rawhide report: 20070207 changes

Dave Jones davej at redhat.com
Wed Feb 7 20:18:21 UTC 2007


On Wed, Feb 07, 2007 at 02:52:01PM -0500, David Zeuthen wrote:
 > On Wed, 2007-02-07 at 19:26 +0100, David Nielsen wrote:
 > > Upon investigation this appears to be a SELinux policy issue actually, 
 > > I see the following in dmesg after attempting to start HAL:
 > > 
 > > audit(1170872559.797:8): avc:  denied  { write } for  pid=4679
 > > comm="hald-generate-f" name="hald" dev=dm-3 ino=4653249
 > > scontext=user_u:system_r:hald_t:s0 tcontext=system_u:object_r:var_t:s0
 > > tclass=dir
 > > 
 > > However the policy relabeling is a tad problematic as seen in #227702
 > 
 > I'm slightly annoyed that everytime I do the smallest change in HAL then
 > SELinux breaks something insofar that it prevents HAL from doing what it
 > needs to do. In a way it's good, it's what SELinux is _supposed_ to do
 > but it's just bloody annoying nonetheless. Maybe the policy is too
 > strict, maybe HAL is moving too fast. I don't know.

I'm puzzled why you're not seeing these when you test the code before
pushing it.  Are you running with selinux disabled ?
Or is it failing only in certain hardware configurations that you don't have?

		Dave

-- 
http://www.codemonkey.org.uk




More information about the fedora-devel-list mailing list