On 03/12/2018 11:53 PM, Ed Greshko wrote:
There are times where you will
have selinux preventing something but you won't get an AVC in the audit.log.
This
due to a policy which has "dontaudit" enabled. If you run into this situation
again
you should try the command "semodule -BD" The D
On 03/13/2018 02:39 AM, Lukas Vrabec wrote:
On 03/13/2018 06:57 AM, ToddAndMargo wrote:
Follow up:
With everyone's help, I cleaned up my SELinux homedir's
and set Samba's SELinux stuff right.
I still could not log in from lightdm, except to root,
when SLElinux was Enforcing.
And SEAlert was
On 03/13/2018 06:57 AM, ToddAndMargo wrote:
> Follow up:
>
> With everyone's help, I cleaned up my SELinux homedir's
> and set Samba's SELinux stuff right.
>
> I still could not log in from lightdm, except to root,
> when SLElinux was Enforcing.
>
> And SEAlert was completely quiet. And
>
On 03/13/18 13:57, ToddAndMargo wrote:
> Thank you all for the tips. I wrote down about five of them,
> so I would not forget. SELinux baffles me at times.
Good to hear all is working now.
One thing I just realized I was remiss in mentioning. There are times where
you will
have selinux
Follow up:
With everyone's help, I cleaned up my SELinux homedir's
and set Samba's SELinux stuff right.
I still could not log in from lightdm, except to root,
when SLElinux was Enforcing.
And SEAlert was completely quiet. And
/var/log/audit/audit.log
was completely empty.
Then I got
On 03/12/2018 04:04 PM, ToddAndMargo wrote:
Now Samba does not work either.
Samba is back to working. My firewall was blocking
it, as I somehow lost my systemd script for custom.firewall.service.
But all is better now.
___
users mailing list --
On 03/12/2018 03:49 PM, Ed Greshko wrote:
#/sbin/restorecon -v /home/tony/.xsession-errors
# ausearch -c 'lightdm' --raw | audit2allow -M my-lightdm
# semodule -X 300 -i my-lightdm.pp
That happened very early on in SEAlert. SEAlert is
now quite.
Redoing the above did not help.
Now Samba
On 03/13/18 06:13, ToddAndMargo wrote:
>>
>> /usr/bin/sealert -b
>> Is quiet
If I put the AVC's you mention in the original post in a file
type=AVC msg=audit(1520843479.104:515): avc: denied { create } for pid=7554
comm="lightdm" name=".xsession-errors"
On 03/12/2018 03:13 PM, ToddAndMargo wrote:
On 03/12/2018 03:06 PM, ToddAndMargo wrote:
On 03/12/2018 04:20 AM, Lukas Vrabec wrote:
On 03/12/2018 10:35 AM, ToddAndMargo wrote:
Hi All,
Fedora 27, x64
Xfce 4.12
lightdm-1.25.1-5.fc27.x86_64
With SELinux set to Enforcing, I can only log into
On 03/12/2018 03:06 PM, ToddAndMargo wrote:
On 03/12/2018 04:20 AM, Lukas Vrabec wrote:
On 03/12/2018 10:35 AM, ToddAndMargo wrote:
Hi All,
Fedora 27, x64
Xfce 4.12
lightdm-1.25.1-5.fc27.x86_64
With SELinux set to Enforcing, I can only log into Xfce as root.
If I set SELinux to
On 03/12/2018 04:20 AM, Lukas Vrabec wrote:
On 03/12/2018 10:35 AM, ToddAndMargo wrote:
Hi All,
Fedora 27, x64
Xfce 4.12
lightdm-1.25.1-5.fc27.x86_64
With SELinux set to Enforcing, I can only log into Xfce as root.
If I set SELinux to Permissive, I can log into anyone.
SEAlert is quite.
On 03/12/2018 04:20 AM, Lukas Vrabec wrote:
Are you sharing your homedir via samba? If yes,
I am
# restorecon -Rv /home
# semanage boolean -m samba_enable_home_dirs --on
Didn't work. Rats!
___
users mailing list -- users@lists.fedoraproject.org
On 03/13/18 05:57, ToddAndMargo wrote:
> On 03/12/2018 03:08 AM, Ed Greshko wrote:
>> You can try "restorecon/home/tony/.xsession-errors". You may have to do
>> that as
>> root.
>
> didn't work. Rats!
You may want to run the troubleshooter to see what it suggests
/usr/bin/sealert -b
--
On 03/13/18 05:54, ToddAndMargo wrote:
> Will try in a minute
OK, but you may need to follow the more inclusive solution provided by Lukas if
you
are using samba.
--
Conjecture is just a conclusion based on incomplete information. It isn't a
fact.
signature.asc
Description: OpenPGP
On 03/12/2018 03:08 AM, Ed Greshko wrote:
You can try "restorecon/home/tony/.xsession-errors". You may have to do that
as root.
didn't work. Rats!
___
users mailing list -- users@lists.fedoraproject.org
To unsubscribe send an email to
On 03/12/2018 03:08 AM, Ed Greshko wrote:
On 03/12/18 17:35, ToddAndMargo wrote:
Hi All,
Fedora 27, x64
Xfce 4.12
lightdm-1.25.1-5.fc27.x86_64
With SELinux set to Enforcing, I can only log into Xfce as root.
If I set SELinux to Permissive, I can log into anyone.
SEAlert is quite.
In the
On 03/12/2018 10:35 AM, ToddAndMargo wrote:
> Hi All,
>
> Fedora 27, x64
>
> Xfce 4.12
>
> lightdm-1.25.1-5.fc27.x86_64
>
> With SELinux set to Enforcing, I can only log into Xfce as root.
>
> If I set SELinux to Permissive, I can log into anyone.
>
> SEAlert is quite.
>
> In the Audit log,
On 03/12/18 17:35, ToddAndMargo wrote:
> Hi All,
>
> Fedora 27, x64
>
> Xfce 4.12
>
> lightdm-1.25.1-5.fc27.x86_64
>
> With SELinux set to Enforcing, I can only log into Xfce as root.
>
> If I set SELinux to Permissive, I can log into anyone.
>
> SEAlert is quite.
>
> In the Audit log, I get:
>
>
18 matches
Mail list logo
