Selinux and K9copy

Rick Stevens rstevens at vitalstream.com
Fri Dec 8 01:23:48 UTC 2006 

On Thu, 2006-12-07 at 18:03 -0500, jim tate wrote:
> Rick Stevens wrote:
> > On Thu, 2006-12-07 at 16:21 -0500, jim tate wrote:
> >   
> >> Running tail -f /var/log/messages
> >> When I execute "k9copy" w/o quotes , I get the log in /var/log/messages. 
> >> Same happens when running
> >> as SU or user.
> >>  From What I can see , I'm having problems with Selinux. How do I fix 
> >> it? Relabel etc etc
> >>
> >> Dec 7 12:22:35 sysresccd kernel: audit(1165512155.670:17): avc: denied { 
> >> execmod } for pid=32642 comm="k9copy" name="libk9copy.so.0.0.0" dev=hda1 
> >> ino=3892747 scontext=user_u:system_r:unconfined_t:s0 
> >> tcontext=system_ubject_r:lib_t:s0 tclass=file
> >> Dec 7 12:22:36 sysresccd kernel: pci_set_power_state(): 0000:02:08.0: 
> >> state=3, current state=5
> >>     
> >
> > If you save the relative entries to a text file somewhere and run
> > "audit2why <name-of-text-file", it'll give you some suggestions.
> >   
> >> Jim
> >>
> >>     
> > ----------------------------------------------------------------------
> > - Rick Stevens, Senior Systems Engineer     rstevens at vitalstream.com -
> > - VitalStream, Inc.                       http://www.vitalstream.com -
> > -                                                                    -
> > -         "OK, so you're a Ph.D. Just don't TOUCH anything!"         -
> > ----------------------------------------------------------------------
> >
> >   
> 
> If you save the relative entries to a text file somewhere and run
> "audit2why <name-of-text-file", it'll give you some suggestions.
> 
> 
> I put the error message in a text file named selinux and run   # 
> /usr/sbin/audit2why selinux
> 
> Is that what you where suggesting?

Actually:

	/usr/sbin/audit2why <selinux

You must use the "<" redirection.  Alternately, you can

	cat selinux | /usr/sbin/audit2why

The reason is that audit2why needs the data on stdin.

----------------------------------------------------------------------
- Rick Stevens, Senior Systems Engineer     rstevens at vitalstream.com -
- VitalStream, Inc.                       http://www.vitalstream.com -
-                                                                    -
-                 IGNORE that man behind the keyboard!               -
-                                                - The Wizard of OS  -
----------------------------------------------------------------------

More information about the fedora-list mailing list