On Mon, 15 Jun 2009 13:47:08 +1000 Scott Radvan <sradvan@xxxxxxxxxx> wrote: > Hi list, > > > > As many of you know I am working on a Managing Confined Services guide > for Fedora. > > Having set up a simple squid environment on Fedora 11, with minimal > and default settings in squid.conf (http_port 3128 as allowed by > semanage, and a default cache_dir), I was able to create the cache > directory structure, but I got a denial when actually starting squid > for the first time (I assume this happens as it attempts to create > its pid in /var/run): What's happening here is a denial for *reading* /var/run/squid.pid, which is of type var_run_t. Now in Fedora 11 this file should be labelled squid_var_run_t, and that's what it is labelled on two Fedora 11 boxes freshly installed here. It seems there's a labelling problem on your system. Can you post the output of "ls -lZa /var/run"? Is your system a fresh install or an upgrade? Paul. -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list
