First selinux problem, help!
Paul Howarth
paul at city-fan.org
Wed Nov 8 16:04:29 UTC 2006
Mark Haney wrote:
> Paul Howarth wrote:
>> Mark Haney wrote:
>>> I just encountered my first problem with selinux. As I'm just now
>>> losing my selinux virginity, I need help. I have a process that I
>>> can't kill since apparently the SIGKILL permission wasn't granted to
>>> it. How do I go about fixing that?
>>
>> You need to post the selinux denial message you're getting, so that we
>> can see what is trying to send a signal to what.
>>
>> Paul.
>>
> Duh. Sorry. I'm trying to do about a million things here. Here it is:
>
> Nov 8 10:34:26 localhost kernel: audit(1163000066.441:216): avc:
> denied { sigkill } for pid=28872 comm="bash"
> scontext=user_u:system_r:unconfined_t:s0
> tcontext=root:system_r:unconfined_t:s0-s0:c0.c255 tclass=process
>
> What I'm trying to kill is a perl script (rsnapshot).
Well that's a curious one. It would be allowed by policy here. Try
piping that error log entry through /usr/sbin/audit2why at your end.
Paul.
More information about the users
mailing list