[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: AVCs with rawhide policy....

From: Stephen Smalley <sds tycho nsa gov>
To: Tom London <selinux gmail com>
Cc: "Fedora SELinux support list for users & developers." <fedora-selinux-list redhat com>
Subject: Re: AVCs with rawhide policy....
Date: Thu, 01 Mar 2007 07:04:17 -0500

On Wed, 2007-02-28 at 18:15 -0800, Tom London wrote:
> Running latest rawhide, targeted/enforcing.
> 
> Get these on boot in /var/log/messages:
> 
> Feb 28 18:03:58 localhost kernel: audit(1172714587.604:4): avc:
> denied  { getattr } for  pid=436 comm="mount" name="/" dev=selinuxfs
> ino=540 scontext=system_u:system_r:mount_t:s0
> tcontext=system_u:object_r:security_t:s0 tclass=filesystem

Change to libselinux by Steve Grubb.  The corresponding change to policy
was already committed upstream, so Dan just needs to pull it in
(allowing this permission in the selinux_get_fs_mount interface/macro).

-- 
Stephen Smalley
National Security Agency

References:
- AVCs with rawhide policy....
  - From: Tom London

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]