On Mon, 2005-12-12 at 10:30 -0700, Lamont R. Peterson wrote:
> On Monday 12 December 2005 05:55am, Craig White wrote:
> > from /var/log/messages
> >
> > Dec 12 05:11:48 srv1 named[18083]: /var/named/clsurvey.com.hosts.jnl:
> > create: permission denied
>
> Have you flipped the named_write_master_zones boolean?
----
I haven't done anything other than create the entries that I listed in
local.te and reload the policy. How do I 'flipp the
named_write_master_zones boolean?
----
>
> > Dec 12 05:11:48 srv1 kernel: audit(1134389508.478:0): avc: denied
> > { add_name } for pid=18084 comm=named name=clsurvey.com.hosts.jnl
> > scontext=root:system_r:named_t tcontext=system_u:object_r:named_zone_t
> > tclass=dir
> >
> > Dec 12 05:11:48 srv1 named[18083]: client 192.168.1.1#33259: updating
> > zone 'clsurvey.com/IN': error: journal open failed: unexpected error
> >
> > I have added to /etc/selinux/targeted/src/policy/domains/local.te
> > allow named_t named_zone_t:dir write;
> >
> > and then make reload but the problem doesn't go away.
> >
> > Suggestions?
> >
> > Thanks
>
> HTH.
----
it just pointed out another of the infinite things I don't understand.
Thanks
Craig
--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
