[Spacewalk-list] SELinux contexts for distro trees
Patrick Hurrelmann
patrick.hurrelmann at lobster.de
Thu Oct 13 09:03:28 UTC 2011
On Mo, 2011-10-10 at 11:26 +0800, Colin Coe wrote:
> Hi all
>
> Can anyone advise what the SELinux contexts should be if I've copied
> the distro ISO contents to /var/distro-trees/<label>?
> ---
> type=AVC msg=audit(1318216860.448:70920): avc: denied { search } for
> pid=19249 comm="cobblerd" name="/" dev=dm-6 ino=2
> scontext=system_u:system_r:cobblerd_t:s0
> tcontext=system_u:object_r:file_t:s0 tclass=dir
> type=AVC msg=audit(1318216920.466:70921): avc: denied { search } for
> pid=19272 comm="cobblerd" name="/" dev=dm-6 ino=2
> scontext=system_u:system_r:cobblerd_t:s0
> tcontext=system_u:object_r:file_t:s0 tclass=dir
> type=AVC msg=audit(1318216920.466:70922): avc: denied { search } for
> pid=19272 comm="cobblerd" name="/" dev=dm-6 ino=2
> scontext=system_u:system_r:cobblerd_t:s0
> tcontext=system_u:object_r:file_t:s0 tclass=dir
> ---
>
> I'd rather not change to permissive...
>
> Thanks
>
> CC
>
Hi,
I'm struggeling with the same issue. Maybe someone can sched some lights
on it, as couldn't find any information regarding this topic.
I tried to loop mount a CentOS 6 iso and manually adding the extracted
content. Neither worked. But if selinux is set to permissive, both ways
work.
Thanks
Patrick
More information about the Spacewalk-list
mailing list