I'm seeing a lot of noise in the logs, to the effect of: setroubleshoot: SELinux is preventing /bin/ksh93 from write access on the directory /var/lib/ssh-x509-auth as well as others related to find, cat, etc on .pem's in that directory. Is this a policy bug, or just no policy covering this? mark
Can you attach one of the AVC's. Mos likely ssh-x509-auth needs to be labeled sshd_key_t or ssh_home_t On 04/06/2016 02:54 PM, m.roth at 5-cent.us wrote:> I'm seeing a lot of noise in the logs, to the effect of: > setroubleshoot: SELinux is preventing /bin/ksh93 from write access on the > directory /var/lib/ssh-x509-auth > > as well as others related to find, cat, etc on .pem's in that directory. > Is this a policy bug, or just no policy covering this? > > mark > > _______________________________________________ > CentOS mailing list > CentOS at centos.org > lists.centos.org/mailman/listinfo/centos