[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

AVCs with ntpd

From: Felipe Alfaro Solana <felipe_alfaro linuxmail org>
To: fedora-selinux-list redhat com
Subject: AVCs with ntpd
Date: Mon, 20 Sep 2004 14:18:17 +0200

OK, so I'm trying SElinux after having it disabled for some time. That's what I did:

1. Installed selinux-policy-targeted-1.17.16-2
2. Recompiled the kernel with SElinux support
3. Booted into single user mode
4. Ran "fixfiles relabel"
5. Rebooted with "selinux=1"

Now, I'm seeing a lot of these:

audit(1095681913.039:0(: avc: denied { search } for pid=2515 exe=/usr/sbin/ntpd dev=tmpfs ino=357 scontext=user_u:system_r:ntpd_t tcontext=user_u:object_r"tmpfs_t tclass=dir

The problem here is that I'm using UDEV and that the initial ramdisk mounts a tmpfs on top of "/dev", thus, covering the labeled "/dev" that resides on disk.

How should I fix this?

Follow-Ups:
- Re: AVCs with ntpd
  - From: Daniel J Walsh
- Re: AVCs with ntpd
  - From: Stephen Smalley
- Re: AVCs with ntpd
  - From: Bob Gustafson

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]