Can't boot FC4;avc denied error message
David Desscan
ddesscan at gmail.com
Fri Aug 4 02:25:36 UTC 2006
Hi Tod
Hi David,
>
> Do hope I indeed was helpful.
>
Yes you were very helpful. I didn't know how to check SElinux labels. I am
quite confused about how it works. I have downloaded the manual which comes
with RHEL 4 to read about it. I've set it to permissive mode as suggested
by Stephen Smalley and would have a look at the logs later. I'll definitely
enable it again after getting a good understanding of its security model.
The end of Stephen Smalley's response I would spend some time on (might
> well explain the hotplug thing).
>
I know that tmpfs is a Virtual filesystem managed by the kernel. My kernel
has been updated but I don't know whether this may have been the cause of
this avc denied and preventing my system from booting. Then would a touch
./autorelabel relabel it? Kernel version could also be the problem since it
manages tmpfs. I don't know yet how to check the policy version applied to
my system.
Apparently other users of FC have also noted this avc hotplug denied. You
mentioned "scaling_governor:userspace for hotplug. Is that what I should
get for hotplug label?
Have you used fixfiles or touch /.autorelabel to relabel the entire
filesystem? I am thinking whether the new compilation and installation of
tcp_wrappers and openssh can cause problems with the SElinux security policy
applied to the versions integrated with FC4?
> You might also consider doing an update.
>
> Good hunting!
>
Yes indeed, there are lots to learn about SElinux security model.
>
> Tod
>
Rgds
David
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/fedora-list/attachments/20060804/170e7466/attachment-0001.htm>
More information about the fedora-list
mailing list