* what to do: libsemanage.get_home_dirs:
@ 2010-03-09 18:01 ` Justin Mattock
0 siblings, 0 replies; 10+ messages in thread
From: Justin Mattock @ 2010-03-09 18:01 UTC (permalink / raw)
To: tresys, SE-Linux
with the latest policy on open suse 11.2
I'm seeing this after building the policy:
libsemanage.get_home_dirs: nobody homedir /var/lib/nobody or its
parent directory conflicts with a file context already specified in
the policy. This usually indicates an incorrectly defined system
account. If it is a system account please make sure its uid is less
than 1000 or its login shell is /sbin/nologin.
with using an older policy on this system, I never saw this.
what to do?
--
Justin P. Mattock
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
^ permalink raw reply [flat|nested] 10+ messages in thread
* [refpolicy] what to do: libsemanage.get_home_dirs:
@ 2010-03-09 18:01 ` Justin Mattock
0 siblings, 0 replies; 10+ messages in thread
From: Justin Mattock @ 2010-03-09 18:01 UTC (permalink / raw)
To: refpolicy
with the latest policy on open suse 11.2
I'm seeing this after building the policy:
libsemanage.get_home_dirs: nobody homedir /var/lib/nobody or its
parent directory conflicts with a file context already specified in
the policy. This usually indicates an incorrectly defined system
account. If it is a system account please make sure its uid is less
than 1000 or its login shell is /sbin/nologin.
with using an older policy on this system, I never saw this.
what to do?
--
Justin P. Mattock
^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: [refpolicy] what to do: libsemanage.get_home_dirs:
2010-03-09 18:01 ` [refpolicy] " Justin Mattock
@ 2010-03-09 21:03 ` Daniel J Walsh
-1 siblings, 0 replies; 10+ messages in thread
From: Daniel J Walsh @ 2010-03-09 21:03 UTC (permalink / raw)
To: Justin Mattock; +Cc: tresys, SE-Linux
On 03/09/2010 01:01 PM, Justin Mattock wrote:
> with the latest policy on open suse 11.2
> I'm seeing this after building the policy:
> libsemanage.get_home_dirs: nobody homedir /var/lib/nobody or its
> parent directory conflicts with a file context already specified in
> the policy. This usually indicates an incorrectly defined system
> account. If it is a system account please make sure its uid is less
> than 1000 or its login shell is /sbin/nologin.
>
> with using an older policy on this system, I never saw this.
>
> what to do?
>
>
/var/lib/nobody record in /etc/passwd needs to have a shell of
/bin/false or /sbin/nologin or a UID < 500.
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
^ permalink raw reply [flat|nested] 10+ messages in thread
* [refpolicy] what to do: libsemanage.get_home_dirs:
@ 2010-03-09 21:03 ` Daniel J Walsh
0 siblings, 0 replies; 10+ messages in thread
From: Daniel J Walsh @ 2010-03-09 21:03 UTC (permalink / raw)
To: refpolicy
On 03/09/2010 01:01 PM, Justin Mattock wrote:
> with the latest policy on open suse 11.2
> I'm seeing this after building the policy:
> libsemanage.get_home_dirs: nobody homedir /var/lib/nobody or its
> parent directory conflicts with a file context already specified in
> the policy. This usually indicates an incorrectly defined system
> account. If it is a system account please make sure its uid is less
> than 1000 or its login shell is /sbin/nologin.
>
> with using an older policy on this system, I never saw this.
>
> what to do?
>
>
/var/lib/nobody record in /etc/passwd needs to have a shell of
/bin/false or /sbin/nologin or a UID < 500.
^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: [refpolicy] what to do: libsemanage.get_home_dirs:
2010-03-09 21:03 ` Daniel J Walsh
@ 2010-03-09 22:29 ` Justin P. Mattock
-1 siblings, 0 replies; 10+ messages in thread
From: Justin P. Mattock @ 2010-03-09 22:29 UTC (permalink / raw)
To: Daniel J Walsh; +Cc: tresys, SE-Linux
On Tue, 2010-03-09 at 16:03 -0500, Daniel J Walsh wrote:
> On 03/09/2010 01:01 PM, Justin Mattock wrote:
> > with the latest policy on open suse 11.2
> > I'm seeing this after building the policy:
> > libsemanage.get_home_dirs: nobody homedir /var/lib/nobody or its
> > parent directory conflicts with a file context already specified in
> > the policy. This usually indicates an incorrectly defined system
> > account. If it is a system account please make sure its uid is less
> > than 1000 or its login shell is /sbin/nologin.
> >
> > with using an older policy on this system, I never saw this.
> >
> > what to do?
> >
> >
> /var/lib/nobody record in /etc/passwd needs to have a shell of
> /bin/false or /sbin/nologin or a UID < 500.
>
>
cool thanks..
I'll google a bit before making any changes.
usermod -u 500 login seems to be it,
but I also seen things in the user/group gui
menu which might be safer to try.
Justin P. Mattock
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
^ permalink raw reply [flat|nested] 10+ messages in thread
* [refpolicy] what to do: libsemanage.get_home_dirs:
@ 2010-03-09 22:29 ` Justin P. Mattock
0 siblings, 0 replies; 10+ messages in thread
From: Justin P. Mattock @ 2010-03-09 22:29 UTC (permalink / raw)
To: refpolicy
On Tue, 2010-03-09 at 16:03 -0500, Daniel J Walsh wrote:
> On 03/09/2010 01:01 PM, Justin Mattock wrote:
> > with the latest policy on open suse 11.2
> > I'm seeing this after building the policy:
> > libsemanage.get_home_dirs: nobody homedir /var/lib/nobody or its
> > parent directory conflicts with a file context already specified in
> > the policy. This usually indicates an incorrectly defined system
> > account. If it is a system account please make sure its uid is less
> > than 1000 or its login shell is /sbin/nologin.
> >
> > with using an older policy on this system, I never saw this.
> >
> > what to do?
> >
> >
> /var/lib/nobody record in /etc/passwd needs to have a shell of
> /bin/false or /sbin/nologin or a UID < 500.
>
>
cool thanks..
I'll google a bit before making any changes.
usermod -u 500 login seems to be it,
but I also seen things in the user/group gui
menu which might be safer to try.
Justin P. Mattock
^ permalink raw reply [flat|nested] 10+ messages in thread
* RE: [refpolicy] what to do: libsemanage.get_home_dirs:
2010-03-09 18:01 ` [refpolicy] " Justin Mattock
@ 2010-03-10 15:35 ` Alan Rouse
-1 siblings, 0 replies; 10+ messages in thread
From: Alan Rouse @ 2010-03-10 15:35 UTC (permalink / raw)
To: Justin Mattock, tresys, SE-Linux
Justin Mattock wrote:
> with the latest policy on open suse 11.2 I'm seeing this after building the policy:
> libsemanage.get_home_dirs: nobody homedir /var/lib/nobody or its parent directory conflicts with a
> file context already specified in the policy. This usually indicates an incorrectly defined system
> account. If it is a system account please make sure its uid is less than 1000 or its login shell is
> /sbin/nologin.
>
> with using an older policy on this system, I never saw this.
>
> what to do?
usermod -s /sbin/nologin nobody
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
^ permalink raw reply [flat|nested] 10+ messages in thread
* [refpolicy] what to do: libsemanage.get_home_dirs:
@ 2010-03-10 15:35 ` Alan Rouse
0 siblings, 0 replies; 10+ messages in thread
From: Alan Rouse @ 2010-03-10 15:35 UTC (permalink / raw)
To: refpolicy
Justin Mattock wrote:
> with the latest policy on open suse 11.2 I'm seeing this after building the policy:
> libsemanage.get_home_dirs: nobody homedir /var/lib/nobody or its parent directory conflicts with a
> file context already specified in the policy. This usually indicates an incorrectly defined system
> account. If it is a system account please make sure its uid is less than 1000 or its login shell is
> /sbin/nologin.
>
> with using an older policy on this system, I never saw this.
>
> what to do?
usermod -s /sbin/nologin nobody
^ permalink raw reply [flat|nested] 10+ messages in thread
* RE: [refpolicy] what to do: libsemanage.get_home_dirs:
2010-03-10 15:35 ` Alan Rouse
@ 2010-03-10 15:45 ` Justin P. Mattock
-1 siblings, 0 replies; 10+ messages in thread
From: Justin P. Mattock @ 2010-03-10 15:45 UTC (permalink / raw)
To: Alan Rouse; +Cc: tresys, SE-Linux
On Wed, 2010-03-10 at 10:35 -0500, Alan Rouse wrote:
> Justin Mattock wrote:
> > with the latest policy on open suse 11.2 I'm seeing this after building the policy:
> > libsemanage.get_home_dirs: nobody homedir /var/lib/nobody or its parent directory conflicts with a
> > file context already specified in the policy. This usually indicates an incorrectly defined system
> > account. If it is a system account please make sure its uid is less than 1000 or its login shell is
> > /sbin/nologin.
> >
> > with using an older policy on this system, I never saw this.
> >
> > what to do?
>
> usermod -s /sbin/nologin nobody
just read the other post..
I'll give this a try and see.
Thanks.
Justin P. Mattock
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
^ permalink raw reply [flat|nested] 10+ messages in thread
* [refpolicy] what to do: libsemanage.get_home_dirs:
@ 2010-03-10 15:45 ` Justin P. Mattock
0 siblings, 0 replies; 10+ messages in thread
From: Justin P. Mattock @ 2010-03-10 15:45 UTC (permalink / raw)
To: refpolicy
On Wed, 2010-03-10 at 10:35 -0500, Alan Rouse wrote:
> Justin Mattock wrote:
> > with the latest policy on open suse 11.2 I'm seeing this after building the policy:
> > libsemanage.get_home_dirs: nobody homedir /var/lib/nobody or its parent directory conflicts with a
> > file context already specified in the policy. This usually indicates an incorrectly defined system
> > account. If it is a system account please make sure its uid is less than 1000 or its login shell is
> > /sbin/nologin.
> >
> > with using an older policy on this system, I never saw this.
> >
> > what to do?
>
> usermod -s /sbin/nologin nobody
just read the other post..
I'll give this a try and see.
Thanks.
Justin P. Mattock
^ permalink raw reply [flat|nested] 10+ messages in thread
end of thread, other threads:[~2010-03-10 15:45 UTC | newest]
Thread overview: 10+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2010-03-09 18:01 what to do: libsemanage.get_home_dirs: Justin Mattock
2010-03-09 18:01 ` [refpolicy] " Justin Mattock
2010-03-09 21:03 ` Daniel J Walsh
2010-03-09 21:03 ` Daniel J Walsh
2010-03-09 22:29 ` Justin P. Mattock
2010-03-09 22:29 ` Justin P. Mattock
2010-03-10 15:35 ` Alan Rouse
2010-03-10 15:35 ` Alan Rouse
2010-03-10 15:45 ` Justin P. Mattock
2010-03-10 15:45 ` Justin P. Mattock
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.