Understanding SELinux

Giuseppe Greco giuseppe.greco at agamura.com
Sat Dec 4 20:47:45 UTC 2004

Hi all,

I've lots of problems related to SELinux on FC3...

I get tonnes of messages like

  audit(1102179993.228:0): avc: denied { append } for pid=2624
    exe=/sbin/syslogd name=boot.log dev=md-6 ino=128104
    scontex=root:system_r:syslogd_t tcontext=system_u:object_r:file_t
  syslog: /var/log/boot.log: Permissin denied

Same problem with dhcpd, portmap, etc.
I've tried this

  [root at murphy etc]# ls -alZ /var/log/boot.log
    -rw-------  root     root    /var/log/boot.log

... and then this

  [root at murphy etc]# chcon -t var_log_t /var/log/boot.log

but I always get the error message

  "chcon: can't apply partial context to unlabeled file boot.log"

What I'm trying to understand is why system files like this are
not already labeled as they should, and what I've to do to get
my boxes working without complying... 

Thanks for helping a poor novice,
Giuseppe Greco


phone:  +41 (0)91 604 67 65
mobile: +41 (0)76 390 60 32
email:  giuseppe.greco at agamura.com
web:    www.agamura.com

More information about the fedora-selinux-list mailing list