First selinux problem, help!
Mark Haney
mhaney at ercbroadband.org
Wed Nov 8 16:36:35 UTC 2006
M A Young wrote:
> On Wed, 8 Nov 2006, Paul Howarth wrote:
>
>> Mark Haney wrote:
>>
>>> Nov 8 10:34:26 localhost kernel: audit(1163000066.441:216): avc:
>>> denied { sigkill } for pid=28872 comm="bash"
>>> scontext=user_u:system_r:unconfined_t:s0
>>> tcontext=root:system_r:unconfined_t:s0-s0:c0.c255 tclass=process
>>>
>>> What I'm trying to kill is a perl script (rsnapshot).
>>>
>> Well that's a curious one. It would be allowed by policy here. Try
>> piping that error log entry through /usr/sbin/audit2why at your end.
>>
>
> You are trying to send the signal as root (ie. it is worth double checking
> you aren't doing something that ordinary linux would block)?
> It may also be worth checking what selinux type you are running - for most
> circumstances "targeted" is the right choice - the other options "strict"
> and "mls" are probably too paranoid for most purposes.
>
> Michael Young
>
>
Yes, I'm trying to send the signal as root. The process itself is owned
and run by root, so I don't think that should be a problem. As for
which type of selinux I'm running, how do I check that? I'm pretty sure
I'm using targeted, but can't say for certain.
--
Ceterum censeo, Carthago delenda est.
Mark Haney
Sr. Systems Administrator
ERC Broadband
(828) 350-2415
More information about the users
mailing list