Choosing A Webhost:
A web hosting service is a type of Internet hosting service that allows individuals and organizations to provide their own website accessible via the World Wide Web. Web hosts are companies that provide space on a server they own for use by their clients as well as providing Internet connectivity, typically in a data center. Web hosts can also provide data center space and connectivity to the Internet for servers they do not own to be located in their data center, called colocation. more...
|
Re: 1105 fails to boot....: msg#00181
|
Subject: |
Re: 1105 fails to boot.... |
On Fri, 2005-01-21 at 10:38, Tom London wrote:
> Jan 21 07:24:30 fedora kernel: audit(1106292231.919:0): avc: denied
> { read } for pid=478 exe=/bin/hostname path=/init dev=rootfs ino=17
> scontext=system_u:system_r:hostname_t
> tcontext=system_u:object_r:root_t tclass=file
I think that this denial reflects a kernel bug - leaking a descriptor to
the rootfs to userspace. Shouldn't interfere with booting.
> Jan 21 07:24:30 fedora kernel: audit(1106292234.081:0): avc: denied
> { read } for pid=576 exe=/sbin/restorecon name=customizable_types
> dev=hda2 ino=4506184 scontext=system_u:system_r:restorecon_t
> tcontext=system_u:object_r:default_context_t tclass=file
This is more likely the culprit. restorecon is now trying to read the
customizable_types file to identify contexts that it shouldn't try to
relabel, but if it lacks permission to do so, then the current code is
going to prevent relabeling anything, as it is merely checking for a
non-zero return from is_context_customizable(), which could be an
error. Fix is to allow access by restorecon_t and setfiles_t, but also
likely change the calling code to distinguish the error case from > 0
case.
--
Stephen Smalley <sds@xxxxxxxxxxxxx>
National Security Agency
|
| |
