zephod at cfl.rr.com
Wed Jul 16 15:28:13 UTC 2008
---- max <maximilianbianco at gmail.com> wrote:
> Steve wrote:
> > ---- max bianco <maximilianbianco at gmail.com> wrote:
> >> On Mon, Jul 14, 2008 at 8:55 AM, Steve <zephod at cfl.rr.com> wrote:
> >>> I went to start setroubleshoot, Applications->System Tools->SE Linux Troubleshooter and I get this message:
> >>> connection failed at /var/run/setroubleshoot/setroubleshoo_tserver. Connection refused
> >>> #ls -lZ /var/run/setroubleshoot/setroubleshoot_server
> >>> srw-rw-rw- root root system_u:object_r:setroubleshoot_var_run_t /var/run/setroubleshoot/setroubleshoot_server
> >> That looks right. Is it F8 or F9?
> > Found some more interesting AVC messages in /var/log/dmesg, This doesn't mean anything to me. Where is the best place to go to get a little more educated about what all this is supposed to mean?
> > Thanks,
> > Steve
> That depends on what you already know about SELinux.
I can't even spell it correctly selinux or SElinux or Selinux or... ;-D
> I have found alot of material but its never enough for me:^)
> This is as good a place to start as any(probably better than most):
Thanks, I'll check it out.
> Depending on how deep you want to get you might look up the Flask
> Security Architecture. There is a PDF available, its not very long but
> its informative. There are also a few SELinux specific papers out there.
> I am reading SELinux by Example, it seems very complete so far and
> actually references some of the available papers throughout. As for the
> errors below I am assuming this is the first time you've seen them since
> you just installed policy.
It's the 1st time I've looked for any problem so I can't say if they were there before or not.
> Did you uninstall the policy at some point?
> Has the machine always, from day of install, been in permissive?
> Was this a fresh install or an upgrade?
This was an upgrade from F8 using preinstall. I have had all kinds of problems since the upgrade and I'm just now getting to look at the SElinux problems. IIRC, the default policy was permissive in F8.
> Are there any AVC's or error messages, related to SELinux, in the logs from before policy was installed?
Yes, but I'm on the Windows side of my dual boot machine right now so I'll have to post those later.
> > ...
More information about the fedora-list