Two issues

[Daniel J Walsh]

Richard Irving wrote:
> Well, this is a near virgin install of FC5.....
>
Please yum update to get to the latest SELinux tool chain and policy.  
Lots of bug fixes have gone in.
There is a boolean to allow ftp to access users homedirectories which 
you could set

setsebool -P ftp_home_dir=1

> (Actually, it *is* virgin)
>
>   It is a bit cumbersome to hand audit, and create policy without 
> audit2allow  to predigest it...
>
> Worse, without the AVC's making it to actual logging, it is a silent 
> death, in terms of knowing *what* has failed, and why...
The dbus avc message is not that important.  It is basically saying 
userspace dbus can not send audit messages.  This fix is too stop 
trying, in userspace. 

Regular avc message should be going to /var/log/messages or 
/var/log/audit/audit.log
>
>  Any known work around ?
>
>  Carnac, I am not....
>
>
> TIA!
>
> Steve G wrote:
>>> Not certain about this one, although I recall issues with the session
>>> dbus (which runs with the user's identity, not as root) not being able
>>> to generate audit messages in the past.  Steve?
>>
>> Yes, true. This was fixed in rawhide/fc6. Not sure if it'll be 
>> backported. In
>> theory, it could be.
>>
>> -Steve
>>
>> __________________________________________________
>> Do You Yahoo!?
>> Tired of spam?  Yahoo! Mail has the best spam protection around 
>> http://mail.yahoo.com 
>
> -- 
> fedora-selinux-list mailing list
> fedora-selinux-list at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-selinux-list