search for: context_from_record

...s below, this is all from the host system. What do I miss? Thank you. [root at vpl2 ~]# tail /var/log/messages Apr 8 16:47:48 vpl2 dbus-daemon[2903]: libsepol.sepol_context_to_sid: could not convert system_u:system_r:svirt_t:s0:c263,c837 to sid Apr 8 16:47:48 vpl2 dbus-daemon[2903]: libsepol.context_from_record: user system_u is not defined Apr 8 16:47:48 vpl2 dbus-daemon[2903]: libsepol.context_from_record: could not create context structure Apr 8 16:47:48 vpl2 dbus-daemon[2903]: libsepol.context_from_string: could not create context structure Apr 8 16:47:48 vpl2 dbus-daemon[2903]: libsepol.sepol_c...

...id=3487 comm="xauth" path="socket:[21700]" dev=sockfs ino=21700 scontext=system_u:system_r:xauth_t:s0-s0:c0.c1023 tcontext=system_u:system_r:inetd_t:s0-s0:c0.c1023 tclass=tcp_socket The output from audit2allow is here : $ grep AVC /var/log/audit/audit.log | audit2allow libsepol.context_from_record: invalid security context: "system_u:system_r:xauth_t:s0-s0:c0.c1023" libsepol.context_from_record: could not create context structure libsepol.context_from_string: could not create context structure libsepol.sepol_context_to_sid: could not convert system_u:system_r:xauth_t:s0-s0:c0.c1023...

...l.print_missing_requirements: webalizer's global requirements were not met: type/attribute httpd_sys_content_t (No such file or directory). libsemanage.semanage_link_sandbox: Link packages failed (No such file or directory). semodule: Failed! semodule -r webalizer semodule -r apache libsepol.context_from_record: type httpd_openshift_script_exec_t is not defined libsepol.context_from_record: could not create context structure libsepol.context_from_string: could not create context structure libsepol.sepol_context_to_sid: could not convert unconfined_u:object_r:httpd_openshift_script_exec_t:s0 to sid invalid...

I seem to have quieted some, but I'm still getting noise from selinux. Here's one that really puzzles me: my users have a ruby app with passenger running. However, one of the sealerts gives me: sealert -l 5a02b0a1-8512-4f71-b1c8-70a40b090a9d SELinux is preventing /bin/chmod from using the fowner capability. ***** Plugin catchall_boolean (89.3 confidence) suggests *******************

...lled in the main policy). I can apply them manually with chcon, but that's icky and not "The One True Way(tm)". So, if I do: # checkmodule -M -m -o local.mod local.te # semodule_package -o local.pp -m local.mod -f local.fc # semodule -i local.pp I get the following output: libsepol.context_from_record: MLS is enabled, but no MLS context found libsepol.context_from_record: could not create context structure libsepol.context_from_string: could not create context structure libsepol.sepol_context_to_sid: could not convert system_u:object_r:file_upload_store_t to sid /etc/selinux/targeted/contexts/fi...