LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 07-11-2013, 01:05 PM   #1
tezarin
Member
 
Registered: Nov 2007
Posts: 126

Rep: Reputation: 0
Useradd command no longer works


Hi all,

This is very unusual, I type commands on my Linux box all the time but for some reason, today I tried to add a user but I won't get the command line back after running it!

Linux servername 2.6.18-194.32.1.el5PAE

I run
Code:
/usr/sbin/userdel -r  tlancome
But I don't get the command line back afterward. I trt to add a new user and same thing. Even with -f.

The /var/log/messages's last line is:

Code:
Jul 11 12:50:52 servername setroubleshoot: SELinux is preventing the samba daemon from reading users' home directories. For complete SELinux messages. run sealert -l 09e57b13-5719-470a-99d2-b267e95becec
Code:
[root@servername sbin]# userdel -f tlancome &
returns
Code:
[1] 7788

Can you please help?

Thanks

Last edited by tezarin; 07-11-2013 at 01:14 PM.
 
Old 07-11-2013, 01:17 PM   #2
smallpond
Senior Member
 
Registered: Feb 2011
Location: Massachusetts, USA
Distribution: CentOS 6 (pre-systemd)
Posts: 2,614

Rep: Reputation: 703Reputation: 703Reputation: 703Reputation: 703Reputation: 703Reputation: 703Reputation: 703
Did you try running the command? It will tell you what is wrong.
Code:
sealert -l 09e57b13-5719-470a-99d2-b267e95becec
If you don't understand how to deal with selinux, you can disable it with:

Code:
echo 0 >/selinux/enforce
You also need to edit /etc/selinux/config to have it stay off at the next reboot.
 
Old 07-11-2013, 01:22 PM   #3
tezarin
Member
 
Registered: Nov 2007
Posts: 126

Original Poster
Rep: Reputation: 0
Quote:
Originally Posted by smallpond View Post
Did you try running the command? It will tell you what is wrong.
Code:
sealert -l 09e57b13-5719-470a-99d2-b267e95becec
If you don't understand how to deal with selinux, you can disable it with:

Code:
echo 0 >/selinux/enforce
You also need to edit /etc/selinux/config to have it stay off at the next reboot.
Thanks. But if I recall correctly, my server has always been complaining about the SELinux, but I have always been able to run my commands and get the prompt back. Not today, I run simple commands (passwd username) and it goes blank waiting for something...would you please tell me how I can fix that?
 
Old 07-11-2013, 01:27 PM   #4
tezarin
Member
 
Registered: Nov 2007
Posts: 126

Original Poster
Rep: Reputation: 0
Code:
[root@servername~]# sealert -l 09e57b13-5719-470a-99d2-b267e95becec

Summary:

SELinux is preventing the samba daemon from reading users' home directories.

Detailed Description:

[SELinux is in permissive mode, the operation would have been denied but was
permitted due to permissive mode.]

SELinux has denied the samba daemon access to users' home directories. Someone
is attempting to access your home directories via your samba daemon. If you only
setup samba to share non-home directories, this probably signals a intrusion
attempt. For more information on SELinux integration with samba, look at the
samba_selinux man page. (man samba_selinux)

Allowing Access:

If you want samba to share home directories you need to turn on the
samba_enable_home_dirs boolean: "setsebool -P samba_enable_home_dirs=1"

The following command will allow this access:

setsebool -P samba_enable_home_dirs=1

Additional Information:

Source Context                root:system_r:smbd_t
Target Context                root:object_r:user_home_t
Target Objects                ./7E245072656D69756D20686973746F72792E786C7378 [
                              dir ]
Source                        smbd
Source Path                   /usr/sbin/smbd
Port                          <Unknown>
Host                          servername
Source RPM Packages           samba-3.0.33-3.29.el5_5.1
Target RPM Packages
Policy RPM                    selinux-policy-2.4.6-279.el5_5.2
Selinux Enabled               True
Policy Type                   targeted
MLS Enabled                   True
Enforcing Mode                Permissive
Plugin Name                   samba_enable_home_dirs
Host Name                     servername
Platform                      Linux servername 2.6.18-194.32.1.el5PAE #1 SMP Wed Jan
                              5 18:43:13 EST 2011 i686 i686
Alert Count                   2
First Seen                    Tue Jun 26 09:21:39 2012
Last Seen                     Thu Jul 11 12:50:52 2013
Local ID                      09e57b13-5719-470a-99d2-b267e95becec
Line Numbers

Raw Audit Messages

host=servername type=AVC msg=audit(1373561452.724:11033): avc:  denied  { remove_nam                                                                             e } for  pid=7555 comm="smbd" name=7E245072656D69756D20686973746F72792E786C7378                                                                              dev=dm-2 ino=92340719 scontext=root:system_r:smbd_t:s0 tcontext=root:object_r:us                                                                             er_home_t:s0 tclass=dir

host=servername type=AVC msg=audit(1373561452.724:11033): avc:  denied  { unlink } f                                                                             or  pid=7555 comm="smbd" name=7E245072656D69756D20686973746F72792E786C7378 dev=d                                                                             m-2 ino=92340719 scontext=root:system_r:smbd_t:s0 tcontext=root:object_r:user_ho                                                                             me_t:s0 tclass=file

host=servername type=SYSCALL msg=audit(1373561452.724:11033): arch=40000003 syscall=                                                                             10 success=yes exit=0 a0=8b84038 a1=8bc56c0 a2=eaca68 a3=0 items=0 ppid=7549 pid                                                                             =7555 auid=0 uid=501 gid=0 euid=501 suid=0 fsuid=501 egid=101 sgid=0 fsgid=101 t                                                                             ty=(none) ses=1626 comm="smbd" exe="/usr/sbin/smbd" subj=root:system_r:smbd_t:s0                                                                              key=(null)
 
Old 07-11-2013, 01:30 PM   #5
tezarin
Member
 
Registered: Nov 2007
Posts: 126

Original Poster
Rep: Reputation: 0
Another example: When running a simple command like adduser, I get the following error:

Code:
adduser: unable to lock password file
 
Old 07-11-2013, 02:04 PM   #6
tezarin
Member
 
Registered: Nov 2007
Posts: 126

Original Poster
Rep: Reputation: 0
Update: The reboot fixed the issue,

Thanks again
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
[SOLVED] My long used su command no longer works. liberalchrist Slackware 11 05-20-2013 02:32 AM
DVB usb device no longer detected as a DVB , but as V4L., so no longer works vdemuth Slackware 4 12-21-2008 07:31 PM
my rpm command no longer works Niceman2005 Linux - General 3 07-07-2006 07:31 PM
Command No Longer Works carlosinfl Debian 2 11-02-2005 02:40 PM
upgraded to 2.6.9, "less" command no longer works kersten78 Slackware 2 10-21-2004 07:45 PM


All times are GMT -5. The time now is 02:31 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration