[Spacewalk-list] Re: SELinux and /tftpboot
Jan Pazdziora
jpazdziora at redhat.com
Thu Oct 29 08:57:54 UTC 2009
On Wed, Oct 28, 2009 at 12:55:07PM +0100, Marcus Moeller wrote:
>
>> it seems that the images located /tftpboot/images/XXX/ are associated
>> with the wrong SELinux context: 'root:object_r:spacewalk_data_t; which
>> leads to denies like this:
>>
>> type=AVC msg=audit(1254211758.053:756): avc: denied { getattr } for
>> pid=31005 comm="in.tftpd"
>> path="/images/centos-5-x86_64:1:Spacewalk-Public-Cert/vmlinuz"
>> dev=dm-0 ino=5242885 scontext=system_u:system_r:tftpd_t:s0-s0:c0.c1023
>> tcontext=root:object_r:spacewalk_data_t:s0 tclass=file
>>
>> Got spacewalk-0.6.4-1.el5 installed.
>
> Seems to be fixed. Had some old profiles laying around and to restorecon -R them. Newly created image trees are set up correctly.
>
Thank you for the note and sorry that I missed and did not respond to
your original report.
--
Jan Pazdziora
Senior Software Engineer, Satellite Engineering, Red Hat
More information about the Spacewalk-list
mailing list