ntpd drift.TEMP file
Tom London
selinux at gmail.com
Sun Jan 23 19:39:29 UTC 2005
On Sun, 23 Jan 2005 14:30:30 -0500 (EST),
mroselinux at eastgranby.k12.ct.us <mroselinux at eastgranby.k12.ct.us>
wrote:
> I have just built an FC3 samba server using the K12LTSP iso's and am
> getting the following messages on the log.
>
> Jan 21 01:55:14 admin ntpd[9988]: can't open /etc/ntp/drift.TEMP:
> Permission denied
> Jan 21 01:55:14 admin kernel: audit(1106290514.375:0): avc: denied {
> write } for pid=9988 exe=/usr/sbin/ntpd name=ntp dev=hda3 ino=3392705
> scontext=root:system_r:ntpd_t tcontext=system_u:object_r:etc_t tclass=dir
>
> With SELinux enabled, the drift file could not be created. In permissive
> mode, the drift file is properly created and updated. What have I done
> wrong?
>
> [root at admin ntp]# ls -dZ .
> drwxr-xr-x ntp ntp system_u:object_r:etc_t
> [root at admin ntp]# ls -lZ drift
> -rw-r--r-- ntp ntp root:object_r:etc_t drift
>
version of ntp?
Mine (ntp-4.2.0.a.20040617-6) places the drift file in /var/lib/ntp.
/var/lib/ntp seems appropriately labeled ntp_drift_t.
tom
--
Tom London
More information about the fedora-selinux-list
mailing list