On Tue, 2004-12-14 at 05:08 -0800, Karsten Wade wrote:
On Tue, 2004-12-14 at 11:59 +0100, Giuseppe Greco wrote:
Hi all,
I think I give up... no way to get my SELinux system working as it should. For the moment, I've just disabled it.
Was your problem only with squid?
No, I've also problems with squirrelmail when trying to send emails with attachments (simple emails without attachments are OK):
audit(1102761151.989:0): avc denied { search } for pid=1841 exe=/usr/sbin/httpd name=spool dev=dm-6 ino=224002 scontext=user_u:system_r:httpd_t tcontext=system_u:object_r:var_spool_t tclass=dir
audit(1102761496.288:0): avc denied { getattr } for pid=1841 exe=/usr/sbin/httpd path=/var/spool dev=dm-6 ino=224002 scontext=user_u:system_r:httpd_t tcontext=system_u:object_r:var_spool_t tclass=dir
Did you just turn off the squid Boolean (in system-config-securitylevel or with setsebool)? Or did you have to disable SELinux entirely?
I've disabled SELinux entirely in /etc/selinux/config by setting SELINUX=disabled...
If you can, it is recommended to leave SELinux running and disable it only for the daemon you are having problems with.
Yes, that could a much better idea...
I've tried everything, but nothing... What's strange is that I've these problems only on a machine where I updated from FC1 to FC3. Others machines where I installed FC3 from scratch I've no problems at all.
I'm working with an FC1 -> FC3 upgrade (via Anaconda), and although I'm not having SELinux problems, I do have other instabilities. I think that's a fairly big leap to be taking, so it's not surprising that some older, remaining packages are causing me problems. This seems to be a unique situation -- the delta between FC1 and FC3 is much larger than usual.
What could be the solution? Backup the configuration and reinstall FC3 from scratch?
Thanks, j3d.
- Karsten