rawhide report: 20070207 changes
Dave Jones
davej at redhat.com
Wed Feb 7 20:18:21 UTC 2007
On Wed, Feb 07, 2007 at 02:52:01PM -0500, David Zeuthen wrote:
> On Wed, 2007-02-07 at 19:26 +0100, David Nielsen wrote:
> > Upon investigation this appears to be a SELinux policy issue actually,
> > I see the following in dmesg after attempting to start HAL:
> >
> > audit(1170872559.797:8): avc: denied { write } for pid=4679
> > comm="hald-generate-f" name="hald" dev=dm-3 ino=4653249
> > scontext=user_u:system_r:hald_t:s0 tcontext=system_u:object_r:var_t:s0
> > tclass=dir
> >
> > However the policy relabeling is a tad problematic as seen in #227702
>
> I'm slightly annoyed that everytime I do the smallest change in HAL then
> SELinux breaks something insofar that it prevents HAL from doing what it
> needs to do. In a way it's good, it's what SELinux is _supposed_ to do
> but it's just bloody annoying nonetheless. Maybe the policy is too
> strict, maybe HAL is moving too fast. I don't know.
I'm puzzled why you're not seeing these when you test the code before
pushing it. Are you running with selinux disabled ?
Or is it failing only in certain hardware configurations that you don't have?
Dave
--
http://www.codemonkey.org.uk
More information about the fedora-devel-list
mailing list