Re: Odd failure of smbd to start from init.d - CentOS 5.4 - it's that fine SELinux

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



On May 25, 2010, at 8:25 PM, Whit Blauvelt <whit@xxxxxxxxxxxxx> wrote:

> On Tue, May 25, 2010 at 07:55:12PM -0400, Whit Blauvelt wrote:
>> On Tue, May 25, 2010 at 04:33:53PM -0700, Jerry Franz wrote:
>>
>>> Are you running with SELinux on?
>
> You were right Jerry!
>
> echo 0 > /selinux/enforce
>
> and then /etc/init.d/smb restart works! Thank you much Jerry!
>
> Now why doesn't that fine piece of government work, selinux, do  
> something
> standard and useful like log when it's instituting breakage?? I get  
> that
> it's doing it "for your own good," but what good is it if it doesn't  
> tell
> you what it's doing? The _first place_ I looked when we ran into this
> problem was the logs. Nada. Zilch.
>
> Programs that try to be smarter than the root user are annoying  
> enough.
> Programs that do that and don't try to educate the root user while  
> they're
> doing it are worse. There are standards for logging. Selinux is  
> ignoring
> them. If it's going to be breaking stuff by default, and failing to  
> log the
> breakage by default, that's not remotely good. Yet that's how CentOS
> installs it. Are we downstream of some Redhat brilliance here?

Selinux alerts are in /var/log/audit/audit.log

The problem is if smbd doesn't create the messages.tdb file then it  
won't have the selinux rights.

That file can be deleted and will be recreated on smbd start, it's  
just a cache file.

-Ross

_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos


[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux