Re: SELinux on Wheezy

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Mon, 2012-02-06 at 08:17 -0800, C.J. Adams-Collier KF7BMP wrote:
> On Mon, 2012-02-06 at 10:39 -0500, Stephen Smalley wrote:
> > On Sun, 2012-02-05 at 20:26 -0800, C.J. Adams-Collier KF7BMP wrote:
> > > Hey folks,
> > > 
> > > I brought up a wheezy install on an alternate lvm root a couple of weeks
> > > ago.  I turned SELinux on shortly thereafter.  I think I updated my
> > > kernel, and now X won't start.  Could someone look at these logs with me
> > > and help figure out what's going on?  Something showed up during boot
> > > that said something about updating labels, but I didn't capture it.
> > > Where should I look to find these boot logs, do you think?
> > > 
> > > http://www.colliertech.org/federal/nsa/selinux-20120205T2023PST.log
> > 
> > Are there any avc denials?  If running auditd, then use ausearch -m AVC.
> > Otherwise grep for avc: in your messages file or dmesg output.
> > 
> > What does sestatus report?
> 
> Thank you for your quick response, Stephan.
> 
> I'm using Evolution as my MUA and haven't got mutt set up on the new
> system yet, so email and selinux are currently mutually exclusive.  I've
> saved this email to a text file and will re-start the kernel with
> selinux enabled, run these commands > log and re-boot.  I'm waiting on a
> ferry that leaves in 15 minutes, so I won't have the results until I get
> to my desk in Seattle after noon (-0800).
> 
> C.J.

Stephen,

Here are the logs you requested:

http://www.colliertech.org/federal/nsa/avc-20120206T090101.log

http://www.colliertech.org/federal/nsa/sestatus-20120206T090618.log

It seems to me that the Debian SELinux docs could use some improvement.
To this end, I have submitted an application to join the SELinux project
on Alioth.  I will probably make some updates to the wiki pages as well.

I am going to install the packages which provide the tools you and
Dominick recommended this morning and dig a little deeper as time
permits.

Thank you again for taking the time to help me through this.

C.J.

Attachment: signature.asc
Description: This is a digitally signed message part

[Index of Archives]     [Selinux Refpolicy]     [Linux SGX]     [Fedora Users]     [Fedora Desktop]     [Yosemite Photos]     [Yosemite Camping]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux