-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 08/16/2012 01:49 PM, John.Florian@xxxxxxxx wrote:
> My $HOME is (normally) mounted with autofs via NFS, but with F18 I am
> seeing this in my audit.log:
>
> type=AVC msg=audit(1345138563.576:2652): avc: denied { block_suspend }
> for pid=3708 comm="sssd_nss" capability=36
> scontext=system_u:system_r:sssd_t:s0 tcontext=system_u:system_r:sssd_t:s0
> tclass=capability2
>
> I briefly looked for new SE bools with:
>
> # getsebool -a | egrep 'sssd|nss' authlogin_nsswitch_use_ldap --> off
>
> That one didn't quite sound right, but I toggled it anyway, but still no
> luck. To verify basic setup, I 'setenforce 0' and tried ssh again to see if
> $HOME would be mounted this time. Still no luck, so as root, I manually
> tried the mount under /tmp and that did work, but also generated:
>
> type=AVC msg=audit(1345139104.567:2687): avc: denied { block_suspend }
> for pid=4084 comm="rpc.idmapd" capability=36
> scontext=system_u:system_r:rpcd_t:s0 tcontext=system_u:system_r:rpcd_t:s0
> tclass=capability2
New access.
Fixed in selinux-policy-3.11.1-9.fc18.noarch
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAlAtPRgACgkQrlYvE4MpobOmvQCfUbTkGWNBF/cs8VbZ9rhRfoXe
pP4An3RrNxozSUrKZl/t4cgSKykqdaPU
=ejkU
-----END PGP SIGNATURE-----
--
test mailing list
test@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe:
https://admin.fedoraproject.org/mailman/listinfo/test
