On Tue, 2007-06-12 at 07:32 -0400, Stephen Smalley wrote:
On Mon, 2007-06-11 at 16:16 -0500, Tom "spot" Callaway wrote:
On Mon, 2007-06-11 at 12:07 -0700, Tom London wrote:
On 6/10/07, Tom London <selinux gmail com> wrote:
Running latest Rawhide, targeted.
Running in enforcing mode, audio-entropyd fails to start.
Flipping to permissive mode and restarting, I get these:
(audit messages snipped)
I tried to make a module for audio-entropyd to fix this, but it doesn't
seem to do the job. Can anyone advise me on what I'm doing wrong?
Here are my three files:
http://people.redhat.com/tcallawa/selinux/
Thanks in advance,
Can you clarify what you mean by "doesn't seem to do the job"? You
still get avc denials? Which ones?
I'm still getting similar avc denials:
Raw Audit Messages :avc: denied { read, write } for
comm="audio-entropyd" dev=tmpfs egid=0 euid=0
exe="/usr/sbin/audio-entropyd" exit=4 fsgid=0 fsuid=0 gid=0 items=0
name="random" pid=3939 scontext=user_u:system_r:entropyd_t:s0 sgid=0
subj=user_u:system_r:entropyd_t:s0 suid=0 tclass=chr_file
tcontext=system_u:object_r:random_device_t:s0 tty=(none) uid=0
Raw Audit Messages :avc: denied { dac_override } for
comm="audio-entropyd" egid=0 euid=0 exe="/usr/sbin/audio-entropyd"
exit=5 fsgid=0 fsuid=0 gid=0 items=0 pid=3939
scontext=user_u:system_r:entropyd_t:s0 sgid=0
subj=user_u:system_r:entropyd_t:s0 suid=0 tclass=capability
tcontext=user_u:system_r:entropyd_t:s0 tty=(none) uid=0
~spot