From mboxrd@z Thu Jan 1 00:00:00 1970 From: Laura Lazzati Subject: Re: SELinux log Date: Sun, 9 Jun 2019 23:08:45 -0300 Message-ID: References: <87sgsocqx5.fsf@elephly.net> <87k1dyk33n.fsf@elephly.net> <87ef4586oh.fsf@elephly.net> <87a7es8spi.fsf@elephly.net> <87r284cer2.fsf@elephly.net> <87muisc8x8.fsf@elephly.net> Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="00000000000029cc45058aeeab23" Return-path: Received: from eggs.gnu.org ([2001:470:142:3::10]:54734) by lists.gnu.org with esmtp (Exim 4.86_2) (envelope-from ) id 1ha9kV-0003iO-MN for guix-devel@gnu.org; Sun, 09 Jun 2019 22:09:28 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1ha9kU-0004e0-HB for guix-devel@gnu.org; Sun, 09 Jun 2019 22:09:27 -0400 Received: from mail-wr1-x42b.google.com ([2a00:1450:4864:20::42b]:33273) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1ha9kS-0004cV-GB for guix-devel@gnu.org; Sun, 09 Jun 2019 22:09:26 -0400 Received: by mail-wr1-x42b.google.com with SMTP id n9so7523180wru.0 for ; Sun, 09 Jun 2019 19:09:23 -0700 (PDT) In-Reply-To: List-Id: "Development of GNU Guix and the GNU System distribution." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org Sender: "Guix-devel" To: Ricardo Wurmus Cc: Guix-devel --00000000000029cc45058aeeab23 Content-Type: text/plain; charset="UTF-8" Hi! More info after having my fresh install. First, I ran semode, and checked with -Z option my /gnu dir successfully. After that, I created the file and rebooted. While rebooting this time I got the message telling me that the system was being relabeled. Then, I ran restorecon and set SELinux to Permissive mode. Tried it doing a guix search hello. My audit log showed: type=AVC msg=audit(1560131803.485:381): avc: denied { search } for pid=8177 comm="bash" name="guix" dev="dm-0" ino=679365 scontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:guix_daemon.guix_daemon_conf_t:s0 tclass=dir permissive=0 After that I SELinux to Enforcing to see what message I got i the CLI, and it was a Permission Denied, and now I am getting that guix is not installed, double checking with `which guix` :S I am trying installing guix again with the script, and it reaches the point where I get: mv: cannot stat '/var/guix': Permission denied Any ideas? Regards! Laura --00000000000029cc45058aeeab23 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
Hi!

More in= fo after having my fresh install.

First,= I ran semode, and checked with -Z option my /gnu dir successfully. After t= hat, I created the file and rebooted. While rebooting this time I got the m= essage telling me that the system was being relabeled. Then, I ran restorec= on and set SELinux to Permissive mode. Tried it doing a guix search hello. =

My audit log showed:

type=3DAVC msg=3Daudit(1560131803.485:381): avc: =C2=A0denied =C2=A0{ sear= ch } for =C2=A0pid=3D8177 comm=3D"bash" name=3D"guix" d= ev=3D"dm-0" ino=3D679365 scontext=3Dunconfined_u:unconfined_r:unc= onfined_t:s0-s0:c0.c1023 tcontext=3Dunconfined_u:object_r:guix_daemon.guix_= daemon_conf_t:s0 tclass=3Ddir permissive=3D0

After= that I SELinux to Enforcing to see what message I got i the CLI, and it wa= s a Permission Denied, and now I am getting that guix is not installed, dou= ble checking with=C2=A0 `which guix` :S

I am tryin= g installing guix again with the script, and it reaches the point where I g= et:
mv: cannot stat '/var/guix': Permission denied
<= div>
Any ideas?


R= egards!
Laura




--00000000000029cc45058aeeab23--