Daniel J Walsh <dwalsh@xxxxxxxxxx> writes:
> On 11/05/2012 04:59 PM, lee wrote:
>> Daniel J Walsh <dwalsh@xxxxxxxxxx> writes:
>>
>>> On 11/05/2012 04:35 AM, lee wrote:
>>>> Hi,
>>>>
>>>> it seems that selinux gets in the way of my self-compiled emacs when
>>>> gnus is trying to get mails from /var/spool/mail/lee. Movemail isn't
>>>> permitted to get the mail from there. I have tried to adjust the file
>>>> permissions on movemail, and it's like this now:
>>>>
>>>>
>>>> -bash-4.2$ ls -laZ
>>>> /usr/local/libexec/emacs/24.2.50/x86_64-unknown-linux-gnu/movemail
>>>> -rwxr-xr-x. root root system_u:object_r:bin_t:s0
>>>> /usr/local/libexec/emacs/24.2.50/x86_64-unknown-linux-gnu/movemail
>>>> -bash-4.2$ ls -laZ
>>>> /usr/libexec/emacs/24.1/x86_64-redhat-linux-gnu/movemail -rwxr-xr-x.
>>>> root root system_u:object_r:bin_t:s0
>>>> /usr/libexec/emacs/24.1/x86_64-redhat-linux-gnu/movemail
>>>>
>>>>
>>>> The version of emacs that is in Fedora works, though I'd rather use my
>>>> self-compiled version because there have been bug fixes to gnus which
>>>> might not be in emacs 24.1.
>>>>
>>>> What am I missing?
>>>
>>> Please attach the AVC Messages.
>>>
>>> ausearch -m avc -ts recent
>>
>> That shows no matches. "ausearch -m avc" shows a lot of messages, the last
>> one being:
>>
>>
>> time->Mon Nov 5 21:34:33 2012 type=SYSCALL msg=audit(1352147673.756:131):
>> arch=c000003e syscall=59 success=no exit=-13 a0=238867e a1=7fff1f776498
>> a2=23909b0 a3=6 items=0 ppid=976 pid=1001 auid=1000 uid=1000 gid=1000
>> euid=1000 suid=1000 fsuid=1000 egid=1000 sgid=1000 fsgid=1000 tty=tty1
>> ses=6 comm="login" exe="/usr/bin/login" subj=system_u:system_r:kernel_t:s0
>> key=(null) type=AVC msg=audit(1352147673.756:131): avc: denied {
>> entrypoint } for pid=1001 comm="login" path="/usr/bin/bash"
>> dev="cciss!c0d0p2" ino=1310967
>> scontext=unconfined_u:system_r:abrt_helper_t:s0-s0:c0.c1023
>> tcontext=system_u:object_r:file_t:s0 tclass=file
>>
>>
>> There don't seem to be any messages mentioning movemail: "ausearch -m all
>> |grep movemail" returns nothing. I can't try it again atm because I moved
>> the installation to a different disk and didn't keep /usr/local where the
>> self-compiled emacs was installed. The move caused more problems with
>> rights and I better fix those first ...
>>
>
>
> file_t means you have a file or file system without labels. You need to fix
> the labeling on your machine.
Labels?
> touch /.autorelabel; reboot
>
> Will label the entire machine. If you just put a disk in from another machine
> you could just run restorecon on that disk.
Yes, /usr/local and /home have been taken over from Debian. Hmm, there
is also "fixfiles" ... That could take a while because I have almost
600k files on /home --- but I'll try it, might be my best option with
rights messed up now.
Will they be labled correctly automatically from now on? Like when I
compile and install something on /usr/local, do I need to somehow set
the labels or don't I have to worry about it?
--
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org
