On Thu, 2006-06-29 at 17:13 -0400, Al Freundorfer wrote: > I set up xinetd to allow certian sites to connect to the server > thru /etc/xinetd.d/ssh. >> It works perfectly when I set selinux to permissive, but doesn't work when set >> to enforcing even though I have the box checked in system-config-security >> under selinux tab to allow ssh connection through inetd. >> >> Can anyone help me with this? > >Change back to permissive: > ># setenforce 0 > >Make a note of the exact time. > >Then try out a connection (which should work since you're in permissive >mode). > >Then look in your /var/log/messages or /var/log/audit/audit.log (if you >have one) for messages containing "type=AVC" after the time you did the >"setenforce". Post back here any that you find. > >Paul. Thanks for your help. This is what I got. selinux set to permissive: remote terminal attemped login: password: Authentication successful. Last login: Fri Jun 30 12:58:06 2006 from xx.xx.xx.xx [xxxxxxxx ~]$ /var/log/messages: Jun 30 13:04:42 local kernel: audit(1151687082.023:7): enforcing=0 old_enforcing=1 auid=4294967295 Jun 30 13:04:59 local kernel: audit(1151687099.076:8): avc: denied { entrypoint } for pid=2884 comm="sshd" name="bash" dev=dm-0 ino=49053782 scontext=user_u:system_r:amanda_t:s0 tcontext=system_u:object_r:shell_exec_t:s0 tclass=file Jun 30 13:04:59 local kernel: audit(1151687099.080:9): avc: denied { write } for pid=2884 comm="bash" name="7" dev=devpts ino=9 scontext=user_u:system_r:amanda_t:s0 tcontext=user_u:object_r:devpts_t:s0 tclass=chr_file Jun 30 13:04:59 local kernel: audit(1151687099.080:10): avc: denied { ioctl } for pid=2884 comm="bash" name="7" dev=devpts ino=9 scontext=user_u:system_r:amanda_t:s0 tcontext=user_u:object_r:devpts_t:s0 tclass=chr_file Jun 30 13:04:59 local kernel: audit(1151687099.084:11): avc: denied { execute } for pid=2888 comm="bash" name="hostname" dev=dm-0 ino=49053725 scontext=user_u:system_r:amanda_t:s0 tcontext=system_u:object_r:hostname_exec_t:s0 tclass=file Jun 30 13:04:59 local kernel: audit(1151687099.084:12): avc: denied { execute_no_trans } for pid=2888 comm="bash" name="hostname" dev=dm-0 ino=49053725 scontext=user_u:system_r:amanda_t:s0 tcontext=system_u:object_r:hostname_exec_t:s0 tclass=file Jun 30 13:04:59 local kernel: audit(1151687099.084:13): avc: denied { execute } for pid=2884 comm="bash" name="colorls.sh" dev=dm-0 ino=39026988 scontext=user_u:system_r:amanda_t:s0 tcontext=system_u:object_r:etc_t:s0 tclass=file _________________________________ selinux set to enforcing: remote terminal attemped login: password: Authentication successful. Last login: Fri Jun 30 12:49:57 2006 /bin/bash: Permission denied bash-2.03$ /var/log/messages: Jun 30 12:57:28 local kernel: audit(1151686648.208:4): enforcing=1 old_enforcing=0 auid=4294967295 Jun 30 12:58:06 local kernel: audit(1151686686.350:5): avc: denied { entrypoint } for pid=2627 comm="sshd" name="bash" dev=dm-0 ino=49053782 scontext=user_u:system_r:amanda_t:s0 tcontext=system_u:object_r:shell_exec_t:s0 tclass=file regards al -- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list