in the future?
Thanks for all of your help,
Jason Dravet
18 years, 9 months
selinux and ASP for Linux
by Jason Dravet
I have installed Sun's new asp for Linux (4.02) product on my Linux server.
What the software does is provide asp support to httpd on Linux platforms.
The Sun installer adds a module to the system so httpd can handle asp
requests. When I try to start httpd I get the following messages. If I run
setenforce 0 and start httpd, asp works great so the problem is with the way
asp and selinux interact. I have to run with selinux enabled so disabling
it is not a solution. What do I have to do to get this to work? I have
contacted Sun but they don't know anything about selinux.
Mar 1 19:45:28 cisit6 kernel: audit(1109727928.415:0): avc: denied { write }
for pid=8390 exe=/usr/sbin/httpd
path=/opt/casp/INSTALL/database/tmp/tmp.0.5541 dev=dm-0 ino=426791
scontext=root:system_r:httpd_t tcontext=root:object_r:usr_t tclass=file
Mar 1 19:45:28 cisit6 kernel: audit(1109727928.459:0): avc: denied { write }
for pid=8395 exe=/usr/sbin/httpd
path=/opt/casp/INSTALL/database/tmp/tmp.0.5541 dev=dm-0 ino=426791
scontext=root:system_r:httpd_t tcontext=root:object_r:usr_t tclass=file
Mar 1 19:45:28 cisit6 kernel: audit(1109727928.476:0): avc: denied { write }
for pid=8396 exe=/usr/sbin/httpd
path=/opt/casp/INSTALL/database/tmp/tmp.0.5541 dev=dm-0 ino=426791
scontext=root:system_r:httpd_t tcontext=root:object_r:usr_t tclass=file
Mar 1 19:46:02 cisit6 httpd: httpd shutdown failed
Mar 1 19:46:02 cisit6 kernel: audit(1109727962.718:0): avc: denied { execute
} for pid=8765
path=/opt/casp/module/linux2_i686_optimized/apache_2.0.x/20020903/standard/m
od_casp2.so dev=dm-0 ino=633455 scontext=root:system_r:httpd_t
tcontext=root:object_r:usr_t tclass=file
Mar 1 19:46:02 cisit6 httpd: Syntax error on line 191 of
/etc/httpd/conf/httpd.conf:
Mar 1 19:46:02 cisit6 httpd: Cannot load
/opt/casp/module/linux2_i686_optimized/apache_2.0.x/20020903/standard/mod_ca
sp2.so into server:
/opt/casp/module/linux2_i686_optimized/apache_2.0.x/20020903/standard/mod_ca
sp2.so: failed to map segment from shared object: Permission denied
Mar 1 19:46:02 cisit6 httpd: httpd startup failed
Mar 1 19:48:26 cisit6 kernel: audit(1109728106.456:0): avc: denied { execute
} for pid=10537
path=/opt/casp/module/linux2_i686_optimized/apache_2.0.x/20020903/standard/m
od_casp2.so dev=dm-0 ino=633455 scontext=root:system_r:httpd_t
tcontext=root:object_r:usr_t tclass=file
Mar 1 19:48:26 cisit6 httpd: Syntax error on line 191 of
/etc/httpd/conf/httpd.conf:
Mar 1 19:48:26 cisit6 httpd: Cannot load
/opt/casp/module/linux2_i686_optimized/apache_2.0.x/20020903/standard/mod_ca
sp2.so into server:
/opt/casp/module/linux2_i686_optimized/apache_2.0.x/20020903/standard/mod_ca
sp2.so: failed to map segment from shared object: Permission denied
Mar 1 19:48:26 cisit6 httpd: httpd startup failed
Mar 1 19:51:04 cisit6 kernel: audit(1109728264.423:0): avc: denied { execute
} for pid=10548
path=/opt/casp/module/linux2_i686_optimized/apache_2.0.x/20020903/standard/m
od_casp2.so dev=dm-0 ino=633455 scontext=root:system_r:httpd_t
tcontext=root:object_r:usr_t tclass=file
Mar 1 19:51:04 cisit6 httpd: Syntax error on line 191 of
/etc/httpd/conf/httpd.conf:
Mar 1 19:51:04 cisit6 httpd: Cannot load
/opt/casp/module/linux2_i686_optimized/apache_2.0.x/20020903/standard/mod_ca
sp2.so into server:
/opt/casp/module/linux2_i686_optimized/apache_2.0.x/20020903/standard/mod_ca
sp2.so: failed to map segment from shared object: Permission denied
Thanks for your time,
Jason Dravet
18 years, 9 months
Reports from the conferance
by Stephen John Smoogen
Hi I was unable to get the ducks put in a row to get to the conferance
this week. Will there be published whitepapers afterwords and various
howtos?
Thanks
--
Stephen J Smoogen.
CSIRT/Linux System Administrator
18 years, 9 months
Problem to running BackupPC with selinux
by Daniela Gradim
I make the changes to httpd works fine but now when I try to run
BackupPC I get those messages. I tried to run chcon but still didn't
work.
Mar 1 09:42:19 backup backuppc: BackupPC shutdown failed
Mar 1 09:42:19 backup kernel: audit(1109666539.876:0): avc: denied {
read write } for pid=29112 exe=/usr/bin/perl name=1 dev=devpts ino=3
scontext=root:system_r:httpd_sys_script_t
tcontext=root:object_r:devpts_t tclass=chr_file
Mar 1 09:42:19 backup kernel: audit(1109666539.876:0): avc: denied {
read write } for pid=29112 exe=/usr/bin/perl path=/dev/pts/1 dev=devpts
ino=3 scontext=root:system_r:httpd_sys_script_t
tcontext=root:object_r:devpts_t tclass=chr_fileMar 1 09:42:20 backup
kernel: audit(1109666540.145:0): avc: denied { listen } for pid=29138
exe=/usr/bin/perl path=/home/httpd/html/BackupPC/data/log/BackupPC.sock
scontext=root:system_r:httpd_sys_script_t
tcontext=root:system_r:httpd_sys_script_t tclass=unix_stream_socket
Thanks
--
Daniela Gradim
B.Sc.
daniela.gradim(a)fortevisiomedica.com
Mobile phone: +46-(0)765-48 99 95
---------------------------------------------------------------------
Forte Visio Medica AB
Hammarby Fabriksväg 23
S-120 33 Stockholm
Sweden
Phone: +46-(0)8-440 03 00
Fax: +46-(0)765-310 100
---------------------------------------------------------------------
THIS COMMUNICATION IS ONLY INTENDED FOR THE USE OF THE INDIVIDUAL, OR
ENTITY, TO WHICH IT IS DIRECTED AND MAY CONTAIN INFORMATION THAT IS
PRIVILIGED, CONFIDENTIAL AND EXEMPT FROM DISCLOSURE UNDER APPLICABLE
LAW. IF RECEIVED IN ERROR: PLEASE NOTIFY US IMMEDIATELY THROUGH
info(a)fortevisiomedica.com.
---------------------------------------------------------------------
18 years, 9 months
Re: fc3 - password change problem - syslog and portmapper
by Jayendren Anand Maduray
Hi!
having problems with selinux for sylog and portmapper. Also cannot change
password with selinux enable.
it is running in targeted mode.
I have been checking with nsa-selinux forum, and some of the ppl recommend
that i ask this forum.
from nsa-linux:
On Tue, 2005-02-22 at 08:09 +0200, Jayendren Anand Maduray wrote:
> Got FC3 running SELINUX in enforcing mode.
>
> 1. however when i try to change my password, i get the ffg error:
> SystemError: couldn't get security context of `/etc/passwd': No data
available
>
> 2. also, when i boot up, syslogd, and portmap cannot start, so i disabled it
> in SELinux. i would like to get this to work, though.
>
> i am running kernel Linux shiva 2.6.10-1.741_FC3smp
The most likely scenario is that you never labeled your filesystems, or
that you ran with SELinux disabled for some period of time and thus
ended up with some files without security labels. Touch /.autorelabel
and reboot, or run /sbin/fixfiles relabel and reboot. BTW, this kind of
question belongs on fedora-selinux-list, not here, IMHO.
--
Stephen Smalley <sds(a)tycho.nsa.gov>
National Security Agency
Hi!
tried restorecon, here is the output:
[root@shiva jay]# restorecon /etc/passwd
[root@shiva jay]# passwd
Changing password for user root.
New UNIX password:
Retype new UNIX password:
passwd: Authentication failure
[root@shiva jay]#
here is dmesg:
SELinux: Completing initialization.
SELinux: Setting up existing superblocks.
SELinux: initialized (dev hda5, type ext3), uses xattr
SELinux: initialized (dev tmpfs, type tmpfs), uses transition SIDs
SELinux: initialized (dev selinuxfs, type selinuxfs), uses genfs_contexts
SELinux: initialized (dev mqueue, type mqueue), not configured for labeling
SELinux: initialized (dev hugetlbfs, type hugetlbfs), not configured for
labeling
SELinux: initialized (dev devpts, type devpts), uses transition SIDs
SELinux: initialized (dev eventpollfs, type eventpollfs), uses genfs_contexts
SELinux: initialized (dev tmpfs, type tmpfs), uses transition SIDs
SELinux: initialized (dev futexfs, type futexfs), uses genfs_contexts
SELinux: initialized (dev pipefs, type pipefs), uses task SIDs
SELinux: initialized (dev sockfs, type sockfs), uses task SIDs
SELinux: initialized (dev proc, type proc), uses genfs_contexts
SELinux: initialized (dev bdev, type bdev), uses genfs_contexts
SELinux: initialized (dev rootfs, type rootfs), uses genfs_contexts
SELinux: initialized (dev sysfs, type sysfs), uses genfs_contexts
SELinux: initialized (dev usbfs, type usbfs), uses genfs_contexts
For Syslogd:
syslogd: error while loading shared libraries: /lib/ld-linux.so.2: cannot
apply additional memory protection after relocation
For portmap:
error while loading shared libraries: libnsl.so.1:
cannot open shared object file: No such file or directory.
On Tuesday 22 February 2005 14:46, Russell Coker wrote:
> restorecon /etc/passwd
--
Jayendren Anand Maduray
Microsoft Certified Professional
Network Plus
IT Administrator
Perinatal HIV Research Unit
Old Potch Road
Chris Hani Baragwanath Hospital
Soweto
South Africa
Tel: +27 11 989 9776
Tel: +27 11 989 9999
Fax: +27 11 938 3973
Cel: 082 22 774 94
18 years, 9 months
