fc5: several troubles at my first attempt

Daniel J Walsh dwalsh at redhat.com
Mon Apr 3 18:38:07 UTC 2006 

Ron Yorston wrote:
> Stephen Smalley wrote:
>   
>> On Wed, 2006-03-15 at 19:08 +0200, Maxim Britov wrote:
>>     
>>> I have installed current fc5 by http about week or two ago. It updated from rawhide.
>>> It currently installed on hda2 and it ran from qemu.
>>>
>>> I see many avc denied messages in dmesg (repeated 210 times with different pids):
>>> audit(1142439027.188:2): avc:  denied  { search } for  pid=349 comm="pam_console_app" name="var" dev=hda2 ino=210081 scontext=system_u:system_r:pam_console_t:s0-s0:c0.c255 tcontext=system_u:object_r:file_t:s0 tclass=dir
>>> hda2 here is /
>>>       
>> Hmmm.../var should be labeled with system_u:object_r:var_t, not file_t.
>> Need to relabel?
>>     
>
> I'm seeing these too.  My /var is on a separate partition.  Could this be
> the cause of the problem?
>
> Mar 31 20:04:18 random kernel: audit(1143831757.360:451): avc:  denied  { search } for  pid=1384 comm="pam_console_app" name="var" dev=hde3 ino=62785 scontext=system_u:system_r:pam_console_t:s0-s0:c0.c255 tcontext=system_u:object_r:file_t:s0 tclass=dir
> Mar 31 20:04:18 random kernel: EXT3 FS on hde3, internal journal
> Mar 31 20:04:18 random kernel: SELinux: initialized (dev tmpfs, type tmpfs), uses transition SIDs
> Mar 31 20:04:18 random kernel: kjournald starting.  Commit interval 5 seconds
> Mar 31 20:04:18 random kernel: EXT3 FS on hde8, internal journal
> Mar 31 20:04:18 random kernel: EXT3-fs: mounted filesystem with ordered data mode.
> Mar 31 20:04:18 random kernel: SELinux: initialized (dev hde8, type ext3), uses xattr
>
> # df
> Filesystem           1K-blocks      Used Available Use% Mounted on
> /dev/hde3               972564    353452    568912  39% /
> /dev/hde8               972532    290180    632152  32% /var
> # ls -Zd /var
> drwxr-xr-x  root     root     system_u:object_r:var_t          /var
> # ls -id /var
> 2 /var
>
> Ron
>
> --
> fedora-selinux-list mailing list
> fedora-selinux-list at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-selinux-list
>   
What happens when you

restorecon -R -v /var

More information about the selinux mailing list