On 2/25/08, Ryan Novosielski <[EMAIL PROTECTED]> wrote:
>
> Don Buchholz wrote:
> > Dan Williams wrote:
> >>>> On Wed, 2008-01-30 at 22:34 +0100, Bjørge Solli wrote:
> >>>>> The strange thing is that I cannot even log in as root (not in gdm
> nor
> >>>>> in text console), I had to reboot into runlevel 1 ...<snip>...
> >>
> >> Probably because your home directory or authentication is set up to use
> >> the network? It used to be the case that if you had set up kerberos
> >> logins from system-config-authentication and you didn't have a network,
> >> then even root could not log in. Probably some variation of that.
> >>
> >
> > I installed a very minimal set of packages (<400) on a Fedora 8 system
> > (no graphical interface at all, meant for bare-bones FTP and Apache
> service)
> > and found it necessary to turn off SELinux by putting "selinux=0" in the
> > kernel args in grub.conf to allow *any* account to login to a text
> console.
> >
> > A sample of the SELinux/audit message in syslog file:
> > Feb 22 09:29:06 testhost kernel: audit(1203701346.285:4):
> avc: denied
> > { entrypoint } for pid=2136 comm="login" path="/bin/bash" dev=dm-0
> > ino=1736707 scontext=system_u:system_r:hotplug_t:s0-s0:c0.c1023
> > tcontext=system_u:object_r:file_t:s0 tclass=file
> >
> > "login" isn't allowed to access "/bin/bash"?!?
> >
> > I probably need to take this one to another [SELinux] forum, eh?
> > Not really keen on disabling SELinux for a box that will eventually
> > sit on the Internet. :drunk:
>
> Seems like something got screwed up here. Try looking into the
> "restorecon" command.
>
It turned out to be the SELinux "disk labeling"(?). After mucking around a
bit,
I did a full "yum update" (the Fedora 8 install was from a DVD image, it
wasn't
one of the 'Live' installs). Later, when SELinux was re-enabled, the system
noticed it during startup, and kicked off the SELinux "policy relable" in
rc.sysinit.
Everything is working now. (There must've been some deficiency in the
original
os-image laid down on the disks by the Anaconda installer.)
- Don
_______________________________________________
NetworkManager-list mailing list
[email protected]
http://mail.gnome.org/mailman/listinfo/networkmanager-list
