rsync (ssh) authorisation weirdness on F18
Gordon Messmer
yinyang at eburg.com
Mon Jan 28 09:36:23 UTC 2013
On 01/28/2013 12:54 AM, William Murray wrote:
> Thanks, thats it. I put selinux on permissive in the
> client, and got 258 selinux warnings, but my files are backed up again.
>
> I tidied a lot like this:
> grep rsync /var/log/audit/audit.log | audit2allow -M mypol
Don't do that. I see something like that frequently given as advice for
generating a policy, but it'll only work if rsync is the only thing
that's being denied (or something else in an rsync context). From your
original email, you're probably seeing at least one denial to ssh in
NetworkManager's context.
Instead, put selinux into permissive mode. Rotate the audit log, or
just use 'tail -f audit.log > mypol.avcs'. Run through all of the
things that need to happen during normal operation. When that's done,
you can use mypol.avcs or the rotated audit.log to generate the new policy.
> setsebool -P rsync_export_all_ro 1
That's only necessary if you're running rsyncd, which I think you're not.
More information about the users
mailing list