Bug 226951
Summary: | SELinux is preventing /usr/sbin/useradd "read write" to faillog | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Tim Lauridsen <tim.lauridsen> |
Component: | shadow-utils | Assignee: | Peter Vrabec <pvrabec> |
Status: | CLOSED RAWHIDE | QA Contact: | David Lawrence <dkl> |
Severity: | low | Docs Contact: | |
Priority: | medium | ||
Version: | rawhide | CC: | dwalsh |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2007-02-14 22:04:45 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Tim Lauridsen
2007-02-02 08:27:50 UTC
Daniel, could you look at this. I was able to reproduce it on rawhide, too. The problem here is that /var/log/faillog is labeled incorrectly. Some process is recreating this file with the wrong context. restorecon /var/log/faillog will fix the files context and everything should work. Most likely a program removes the file and then recreates the file which would adopt the context of the parent directory var_log_t instead of the defined context faillog_t. Tim, does restorecon help you? I have run the 'restorecon /var/log/faillog' command, but i only got the alert once, i don't know what action triggered the alert. This turned out to be an anaconda problem installation problem. pam was being installed before selinux-policy so files created in the post install were being labeled incorrectly. It is fixed in the next anaconda. |