FC5 services that will not start
Paul Howarth
paul at city-fan.org
Mon Jun 26 15:10:29 UTC 2006
Chris Jones wrote:
> Paul Howarth wrote:
>> Chris Jones wrote:
>>> Paul Howarth wrote:
>>>> On Sun, 2006-06-25 at 23:16 +0100, Chris Jones wrote:
>>>>
>>>>> I am using FC5 on a generic Athlon x64 PC. I am having problems
>>>>> with several services.
>>>>>
>>>>> 1. Dovecot refuses to start. When I attempt to start the service I
>>>>> get a message in /var/log/messages as follows:
>>>>> Jun 25 23:05:38 bilbo kernel: audit(1151273138.255:415): avc:
>>>>> denied { create } for pid=1480 comm="dovecot"
>>>>> scontext=user_u:system_r:dovecot_t:s0
>>>>> tcontext=user_u:system_r:dovecot_t:s0 tclass=socket
>>>>>
>>>>> Can anyone here give me a hint on what I need to do to get this
>>>>> working? >From the log message, this seems to be something to do
>>>>> with selinux.
>>>>>
>>>>
>>>> Indeed it is. Some more diagnostic info would be useful. Can you post
>>>> the output of:
>>>>
>>>> # ausearch -a 415
>>>>
>>> produces the output >
>>> [root at bilbo network-scripts]# ausearch -a 415
>>> -bash: ausearch: command not found
>>>
>>> Clearly, I am missing this application. Where should it be? Which RPM?
>>
>> It's in the "audit" package.
>>
> Now when I run this, I get the following response:>
> [root at bilbo network-scripts]# ausearch -a 415
> <no matches>
Have you rebooted since the error happened?
Try this instead:
# fgrep 1151273138.255:415 /var/log/messages
>>>>> 2. On Samba, I experience a different, but possibly related
>>>>> problem. Samba starts, but I see the following message in the log
>>>>> every few minutes:
>>>>>
>>>>> Jun 25 23:09:25 bilbo smbd[1502]: Denied connection from
>>>>> (192.168.0.5)
>>>>> Jun 25 23:11:50 bilbo smbd[1513]: [2006/06/25 23:11:50, 0]
>>>>> lib/access.c:check_access(328)
>>>>>
>>>>> The other PC referred to in the log message is unable to even see
>>>>> the linux share.
>>>>>
>>>>> Any help here would be greatly appreciated.
>>>>>
>>>>
>>>> Do you have a "hosts allow" line in /etc/samba/smb.conf ?
>>>>
>>> Yes. it reads > hosts allow = 192.168.0 127.
>>> which has always worked in the past.
>>
>> Try this:
>> hosts allow = 192.168.0. 127.
>
> I have changed smb.conf to reflect that and now get (on my Windoze box),
> "Access is denied"
> and in /var/log/messages, the following entries result from that attempt.
>
> Jun 26 15:52:35 bilbo kernel: audit(1151333555.491:86): avc: denied {
> read } for pid=7352 comm="smbd" name="home" dev=dm-0 ino=24739841
> scontext=user_u:system_r:smbd_t:s0
> tcontext=system_u:object_r:home_root_t:s0 tclass=dir
> Jun 26 15:52:35 bilbo kernel: audit(1151333555.571:87): avc: denied {
> read } for pid=7352 comm="smbd" name="home" dev=dm-0 ino=24739841
> scontext=user_u:system_r:smbd_t:s0
> tcontext=system_u:object_r:home_root_t:s0 tclass=dir
> Jun 26 15:52:35 bilbo kernel: audit(1151333555.583:88): avc: denied {
> read } for pid=7352 comm="smbd" name="home" dev=dm-0 ino=24739841
> scontext=user_u:system_r:smbd_t:s0
> tcontext=system_u:object_r:home_root_t:s0 tclass=dir
>
>>
>> Paul.
>>
> We seem to be getting closer, but I am still stumped.
You need to configure SELinux to allow samba sharing of home directories
(see "man samba_selinux"):
# setsebool -P samba_enable_home_dirs 1
Paul.
More information about the fedora-list
mailing list