Daniel J Walsh wrote:
Marius Andreiana wrote:
> On Tue, 2005-02-01 at 17:23 -0500, Daniel J Walsh wrote:
>
>
>> Are you getting any AVC messages in /var/log/messages?
>>
>
> Not related to this. Just
> Feb 1 14:51:56 192-168-0-199 postfix: postalias "hash:/etc/aliases"
> failed
>
> I can't tell what for is this:
> Feb 1 14:41:33 192-168-0-199 kernel: audit(1107261693.771:0): avc:
> denied { read write } for pid=15091 exe=/usr/sbin/rndc path=/dev/tty
> dev=tmpfs ino=3539 scontext=root:system_r:ndc_t
> tcontext=system_u:object_r:devtty_t tclass=chr_file
>
>
> And this was about an warning starting httpd and
> complaining /home/galuna/www doesn't exist (file permissions were ok, I
> didn't check selinux restrictions)
> Feb 1 14:41:37 192-168-0-199 kernel: audit(1107261697.762:0): avc:
> denied { getattr } for pid=15124 exe=/usr/sbin/httpd
> path=/home/galuna/www dev=hda2 ino=96431 scontext=root:system_r:httpd_t
> tcontext=root:object_r:user_home_t tclass=dir
>
> I disabled SELinux for now. Will try again in FC4 and debug more.
>
>
You don't need to disable SELinux, You can disable certain "domains"
if you do not want them protected.
If you
chcon -R -t httpd_sys_content_t /home/galuna/www
and
setsebool -P httpd_enable_homedirs 1
Your apache should work.
Could you do a
ls -l /etc/aliases*
I meant ls -lZ /etc/aliases
Dan
--
fedora-selinux-list mailing list
fedora-selinux-list(a)redhat.com
http://www.redhat.com/mailman/listinfo/fedora-selinux-list