Bind & selinux
Daniel J Walsh
dwalsh at redhat.com
Mon Dec 4 20:42:04 UTC 2006
olga at urbantimes.net wrote:
> Hi,
>
> I just configured named to run on a machine with selinux enabled. But for
> some reason I can't start/restart named from an ssh session. Gives me the
> following error:
>
> host1 kernel: audit(1165261031.810:23): security_compute_sid: invalid
> context root:sysadm_r:named_t for scontext=root:sysadm_r:initrc_t
> tcontext=system_u:object_r:named_exec_t tclass=process
> Dec 4 13:37:11 host1 named: execvp: Permission denied
> Dec 4 13:37:11 host1 named: named startup failed
>
> However, I can start it from the X session at the server. Named starts
> fine without any errors.
>
> Do I need to configure ssh in this case? Or tweak named further?
>
> Thank you.
>
> Olga
>
>
Try run_init named start
You are being bitten by RBAC. sysadm_r is not allowed to transition to
named_t.
More information about the fedora-list
mailing list