Can't use new users?
Ben
bench at silentmedia.com
Fri Sep 2 18:18:59 UTC 2005
Huh, setenforce 0 seems to have no effect. I see this when I run it:
Sep 2 11:15:45 dumont kernel: audit(1125684945.038:24): avc: granted
{ setenforce } for pid=6453 comm="setenforce"
scontext=root:system_r:unconfined_t
tcontext=system_u:object_r:security_t tclass=security
.... but everthing remains broken the same way.
Stephen Smalley wrote:
>On Fri, 2005-09-02 at 10:37 -0700, Ben wrote:
>
>
>>So last night I installed FC3, added Fedora Extras, and did a yum
>>update. Now I can't use any new users. Behold:
>>
>>[root at dumont ~]# adduser nagios
>>[root at dumont ~]# su - nagios
>>Your default context is user_u:system_r:unconfined_t.
>>
>>Do you want to choose a different one? [n]
>>could not open session
>>
>>/var/log/messages has this to say about it:
>>
>>Sep 2 17:34:21 dumont su[6229]: Warning! Could not relabel /dev/pts/4
>>with user_u:object_r:devpts_t, not relabeling.Operation not permitted
>>
>>Something doesn't seem quite right, but I'm not sure what I'm missing.
>>Here's are the selinux packages I've got installed:
>>
>>
>
>Hmmm...no avc messages in /var/log/messages prior to the warning?
>
>Is it repeatable after /usr/sbin/setenforce 0?
>
>
>
More information about the fedora-selinux-list
mailing list