FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Redhat > Fedora SELinux Support

 
 
LinkBack Thread Tools
 
Old 04-13-2012, 02:39 PM
"Moray Henderson (ICT)"
 
Default runcon Invalid argument

I'm trying to debug an httpd-nfs-selinux issue, and it would be _really_
useful to be able to execute commands in context httpd_t while trying out
combinations of the nfs_export_all_rw Boolean and public_content_rw_t type.

If I can do

[root@kojihub ~]# runcon unconfined_u:unconfined_r:unconfined_t:s0 bash
[root@kojihub ~]# exit

why can't I do

[root@kojihub ~]# runcon unconfined_u:unconfined_r:httpd_t:s0 bash
runcon: invalid context: unconfined_u:unconfined_r:httpd_t:s0: Invalid
argument

The actual issue is that I've set up a new koji hub with /mnt/koji on an nfs
mount; with SELinux in permissive mode I get

AVC Report
================================================== ======
# date time comm subj syscall class permission obj event
================================================== ======
1. 04/13/2012 14:23:36 httpd unconfined_u:system_r:httpd_t:s0 4 dir getattr
system_ubject_r:nfs_t:s0 denied 494
2. 04/13/2012 14:23:36 httpd unconfined_u:system_r:httpd_t:s0 4 dir search
system_ubject_r:nfs_t:s0 denied 493
3. 04/13/2012 14:23:36 httpd unconfined_u:system_r:httpd_t:s0 83 dir write
system_ubject_r:nfs_t:s0 denied 495
4. 04/13/2012 14:23:36 httpd unconfined_u:system_r:httpd_t:s0 83 dir
add_name system_ubject_r:nfs_t:s0 denied 495
5. 04/13/2012 14:23:36 httpd unconfined_u:system_r:httpd_t:s0 83 dir create
unconfined_ubject_r:nfs_t:s0 denied 495
6. 04/13/2012 14:23:36 httpd unconfined_u:system_r:httpd_t:s0 2 file create
unconfined_ubject_r:nfs_t:s0 denied 496
7. 04/13/2012 14:23:36 httpd unconfined_u:system_r:httpd_t:s0 2 file open
system_ubject_r:nfs_t:s0 denied 496


Moray.
"To err is human; to purr, feline."




OM International Limited - Unit B Clifford Court, Cooper Way - Carlisle CA3 0JG - United Kingdom
Charity reg no: 1112655 - Company reg no: 5649412 (England and Wales)

--
selinux mailing list
selinux@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/selinux
 

Thread Tools




All times are GMT. The time now is 09:38 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org