On Tue, 20 Mar 2007, Brett Serkez wrote:
Just prior to the time change, I made sure that ntpd and my timezone
files were properly setup. Since this time, I've noticed the
following errors:
audit(1173310084.404:5): avc: denied { read } for pid=8634
comm="ntpd" name="unexpected.tdb" dev=md1 ino=147662
scontext=root:system_r:ntpd_t tcontext=root:object_r:samba_var_t
tclass=file
I've not successfully (so far) been able to find the selinux setting
that is denying this access. I am running a reasonably standard
(i.e. minimally customized) CentOS V4.4 system and have to believe
there is a general change that should be made.
I don't know why ntpd would need to read that particular samba file,
but if you really want to know how to allow that operation...
First, ensure selinux-policy-targeted-sources package is installed.
Then create and activate your policy mod (this is done off the top of
my head -- test it first!):
# get into place
cd /etc/selinux/targeted/src/policy
# edit/create local.te
echo \
"allow ntpd_t samba_var_t:file { read };" \
>>domains/misc/local.te
# reload it
make reload
If you'd rather just get rid of the warnings without allowing ntpd
access to samba's /var files, then try the dontaudit macro in your
local.te file instead:
dontaudit ntpd_t samba_var_t:file { read };
--
Paul Heinlein <> heinlein@xxxxxxxxxx <> www.madboa.com
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
