On 09/23/2013 09:28 AM, and in another thread, Alan Altmark wrote: > They are indeed SELinux errors, but "clearly" is hardly applicable in this > case. If you haven't studied SELinux (hint!), you aren't going to > recognize these messages. (And nowhere does the message even say > "SELinux" to provide needed context!)
In English, Alan is suggesting that we all take time to learn SELinux. Depending on your context (pun!) that curve may be required sooner than later. As for me, while I confess to having done limited study of SELinux, I deny having done zero. And there may be a deeper context. (hint!) AVC is "access vector cache" which comes from the SEL code affecting his kernel. That much is clear. SELinux works by applying labels and assigning roles. The "scontext" and "tcontext" references in John's SYSLOG traffic reflect that. It's also clear. I did not elaborate on it for brevity. So ... I wasn't completely clear. Then John said: > In my experience, "When in doubt, blame SELinux!" <grin/>. I fear a flame fest. Knowing that you (Alan) are a fan of MAC and that you believe SELinux provides it, maybe you wanted to start a longer thread about that in particular. Russ also chimed in as if to hit "+1" or "like". The discussion warrants forking (clearly!) so I did. In the other thread, I was just trying to help John get past his vsFTPD pain. To that end, I'd even suggest not running FTP, if it would help. (Maybe it will!) -- R; <>< ---------------------------------------------------------------------- For LINUX-390 subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390 ---------------------------------------------------------------------- For more information on Linux on System z, visit http://wiki.linuxvm.org/
