Mr Dash Four wrote:
>
>> May 9 11:04:57 mclachlan1 kernel: [ 14.943055] type=1400
>> audit(1304953497.367:4): avc: denied { execute } for pid=1461
>> comm="perl" name="getparams" dev=dm-0 ino=395957
>> scontext=system_u:system_r:shorewall_t:s0
>> tcontext=system_u:object_r:usr_t:s
>> 0 tclass=file
>>
> This is an error with the selinux policy in FC14 (the main reason I am
> *NOT* on FC14)! Run "restorecon -vF /usr/share/shorewall/getparams"
> and then check the selinux context with "ls -lasZ
> /usr/share/shorewall/getparams" - if it is still "usr_t" you could try
> and submit a bug with Fedora. As a temporary "solution" you could do
> this (as root):
Yeah, I just checked what I have on one of my machines - the context is
"bin_t" which is a context not constrained by any SELinux policies (a
work-around I did a while ago to avoid this very bug when I tried to
upgrade to FC14 and then backtracked to FC13) - definitely a bug and
SELinux people definitely know about it!
------------------------------------------------------------------------------
WhatsUp Gold - Download Free Network Management Software
The most intuitive, comprehensive, and cost-effective network
management toolset available today. Delivers lowest initial
acquisition cost and overall TCO of any competing solution.
http://p.sf.net/sfu/whatsupgold-sd
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
