-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 12/12/2013 01:49 PM, Peter wrote: > On 12/13/2013 02:45 AM, Daniel J Walsh wrote: > >> What SELInux issue did you have? What policy did you need to add? > > Unfortunately I've misplaced the audit logs and report of the problem, but > this is the policy I had to add: > > module mypol 1.0; > > require { type unconfined_t; type sshd_net_t; type kernel_t; class process > { dyntransition transition sigchld }; } > > #============= kernel_t ============== allow kernel_t sshd_net_t:process > dyntransition; allow kernel_t unconfined_t:process { dyntransition > transition }; > > #============= sshd_net_t ============== allow sshd_net_t kernel_t:process > sigchld; > > > Peter _______________________________________________ CentOS mailing list > CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos > I actually do not think you need these, these were all caused by the originally mislabeled system. If you remove your custom policy, I bet it will work fine. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.15 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEARECAAYFAlKqDGsACgkQrlYvE4MpobMHjwCg3cjJgnPgVLCzUltfgqr6zdeP Z5gAniUHm/Uuc2a7lRPTAjvUML8LVzbz =UNzS -----END PGP SIGNATURE----- _______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos