[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]
Re: mount ?
- From: Daniel J Walsh <dwalsh redhat com>
- To: "Fedora SELinux support list for users & developers." <fedora-selinux-list redhat com>
- Subject: Re: mount ?
- Date: Thu, 16 Sep 2004 13:51:32 -0400
Tom London wrote:
Running strict/enforcing, with latest from Dan's tree.
The 'mount' command produces no output when run in enforcing mode.
Works fine in permissive mode.
No AVCs produced.....
tom
--
fedora-selinux-list mailing list
fedora-selinux-list redhat com
http://www.redhat.com/mailman/listinfo/fedora-selinux-list
Try this.
diff --exclude-from=exclude -N -u -r nsapolicy/domains/program/mount.te
policy-1.17.17/domains/program/mount.te
--- nsapolicy/domains/program/mount.te 2004-09-14 09:18:10.000000000 -0400
+++ policy-1.17.17/domains/program/mount.te 2004-09-16
13:50:45.899174425 -0400
@@ -93,7 +93,8 @@
allow mount_t file_type:filesystem { unmount mount relabelto };
allow mount_t mnt_t:dir { getattr };
-dontaudit mount_t { userdomain kernel_t}:fd use;
+allow mount_t { userdomain }:fd use;
+dontaudit mount_t { kernel_t}:fd use;
can_exec(mount_t, { sbin_t bin_t })
allow mount_t device_t:dir r_dir_perms;
ifdef(`distro_redhat', `
[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]