From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from lists.gentoo.org ([140.105.134.102] helo=robin.gentoo.org) by nuthatch.gentoo.org with esmtp (Exim 4.50) id 1Ebn04-0005Xs-O4 for garchives@archives.gentoo.org; Mon, 14 Nov 2005 22:40:33 +0000 Received: from robin.gentoo.org (localhost [127.0.0.1]) by robin.gentoo.org (8.13.5/8.13.5) with SMTP id jAEMcssp017738; Mon, 14 Nov 2005 22:38:54 GMT Received: from mta10.adelphia.net (mta10.adelphia.net [68.168.78.202]) by robin.gentoo.org (8.13.5/8.13.5) with ESMTP id jAEMcrSd018222 for ; Mon, 14 Nov 2005 22:38:53 GMT Received: from homer.edgehp.net ([69.171.210.251]) by mta11.adelphia.net (InterMail vM.6.01.05.02 201-2131-123-102-20050715) with ESMTP id <20051114223700.ZDQQ19306.mta11.adelphia.net@homer.edgehp.net> for ; Mon, 14 Nov 2005 17:37:00 -0500 Received: from [192.168.154.40] (anastasia.edgehp.net [192.168.154.40]) by homer.edgehp.net (Postfix) with ESMTP id 26FBC5A89D for ; Mon, 14 Nov 2005 17:35:07 -0500 (EST) Message-ID: <4379118D.9080005@edgehp.net> Date: Mon, 14 Nov 2005 17:37:01 -0500 From: Dale Pontius User-Agent: Mozilla/5.0 (X11; U; Linux i686 (x86_64); en-US; rv:1.7.12) Gecko/20050920 X-Accept-Language: en-us, en Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-hardened@gentoo.org Reply-to: gentoo-hardened@lists.gentoo.org MIME-Version: 1.0 To: gentoo-hardened@lists.gentoo.org Subject: Re: [gentoo-hardened] SELinux n00b questions References: <435A6E83.15754.A4A6C273@pageexec.freemail.hu> <1130728797.25301.67.camel@gorn.pebenito.net> <4377ED93.2090408@edgehp.net> <200511140920.22796.petershaw83@yahoo.ca> In-Reply-To: <200511140920.22796.petershaw83@yahoo.ca> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: quoted-printable X-MIME-Autoconverted: from 8bit to quoted-printable by robin.gentoo.org id jAEMcsuG017738 X-Archives-Salt: 3f053923-4d60-44fb-b648-218edffd3ebe X-Archives-Hash: df605c1e6aeee0bd0b40688dcd25ebc5 Peter Shaw wrote: >On Monday 14 November 2005 02:51, Dale Pontius wrote: > =20 > >>I decided to try running BIND on the SELinux system. I get this message= : >> * Starting named ... >>named: capset failed: Operation not permitted: please ensure that the >>capset kernel module is loaded. see insmod(8) >> >>I've made sure that "commoncap" was built and loaded prior to trying to >>start BIND. A bit >>of google searching, and this seemed to have helped everyone else, but >>not me.=20 >> =20 >> >I had the same problem and googled it, and the module I found I had to p= ut=20 >into /etc/modules.autoload.d/kernel-2.6 was =A8capability=A8, not =A8com= moncap=A8.=20 >But perhaps you=B4re using a 2.4 kernel and it=B4s different - i just su= bscribed=20 >to the mailing list and didn=B4t see the original post. > =20 > I saw the "capability" stuff too, and thought that was the same as=20 "commoncap". So now I have to ask... Where do you turn on "capability"? I did a "grep=20 CAP .config" and got only 2 entries, the one that produced commoncap, and another=20 that was completely unrelated. (sound, maybe?) I'm running 2.6, by the way. Dale --=20 gentoo-hardened@gentoo.org mailing list