SuperSavage/IXC 64 hassle making DRI and SELinux work together

jfrieben at freesurf.fr jfrieben at freesurf.fr
Thu Jul 28 20:31:11 UTC 2005


There are many AVC entries in both files "/var/log/messages" and
"/var/log/audit/audit.log". However, they do not seem to be related to the
use of DRM. In particular, there is no additional entry upon call of
"glxinfo" related to the SELinux framework, whereas there is some output to
"/var/log/dmesg". If "SELinux" had intercepted some unauthorized
access/action, it should at least have reported this somewhat more verbosely
instead of simply crashing the X server in the case of "glxgears" - right?
Here comes the snippet from "/var/log/messages" with AVC related stuff from
the system boot procedure:

"Jul 28 19:38:04 riemann kernel: audit(1122572272.500:3): avc:  denied  {
read write } for  pid=1879 comm="runlevel" name="utmp" dev=dm-0 ino=196617
scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:init_var_run_t
tclass=file
Jul 28 19:38:04 riemann kernel: audit(1122572272.500:4): avc:  denied  {
read }for  pid=1879 comm="runlevel" name="utmp" dev=dm-0 ino=196617
scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:init_var_run_t
tclass=file
Jul 28 19:38:04 riemann kernel: audit(1122572272.500:5): avc:  denied  {
read write } for  pid=1879 comm="runlevel" name="utmp" dev=dm-0 ino=196617
scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:init_var_run_t
tclass=file
Jul 28 19:38:04 riemann kernel: audit(1122572272.500:6): avc:  denied  {
read }for  pid=1879 comm="runlevel" name="utmp" dev=dm-0 ino=196617
scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:init_var_run_t
tclass=file
Jul 28 19:38:04 riemann kernel: SELinux: initialized (dev rpc_pipefs, type
rpc_pipefs), uses genfs_contexts".





More information about the fedora-devel-list mailing list