SELinux Mailing List - NSA/CSS

Skip All Menus Skip Top Menu

Top Navigation Menus

Research Skip Research Menus Research Menu Security Enhanced Linux What's New Frequently Asked Questions Background Documents License Download Participating Mail List Archives Remaining Work Contributors Related Work Press Releases Information Assurance Research NIARL In-house Research Areas Mathematical Sciences Program Sabbaticals Computer & Information Sciences Research Technology Transfer Advanced Computing Advanced Mathematics Communications & Networking Information Processing Microelectronics Other Technologies Technology Fact Sheets Publications Related Links	Skip Search Box Searchbox SELinux Mailing List RE: transition failure This message: [ Message body ] [ More options ] Related messages: [ Next message ] [ Previous message ] [ In reply to ] [ Next in thread ] From: Stephen Smalley <sds_at_epoch.ncsc.mil> Date: Thu, 22 Jan 2004 10:14:06 -0500 On Thu, 2004-01-22 at 09:56, Kratzer, James R. wrote: > Thanks Russ. I was not aware of the constraints. I'm am using "runcon" > because when I use "run_init" I get the following error: > > execvp: Permission Denied > > I forgot to mention previously that the "runcon" command gives this same > error as well along with the "avc: denied { transition }" message. > > BTW, these errors only occur with enforcing=1 as run_init and runcon execute > swatch just fine with enforcing=0. > What does execvp mean? execvp(3) is a library function that is a front-end for execve(2); run_init calls it to execute the script. The most likely cause for failure here is that the type on the /etc/rc.d/init.d/swatchd script is wrong; it needs to have the initrc_exec_t type. Try 'chcon -t initrc_exec_t /etc/init.d/swatchd'. -- Stephen Smalley <sds@epoch.ncsc.mil> National Security Agency -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with the words "unsubscribe selinux" without quotes as the message. Received on Thu 22 Jan 2004 - 10:14:26 EST This message: [ Message body ] Next message: Karl MacMillan: "Re: sepcut is broken" Previous message: Kratzer, James R.: "RE: transition failure" In reply to: Kratzer, James R.: "RE: transition failure" Next in thread: Kratzer, James R.: "RE: transition failure" Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]
	Date Posted: Jan 15, 2009 \| Last Modified: Jan 15, 2009 \| Last Reviewed: Jan 15, 2009

bottom