Hi, I'm seeing messages similar to the following for a number of services on a recently updated Centos 6.4 system. I can generate local policies for each service but is there some boolean which can affecdt this sys_admin capability. Mar 9 12:45:10 youngmunster setroubleshoot: SELinux is preventing /usr/sbin/nmbd from using the sys_admin capability. For complete SELinux messages. run sealert -l 5a37dd50-b60c-4a1c-b97d-6d62baeee33a [root@youngmunster ~]# sealert -l 5a37dd50-b60c-4a1c-b97d-6d62baeee33a SELinux is preventing /usr/sbin/nmbd from using the sys_admin capability. ***** Plugin catchall (100. confidence) suggests *************************** If you believe that nmbd should have the sys_admin capability by default. Then you should report this as a bug. You can generate a local policy module to allow this access. Do allow this access for now by executing: # grep nmbd /var/log/audit/audit.log | audit2allow -M mypol # semodule -i mypol.pp Thanks, Tony -- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/selinux
