I am almost successfully using samba with selinux. I have run into a
problem with the smb.conf utmp parameter which causes login/logout
information to be written so commands such as who and last will display
samba users. With utmp enabled, I am getting the following in
/var/log/messages.
Apr 9 10:36:21 localhost kernel: audit(1144593381.511:447): avc: denied
{ read write } for pid=3934 comm="smbd" name="utmp" dev=dm-0 ino=3309575
scontext=root:system_r:smbd_t:s0
tcontext=system_u:object_r:initrc_var_run_t:s0 tclass=file
Apr 9 10:36:21 localhost kernel: audit(1144593381.511:448): avc: denied
{ read } for pid=3934 comm="smbd" name="utmp" dev=dm-0 ino=3309575
scontext=root:system_r:smbd_t:s0
tcontext=system_u:object_r:initrc_var_run_t:s0 tclass=file
Apr 9 10:36:21 localhost kernel: audit(1144593381.511:449): avc: denied
{ read write } for pid=3934 comm="smbd" name="utmp" dev=dm-0 ino=3309575
scontext=root:system_r:smbd_t:s0
tcontext=system_u:object_r:initrc_var_run_t:s0 tclass=file
Apr 9 10:36:21 localhost kernel: audit(1144593381.511:450): avc: denied
{ read } for pid=3934 comm="smbd" name="utmp" dev=dm-0 ino=3309575
scontext=root:system_r:smbd_t:s0
tcontext=system_u:object_r:initrc_var_run_t:s0 tclass=file
I believe that the utmp file is in /var/run. What can I enter to avoid
these messages per user connection and cause the logging to occur?
Mark Orenstein
East Granby School System
--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
