[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: Fedora Core 5 Test Update: selinux-policy-2.2.29-3.fc5

From: Daniel J Walsh <dwalsh redhat com>
To: For testers of Fedora Core development releases <fedora-test-list redhat com>
Subject: Re: Fedora Core 5 Test Update: selinux-policy-2.2.29-3.fc5
Date: Sat, 08 Apr 2006 10:55:16 -0400

Jason L Tibbitts III wrote:

"DJW" == Daniel J Walsh <Daniel> writes:


DJW> Did you get any avc messages?

That system is constantly throwing denials from hald and mount, but
looking back through the log I see the following two messages at the
time I applied the update:

Apr  4 16:24:21 util10 kernel: audit(1144185861.320:675): avc:  denied  { write } for  pid=19560 comm="semodule" name="files" dev=dm-0 ino=165314 scontext=user_u:system_r:semanage_t:s0 tcontext=system_u:object_r:file_context_t:s0 tclass=dir
Apr  4 16:24:21 util10 kernel: audit(1144185861.340:676): avc:  denied  { write } for  pid=19560 comm="semodule" name="files" dev=dm-0 ino=165314 scontext=user_u:system_r:semanage_t:s0 tcontext=system_u:object_r:file_context_t:s0 tclass=dir

 - J<

This rule should be in policy, but it might have been in this update.You can force the update by temporarily executing setenforce 0, or youcould add this rule to policy via


grep semodule /var/log/messages | audit2allow -M temp

semodule -l temp.pp

Update rpm

semodule -r temp

References:
- Fedora Core 5 Test Update: selinux-policy-2.2.29-3.fc5
  - From: Daniel Walsh
- Re: Fedora Core 5 Test Update: selinux-policy-2.2.29-3.fc5
  - From: Jason L Tibbitts III
- Re: Fedora Core 5 Test Update: selinux-policy-2.2.29-3.fc5
  - From: Daniel J Walsh
- Re: Fedora Core 5 Test Update: selinux-policy-2.2.29-3.fc5
  - From: Jason L Tibbitts III

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]