FC5 services that will not start

Paul Howarth paul at city-fan.org
Mon Jun 26 15:10:29 UTC 2006 

Chris Jones wrote:
> Paul Howarth wrote:
>> Chris Jones wrote:
>>> Paul Howarth wrote:
>>>> On Sun, 2006-06-25 at 23:16 +0100, Chris Jones wrote:
>>>>  
>>>>> I am using FC5 on a generic Athlon x64 PC. I am having problems 
>>>>> with several services.
>>>>>
>>>>> 1. Dovecot refuses to start. When I attempt to start the service I 
>>>>> get a message in /var/log/messages as follows:
>>>>> Jun 25 23:05:38 bilbo kernel: audit(1151273138.255:415): avc:  
>>>>> denied  { create } for  pid=1480 comm="dovecot" 
>>>>> scontext=user_u:system_r:dovecot_t:s0 
>>>>> tcontext=user_u:system_r:dovecot_t:s0 tclass=socket
>>>>>
>>>>> Can anyone here give me a hint on what I need to do to get this 
>>>>> working? >From the log message, this seems to be something to do 
>>>>> with selinux.
>>>>>     
>>>>
>>>> Indeed it is. Some more diagnostic info would be useful. Can you post
>>>> the output of:
>>>>
>>>> # ausearch -a 415
>>>>   
>>> produces the output >
>>> [root at bilbo network-scripts]# ausearch -a 415
>>> -bash: ausearch: command not found
>>>
>>> Clearly, I am missing this application. Where should it be? Which RPM?
>>
>> It's in the "audit" package.
>>
> Now when I run this, I get the following response:>
> [root at bilbo network-scripts]# ausearch -a 415
> <no matches>

Have you rebooted since the error happened?

Try this instead:

# fgrep 1151273138.255:415 /var/log/messages

>>>>> 2. On Samba, I experience a different, but possibly related 
>>>>> problem. Samba starts, but I see the following message in the log 
>>>>> every few minutes:
>>>>>
>>>>> Jun 25 23:09:25 bilbo smbd[1502]:   Denied connection from  
>>>>> (192.168.0.5)
>>>>> Jun 25 23:11:50 bilbo smbd[1513]: [2006/06/25 23:11:50, 0] 
>>>>> lib/access.c:check_access(328)
>>>>>
>>>>> The other PC referred to in the log message is unable to even see 
>>>>> the linux share.
>>>>>
>>>>> Any help here would be greatly appreciated.
>>>>>     
>>>>
>>>> Do you have a "hosts allow" line in /etc/samba/smb.conf ?
>>>>   
>>> Yes. it reads >     hosts allow = 192.168.0 127.
>>> which has always worked in the past.
>>
>> Try this:
>> hosts allow = 192.168.0. 127.
> 
> I have changed smb.conf to reflect that and now get (on my Windoze box), 
> "Access is denied"
> and in /var/log/messages, the following entries result from that attempt.
> 
> Jun 26 15:52:35 bilbo kernel: audit(1151333555.491:86): avc:  denied  { 
> read } for  pid=7352 comm="smbd" name="home" dev=dm-0 ino=24739841 
> scontext=user_u:system_r:smbd_t:s0 
> tcontext=system_u:object_r:home_root_t:s0 tclass=dir
> Jun 26 15:52:35 bilbo kernel: audit(1151333555.571:87): avc:  denied  { 
> read } for  pid=7352 comm="smbd" name="home" dev=dm-0 ino=24739841 
> scontext=user_u:system_r:smbd_t:s0 
> tcontext=system_u:object_r:home_root_t:s0 tclass=dir
> Jun 26 15:52:35 bilbo kernel: audit(1151333555.583:88): avc:  denied  { 
> read } for  pid=7352 comm="smbd" name="home" dev=dm-0 ino=24739841 
> scontext=user_u:system_r:smbd_t:s0 
> tcontext=system_u:object_r:home_root_t:s0 tclass=dir
> 
>>
>> Paul.
>>
> We seem to be getting closer, but I am still stumped.

You need to configure SELinux to allow samba sharing of home directories 
(see "man samba_selinux"):

# setsebool -P samba_enable_home_dirs 1

Paul.

More information about the fedora-list mailing list