Good job on narrowing it down to SELinux. But I would say that disabling
SELinux isn't really a solution. You might want to look for avc: denied
messages in your audit logs to see what access SELinux was denying. It
could then be fixed, probably by relabeling a file (hopefully not by
modifying policy). You could do this check in enabled or permissive mode,
and get help on the redhat SELinux mailing list.
Then again, if you're not running a server and not worried about SELinux's
MAC capabilities, you might just want to stick with your workaround!
Steve Brueckner, ATC-NY
-----Original Message-----
From: Omer Khalid [mailto:Omer.Khalid@xxxxxxx]
Sent: Thursday, January 25, 2007 5:31 AM
To: Petersson, Mats
Cc: Christopher G. Stach II; Henning Sprang; xen-users@xxxxxxxxxxxxxxxxxxx
Subject: Re: [Xen-users] Can't add a user to Xen 3.0.3 VM !
You are absolute right Mat! SELinux was enabled and disabling it solved the
problem :-)
Many thanks to all of you who responded so promptly to my email.
Best Regards, and have a good day!
Omer
On 1/24/07, Petersson, Mats <Mats.Petersson@xxxxxxx> wrote:
> -----Original Message-----
> From: okhalid.cern@xxxxxxxxx [mailto:okhalid.cern@xxxxxxxxx]
> On Behalf Of Omer Khalid
> Sent: 24 January 2007 15:00
> To: Henning Sprang; Christopher G. Stach II; Petersson, Mats
> Cc: xen-users@xxxxxxxxxxxxxxxxxxx
> Subject: Re: [Xen-users] Can't add a user to Xen 3.0.3 VM !
>
> OK... I followed Mat's suggestion and added a user "blah" to
> /etc/passwd file. When I tried to update its password, I got
> the following error:
>
> [root@CTBhome ]# passwd blah
> Changing password for user blah.
> passwd: Authentication token manipulation error
Let me guess: You have selinux on your machine? If that's the case,
you
need to use the "approved" method of adding users. Again, nothing to
do
with Xen.
--
Mats
>
> ==
>
> When I execute " pwconv", I get the following error:
>
> [root@CTB home]# pwconv
> pwconv: can't update shadow file
>
> Christopher, I did't what you meant regarding "vipw', and
> then "cp -a /etc/skel/..".. could you explain?
vipw is a special script/application that essentially does "vi
passwd".
Not sure what the purpose of the copying of /etc/skel is supposed to
do.
--
Mats
>
> Any more ideas gentlemen?
>
> Cheers
> Omer
>
>
> On 1/24/07, Henning Sprang < henning_sprang@xxxxxx> wrote:
>
> On 1/24/07, Omer Khalid <Omer.Khalid@xxxxxxx> wrote:
> > Hi,
> >
> > I am running a VM with Xen 3.0.3. The domU OS is
> Scientific Linux 4 which is
> > based on Red Hat Enterprise 4.4. I could deploy the
> virtual machine, and it
> > runs all the services but I can't add new user. I get
> the following error:
> >
> > [root@CTB /]# uname -r
> > 2.6.9-42.0.3.EL.cernxenU
> > [ root@CTB /]# adduser testuser
> > adduser: cannot rewrite password file
>
> Hmm, in some redhat or suse based vm, depending on how they
were
> installed, I needed to do a "pwconv" first, before
> being a ble to use
> the passwd file correctly.
>
> HTH
> Henning
>
>
>
>
>
> --
> ---------------------------------------------------------------
>
>
> CERN - European Organization for Nuclear
> IT Department, CH-1211 Geneva 23, Switzerland
>
> Phone: +41 (0) 22 767 7996
> Fax: +41 (0) 22 767 4900
> E-mail : Omer.Khalid@xxxxxxx <mailto:Omer.Khalid@xxxxxxx>
> Homepage: http://cern.ch/Omer.Khalid
>
--
---------------------------------------------------------------
CERN - European Organization for Nuclear IT Department, CH-1211 Geneva 23,
Switzerland
Phone: +41 (0) 22 767 7996
Fax: +41 (0) 22 767 4900
E-mail : Omer.Khalid@xxxxxxx
Homepage: http://cern.ch/Omer.Khalid
_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
|