-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Shintaro Fujiwara wrote: > 2007/10/4, Daniel J Walsh <dwalsh@xxxxxxxxxx>: > Shintaro Fujiwara wrote: >>>> Thanks! Eric, >>>> but my version is F7 so I read both files. >>>> But no denied messages. >>>> It's strange and I don't understand why it >>>> woks on Default permissive, setenforce 1, >>>> and >>>> not works on Default enforcing, setenforce 0... >>>> >>>> And strange enough, maybe once in ten times it works >>>> even in Default enforcing... >>>> Also, sometimes does not work on Default permissive >>>> at all. >>>> >>>> I think some other reason... >>>> or >>>> I should relabel again. >>>> >>>> If it does not work, >>>> I manage Default permissive and setenforce 1 >>>> for a while. > Sound like something is being dontaudited. > > So this works with setenforce 0/Permissive mode > and Does not work with setenforce 1/Enforincing mode. > > >> I don't find an answer yet and enableaudit not yet but, >> I found weired thing that it's different when I login as non root user >> and su - between when I login as root. >> And once I fail using network I have to relabel everytime. >> I just want to make a SE-PostgreSQL machine for Kaigai for the conference >> and there are no time to analize but I will scrutinize it on Sunday after >> the conference maybe just doing enableaudit thing. >> I will give report on it and want to fix this problem forever :-) > Sounds like just /etc/resolv.conf is getting wrong context. You can just run restorecon -R -v /etc and it will probably fix your problem without a full relabel. >>>> Thanks! >>>> >>>> >>>> >>>> 2007/10/3, Eric Paris <eparis@xxxxxxxxxx>: >>>>> On Wed, 2007-10-03 at 02:03 +0900, Shintaro Fujiwara wrote: >>>>>> Hi, I'm having trouble on SELinux, I think. >>>>>> >>>>>> I bought an old note-pc, NEC Lavie M LM500/3. >>>>>> Manufactured in 2002. >>>>>> It has an network controller named "82551QM Fast Ethernet Controller". >>>>>> By that machine, >>>>>> I cannot connect network on targeted enforcing mode. >>>>>> eth0 rises up OK, but ping not reacheable. >>>>>> On disabled, yes. >>>>>> So, I thought it's a SELinux problem. >>>>>> No denied messages, so I have no clues. >>>>>> Not yet done enableaudit everything. >>>>>> I tried to install Intel driver but failed, >>>>>> echoed messages something like, >>>>>> no such file config.h... >>>>> My only thought is are you looking in the right place? denials may be >>>>> in /var/log/messages or in /var/log/audit/audit.log depending if the >>>>> audit subsystem is on. What version of Fedora are you running? >>>>> >>>>> /me bets on some mislabeled files from when you ran with selinux off, >>>>> but if you can find those denials that would help. >>>>> >>>>> -Eric >>>>> >>>>> >>>> -- >>>> fedora-selinux-list mailing list >>>> fedora-selinux-list@xxxxxxxxxx >>>> https://www.redhat.com/mailman/listinfo/fedora-selinux-list >> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iD8DBQFHBP0QrlYvE4MpobMRAljVAJ0YOXGXV1o+WAjKkK85Or0iRv4eWgCbBcti q1FvZmc0Sccbd9NaDynurio= =BnwD -----END PGP SIGNATURE----- -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list
