[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

dmesg avcs

From: Josh Boyer <jwboyer charter net>
To: fedora-selinux-list redhat com
Subject: dmesg avcs
Date: Sat, 6 Mar 2004 13:00:01 -0600

This is my first stab at working with selinux, so be gentle ;).

I am getting these avc messages when I run dmesg:

avc:  denied  { use } for  pid=2674 exe=/bin/dmesg path=/dev/pts/2 dev= ino=4 
scontext=root:system_r:dmesg_t tcontext=jwboyer:user_r:user_t tclass=fd

avc:  denied  { read write } for  pid=2674 exe=/bin/dmesg path=/dev/pts/2 dev= 
ino=4 scontext=root:system_r:dmesg_t tcontext=root:object_r:user_devpts_t 
tclass=chr_file

So in the dmesg.te file, i defined the following rules:

allow dmesg_t user_devpts_t:chr_file { read write getattr };
allow dmesg_t user_t:fd { use };

does that look correct?  from my understanding, the 2 rules i added allow the 
dmesg_t domain read, write, and getattr access to pts char files...

josh

Follow-Ups:
- Re: dmesg avcs
  - From: Russell Coker
- Re: dmesg avcs
  - From: Daniel J Walsh

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]