On Mon, 2008-12-15 at 20:52 -0500, Tom Lane wrote:
> "Jerry Amundson" <jamundso@xxxxxxxxx> writes:
> > In case it was missed, note jkeating's very recent post "Coordination
> > of updates and reading of bodhi comments".
>
> Yeah, that may explain it. At first I didn't think it was selinux,
> because of the lack of any selinux complaints in my logs. However,
> looking back to the last boot found
>
> Dec 14 19:21:46 rh2 rpcbind: setgid to 'rpc' (32) failed: Operation not permitted
> Dec 14 19:21:48 rh2 setroubleshoot: SELinux is preventing rpcbind (rpcbind_t) "setgid" rpcbind_t. For complete SELinux messages. run sealert -l 2e7e0f7b-d206-4999-a02c-91bf0cc9d1e2
>
> For anyone who needs a fix right now, I can confirm that reverting
> rpcbind to rpcbind-0.1.4-14.fc9 (the latest prior version I could find
> on the download servers) makes the NFS and AFP problems go away.
>
> regards, tom lane
>
I'm not sure if he fix for this is in the SELinux policy package yet but
if you don't want to revert your rpcbind package this policy module
should be a temporary fix.
policy_module(myrpcbind, 1.0)
require {
type rpcbind_t;
}
allow rpcbind_t self:capability setgid;
1) Create directory, enter directory, and copy the policy module into
myrpcbind.te in that directory.
2) make -f /usr/share/selinux/devel/Makefile
3) as root /usr/sbin/semodule -i myrpcbind.pp
Dave
--
fedora-devel-list mailing list
fedora-devel-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-devel-list
