[Spacewalk-list] Re: SELinux and /tftpboot
Marcus Moeller
mail at marcus-moeller.de
Wed Oct 28 11:55:07 UTC 2009
Hi all,
> it seems that the images located /tftpboot/images/XXX/ are associated
> with the wrong SELinux context: 'root:object_r:spacewalk_data_t; which
> leads to denies like this:
>
> type=AVC msg=audit(1254211758.053:756): avc: denied { getattr } for
> pid=31005 comm="in.tftpd"
> path="/images/centos-5-x86_64:1:Spacewalk-Public-Cert/vmlinuz"
> dev=dm-0 ino=5242885 scontext=system_u:system_r:tftpd_t:s0-s0:c0.c1023
> tcontext=root:object_r:spacewalk_data_t:s0 tclass=file
>
> Got spacewalk-0.6.4-1.el5 installed.
Seems to be fixed. Had some old profiles laying around and to restorecon -R them. Newly created image trees are set up correctly.
Best Regards
Marcus
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3253 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/spacewalk-list/attachments/20091028/d33d4f5d/attachment.p7s>
More information about the Spacewalk-list
mailing list