On Mon, May 10, 2004 at 04:04:04PM +0200, Leonard den Ottolander wrote: > Had to move in the /etc/security/selinux/policies because they were > created as .rpmnews. You had policy-sources installed as well? I think it's expected behaviour in that case (policy-sources' %post scriptlet generates them from source). > Root console login: > avc: denied { read } for pid=1559 exe=/bin/login > name=.default_contexts dev=hda2 ino=437194 > scontext=system_u:system_r:local_login_t > tcontext=root:object_r:staff_home_dir_t tclass=file Looks like /root/.default_contexts has the wrong file context. Try after running restorecon on it. > ssh login and su - : > avc: denied { read } for pid=3489 exe=/bin/su name=.default_contexts > dev=hda2 ino=437194 scontext=user_u:user_r:user_su_t > tcontext=root:object_r:staff_home_dir_t tclass=file > avc: denied { getattr } for pid=3489 exe=/bin/su > path=/root/.default_contexts dev=hda2 ino=437194 > scontext=user_u:user_r:user_su_t tcontext=root:object_r:staff_home_dir_t > tclass=file See above. > avc: denied { add_name } for pid=3489 exe=/bin/su name=.xauthrQsUjb > scontext=user_u:user_r:user_su_t tcontext=root:object_r:staff_home_dir_t > tclass=dir > avc: denied { create } for pid=3489 exe=/bin/su name=.xauthrQsUjb > scontext=user_u:user_r:user_su_t > tcontext=user_u:object_r:staff_home_dir_t tclass=file > avc: denied { setattr } for pid=3489 exe=/bin/su name=.xauthrQsUjb > dev=hda2 ino=437207 scontext=user_u:user_r:user_su_t > tcontext=user_u:object_r:staff_home_dir_t tclass=file This is in bugzilla already: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=120108 Tim. */
Attachment:
pgpS8dzF79sOB.pgp
Description: PGP signature