-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 12/12/2013 01:49 PM, Peter wrote:
> On 12/13/2013 02:45 AM, Daniel J Walsh wrote:
>
>> What SELInux issue did you have? What policy did you need to add?
>
> Unfortunately I've misplaced the audit logs and report of the problem, but
> this is the policy I had to add:
>
> module mypol 1.0;
>
> require { type unconfined_t; type sshd_net_t; type kernel_t; class process
> { dyntransition transition sigchld }; }
>
> #============= kernel_t ============== allow kernel_t sshd_net_t:process
> dyntransition; allow kernel_t unconfined_t:process { dyntransition
> transition };
>
> #============= sshd_net_t ============== allow sshd_net_t kernel_t:process
> sigchld;
>
>
> Peter _______________________________________________ CentOS mailing list
> CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos
>
I actually do not think you need these, these were all caused by the
originally mislabeled system. If you remove your custom policy, I bet it will
work fine.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.15 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iEYEARECAAYFAlKqDGsACgkQrlYvE4MpobMHjwCg3cjJgnPgVLCzUltfgqr6zdeP
Z5gAniUHm/Uuc2a7lRPTAjvUML8LVzbz
=UNzS
-----END PGP SIGNATURE-----
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
