selinux denies X, but can get in via permissive mode
Daniel J Walsh
dwalsh at redhat.com
Thu Apr 17 12:30:11 UTC 2008
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Antonio Olivares wrote:
> --- Dennis Jacobfeuerborn
> <d.jacobfeuerborn at conversis.de> wrote:
>
>> Antonio Olivares wrote:
>>> No, I tried
>>> # touch ./autorelabel
>> That should be "touch /.autorelabel"
>>
>> Regards,
>> Dennis
>>
>> --
>> fedora-test-list mailing list
>> fedora-test-list at redhat.com
>> To unsubscribe:
>>
> https://www.redhat.com/mailman/listinfo/fedora-test-list
>
> I did it the right way as you write it correctly. But
> still get a bunch of errors. I have to still boot
> with enforcing=0 because the selinux denials are too
> much to handle. The setroubleshooter utility fires
> like the fastest guns in the west. It will need to
> wait for a bigger fix than the ones in the avcs
> message to fix.
>
> Regards,
>
> Antonio
>
>
> ____________________________________________________________________________________
> Be a better friend, newshound, and
> know-it-all with Yahoo! Mobile. Try it now. http://mobile.yahoo.com/;_ylt=Ahu06i62sR8HDtDypao8Wcj9tAcJ
>
I would try the following commands, they should have executed during the
upgrade.
# semanage user -a -S targeted -P user -R "unconfined_r system_r" -r
s0-s0:c0.c1023 unconfined_u
# semanage login -m -S targeted -P user -s "unconfined_u" -r
s0-s0:c0.c1023 __default__
# semanage login -m -S targeted -P user -s "unconfined_u" -r
s0-s0:c0.c1023 root
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org
iEYEARECAAYFAkgHQtMACgkQrlYvE4MpobODCACfcX5PPphfMlvt2/Ch07zeG2aC
EPgAoJA67HOTXJljsothzYv27pxx/Lwy
=rSbx
-----END PGP SIGNATURE-----
More information about the test
mailing list