Bind & selinux

olga at urbantimes.net olga at urbantimes.net
Mon Dec 4 21:33:33 UTC 2006


> olga at urbantimes.net wrote:
>> Hi,
>>
>> I just configured named to run on a machine with selinux enabled. But
>> for
>> some reason I can't start/restart named from an ssh session. Gives me
>> the
>> following error:
>>
>> host1 kernel: audit(1165261031.810:23): security_compute_sid:  invalid
>> context root:sysadm_r:named_t for scontext=root:sysadm_r:initrc_t
>> tcontext=system_u:object_r:named_exec_t tclass=process
>> Dec  4 13:37:11 host1 named: execvp: Permission denied
>> Dec  4 13:37:11 host1 named: named startup failed
>>
>> However, I can start it from the X session at the server. Named starts
>> fine without any errors.
>>
>> Do I need to configure ssh in this case? Or tweak named further?
>>
>> Thank you.
>>
>> Olga
>>
>>
> Try run_init named start
>
> You are being bitten by RBAC.  sysadm_r is not allowed to transition to
> named_t.
>

Actually I can't seem to start any services from an ssh session. They
start fine from the server.

run_init command didn't work.

Any suggestions?




More information about the fedora-list mailing list