Problem with SELinux and NIS
Tony Molloy
tony.molloy at ul.ie
Fri Jul 8 13:04:21 UTC 2005
On Thursday 07 July 2005 13:32, you wrote:
> Tony Molloy wrote:
> >Hi,
> >
> >My test system runs FC4 updated to the latest rpm's as of today. I'm
> >trying to get SELinux working and am having a slight problem
> >
> >I've gotten nfs, samba and ntpd working OK, but I have a problem with
> > NIS running yppasswd to set passwords.
> >
> >With SELinux disabled it work's, with SELinux enabled, in enforcing
> > mode and targetted policy it doesn't.
> >
> >The errors I get are as follows:
> >
> >/var/log/messages ( edited )
> >
> >beta rpc.yppasswdd[1778]: update testacc1 (uid=9001) from host
> >10.220.1.151 failed
> >beta rpc.yppasswdd[1778]: password file locked
> > ^^^^^^^^^^^^^^^^^^^^
> >
> >/var/log/audit/audit.log
> >
> >type=PATH msg=audit(1120732794.982:341722): item=0
> > name="/etc/.pwd.lock" flags=310 inode=62249 dev=03:01 mode=040755
> > ouid=0 ogid=0 rdev=00:00
> >
> >type=Unknown msg=audit(1120732794.982:341722): cwd="/"
> >
> >type=SYSCALL msg=audit(1120732794.982:341722): arch=40000003 syscall=5
> >success=no exit=-13 a0=acf181 a1=41 a2=180 a3=ffffffff items=1
> > pid=1778 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0
> > sgid=0 fsgid=0 comm="rpc.yppasswdd" exe="/usr/sbin/rpc.yppasswdd"
> >
> >type=AVC msg=audit(1120732794.982:341722): avc: denied { write } for
> >pid=1778 comm="rpc.yppasswdd" name=".pwd.lock" dev=hda1 ino=62391
> >scontext=system_u:system_r:rpcd_t tcontext=system_u:object_r:shadow_t
> >tclass=file
> >
> >So it seems that SELinux is denying rpc.yppasswdd writing
> >to /etc/.pwd.lock
> >
> >How do I allow it to write to that file.
> >
> >Thank's in advance
> >
> >Tony
>
> Please submit a bugzilla. Looks like we need policy for yppasswdd.
>
> Dan
Done. Bugzilla bug 162746
Tony
--
Tony Molloy.
Dept. of Comp. Sci.
University of Limerick
More information about the selinux
mailing list