Daniel J Walsh wrote:
On 01/04/2013 10:02 AM, m.roth(a)5-cent.us wrote:
> Hi. I've tried relabelling the entire system after a roboot, and I'm
> still getting the AVCs when motion is trying to do things with files it's
> creating/removing on an NFS-mounted directory.
>
> Fedora 17, fully updated, kernel 3.6.10-2.fc17.x86_6 selinux-policy
> 3.10.0-161.fc17 selinux-policy-targeted 3.10.0-161.fc17
>
Relabeling is not going to do anything with NFS. What are the current
AVCs and I guess we need to allow zoneminder to interact with nfs_t.
I'm a little confused - for one, I think I need to fire up setroubleshoot,
since I'm not seeing anything in messages about running sealert. But more,
what I see in /var/log/audit/audit.log seems different from
/var/log/messages. Both show denials for open, read, getattr,
execute_no_trans, execute, remove_name, unlink, create, search, and
add_name, but audit.log refers to nfs_t, while messages refers to motion's
configuration file....
mark