-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 01/28/2013 04:36 AM, Gordon Messmer wrote: > On 01/28/2013 12:54 AM, William Murray wrote: >> Thanks, thats it. I put selinux on permissive in the client, and got 258 >> selinux warnings, but my files are backed up again. >> >> I tidied a lot like this: grep rsync /var/log/audit/audit.log | >> audit2allow -M mypol > > Don't do that. I see something like that frequently given as advice for > generating a policy, but it'll only work if rsync is the only thing that's > being denied (or something else in an rsync context). From your original > email, you're probably seeing at least one denial to ssh in > NetworkManager's context. > > Instead, put selinux into permissive mode. Rotate the audit log, or just > use 'tail -f audit.log > mypol.avcs'. Run through all of the things that > need to happen during normal operation. When that's done, you can use > mypol.avcs or the rotated audit.log to generate the new policy. > >> setsebool -P rsync_export_all_ro 1 > > That's only necessary if you're running rsyncd, which I think you're not. Rsync fighting SELinux seems to be a common problem lately. I blogged on this a week or so ago. http://danwalsh.livejournal.com/61646.html -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.13 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEARECAAYFAlEGlGkACgkQrlYvE4MpobMoWwCgiGg0G/0BZ+I+MIFpvMRucUKH 0jAAnRRgX+XpwIUNwiIab87yDKzAqhdD =DTU5 -----END PGP SIGNATURE----- -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
