On Tue, 11 Jun 2013, Daniel J Walsh wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On 06/10/2013 03:31 PM, Michael Hennebry wrote: >> On Mon, 10 Jun 2013, m.roth@xxxxxxxxx wrote: >> >>> Michael Hennebry wrote: >>>> On Mon, 10 Jun 2013, Michael Hennebry wrote: >>>>> On Mon, 10 Jun 2013, m.roth@xxxxxxxxx wrote: >>>>>> Michael Hennebry wrote: >>>>>>> On Mon, 10 Jun 2013, m.roth@xxxxxxxxx wrote: >>>>>>>> Frank Cox wrote: >>>>>>>>> On Mon, 10 Jun 2013 12:15:15 -0500 (CDT) Michael Hennebry >>>>>>>>> wrote: >>> <snip> >>> >>>>>>>> And I trust the filesystem isn't full? Or is selinux >>>>>>>> enforcing? >>>>>>> >>>>>>> The filesystem is not full the workaround works. selinux is set >>>>>>> for enforcing. [hennebry@96-18-56-186 t2]$ ls -Zd /tmp >>>>>>> drwxrwxrwt. root root system_u:object_r:tmp_t:s0 /tmp >>>>>>> >>>>>>> I had no trouble making the absent directory. >>>>>> >>>>>> Ahhhh... were there any selinux AVCs from when you tried to save >>>>>> before? >>> <snip> >>>> [root@96-18-56-186 ~]# grep AVC /var/log/audit/audit.log >>>> [root@96-18-56-186 ~]# grep type= /var/log/audit/audit.log | wc 3571 >>>> 52375 814962 >>> >>> ARGH!!! 3571 AVC's.... You need to find out what they're telling you, >>> and >> >> No AVC's at all. The first grep came up empty. I just put in type= to >> demonstrate that I was getting selinux messages. >> >>> fix that, a combination of setsebool, semanage -P <whatever>/restorecon >>> -v <whatever>, and/or grep -i avc | tail 100 | audit2allow to show you >>> what it would do, and check the manpage for audit2allow to get the flags >>> right to create a module that you can then load, as per the examples in >>> the manpage. > There are lots of messages in the audit.log that are not related to SELinux > error messages that have type=. > > > ausearch -m avc,user_avc > > WIll show you all AVC messages. >From ausearch, I have AVC messages now, but they are all from May or from after I posted about evince. I do not understand why I did not find the May ones with grep. grep still only gives me 7, the ones from June, and does ont give me times, even when I use -e time in the command line. >From gview, .../audit.log does not contain an explicit time. Is it encoded somehow? -- Michael hennebry@xxxxxxxxxxxxxxxxxxxxx "On Monday, I'm gonna have to tell my kindergarten class, whom I teach not to run with scissors, that my fiance ran me through with a broadsword." -- Lily _______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos