On Mon, 24 Jan 2005 15:02:22 -0500, Daniel J Walsh <dwalsh@xxxxxxxxxx> wrote:
> Can you try a
> make -C /etc/selinux/targeted/src/policy load
>
Sorry, no soap. :-(
Here's a log:
[root@tlondon ~]# cd /etc/selinux/targeted
[root@tlondon targeted]# cd src/policy
[root@tlondon policy]# make -C /etc/selinux/targeted/src/policy load
make: Entering directory `/etc/selinux/targeted/src/policy'
/usr/sbin/load_policy /etc/selinux/targeted/policy/policy.18
touch tmp/load
make: Leaving directory `/etc/selinux/targeted/src/policy'
[root@tlondon ~]# cd /etc/init.d
[root@tlondon init.d]# ./crond status
crond is stopped
[root@tlondon init.d]# ./crond start
Starting crond: /etc/init.d/functions: line 148: /usr/sbin/crond:
Permission denied
[FAILED]
[root@tlondon init.d]#
Here's the AVC:
Jan 25 07:38:17 localhost kernel: audit(1106667497.815:0):
security_compute_sid: invalid context root:system_r:crond_t for
scontext=root:system_r:initrc_t
tcontext=system_u:object_r:crond_exec_t tclass=process
tom
--
Tom London
