Huh, setenforce 0 seems to have no effect. I see this when I run it:
Sep 2 11:15:45 dumont kernel: audit(1125684945.038:24): avc: granted
{ setenforce } for pid=6453 comm="setenforce"
scontext=root:system_r:unconfined_t
tcontext=system_u:object_r:security_t tclass=security
.... but everthing remains broken the same way.
Stephen Smalley wrote:
On Fri, 2005-09-02 at 10:37 -0700, Ben wrote:
So last night I installed FC3, added Fedora Extras, and did a yum
update. Now I can't use any new users. Behold:
[root@dumont ~]# adduser nagios
[root@dumont ~]# su - nagios
Your default context is user_u:system_r:unconfined_t.
Do you want to choose a different one? [n]
could not open session
/var/log/messages has this to say about it:
Sep 2 17:34:21 dumont su[6229]: Warning! Could not relabel /dev/pts/4
with user_u:object_r:devpts_t, not relabeling.Operation not permitted
Something doesn't seem quite right, but I'm not sure what I'm missing.
Here's are the selinux packages I've got installed:
Hmmm...no avc messages in /var/log/messages prior to the warning?
Is it repeatable after /usr/sbin/setenforce 0?
--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
http://www.redhat.com/mailman/listinfo/fedora-selinux-list
