|Main Archive Page > Month Archives > fedora-selinux archives|
Today I updated to FC11 and gitosis stopped working (gitosis is a collection of scripts for easing multiuser access to git repositories over ssh). I can tell it's an SELinux problem, because '/sbin/setenforcing 0' clears it up.
On the server, the git repositories are managed by the 'git' user, which has the guest_u selinux type (though it also fails when given the user_u user). The home directory (/home/git) has the correct selinux context (user_home_t) as far as I can tell and I've run 'restorecon -Rvv' anyway, just to be sure. gitosis works by calling a system binary, gitosis-serve, which lives in /usr/bin/ and has the type of 'bin_t' so guest_u should be able to execute it. Even with 'setenforcing 0' no AVC denials are created though. Checking /var/log/secure shows that the key is being accepted, and it seems like the process then hangs.
Any suggestions appreciated,
Jon -- fedora-selinux-list mailing list firstname.lastname@example.org https://www.redhat.com/mailman/listinfo/fedora-selinux-list