On Thursday 10 December 2009 17:28:45 Bob McConnell wrote:
> I have recently been told I will have to maintain some CentOS servers at
> work. Since I have only been using Slackware for the last 16 years, I
> decided to install CentOS on one of my servers at home to get an idea of
> the differences. I installed CentOS 5.4 from CD with no problems, did a
> yum update, set up a couple of samba shares and started to copy over
> some files from one of my other servers.
>
> Everything looks ok, but I keep seeing this message on the active
> console. I have no idea where it comes from nor what it means.
>
> type=1400 audit(1260446462.444:9): avc: denied { getattr } for pid=2200
> comm="smbd" path="/proc/sys/fs/binfmt_misc" dev=binfmt_misc ino=4348
> scontext=root:system_r:smbd_t:s0
> tcontext=system_u:object_r:binfmt_misc_fs_t:s0 tclass=dir
>
> What is it, what is triggering it and how do I fix it?
>
It's a selinux denial. Selinux is permissive/enforcing on the system.
# sestatus
will tell you which.
It's got something to do with samba "comm="smbd""
trying to access the file "path="/proc/sys/fs/binfmt_misc"" Don't know why it
would want to do that.
Try this
# sealert -b
This will dispaly all the AVC's graphically. Look for one from smbd. This
will give you the full AVC and possibly suggest a way to fix it.
Tony
> Thanks,
>
> Bob McConnell
> N2SPP
> _______________________________________________
> CentOS mailing list
> CentOS@xxxxxxxxxx
> http://lists.centos.org/mailman/listinfo/centos
--
Dept. of Comp. Sci.
University of Limerick.
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
