dansguardian and selinux
Vikram Goyal
vikigoyal at gmail.com
Fri Mar 21 13:51:14 UTC 2008
On Tue, Mar 18, 2008 at 10:48:10AM -0400, Daniel J Walsh wrote:
Hello Daniel,
> Vikram Goyal wrote:
> > Hi,
> >
> > I am running dansguardian ( content filter ) and squid. Versions:
> >
> > dansguardian-2.8.0.6-1.2.fc8.rf
> > squid-2.6.STABLE17-1.fc8
<snip>
>
> I have attached a policy te file to handle these avc;s
>
> These look like leaked file descriptors and I think dansguardian must be
> starting up squid.
>
> dansguardian should close open file descriptors on exec
>
> fcntl(fd, F_SETFD, FD_CLOEXEC)
>
<snip>
The avcs have vanished after the recent update, I waited for the system
to go through its cron cycle to confirm. I believe you incorporated them
in the new policy as always.
Thanks a lot,
--
vikram...
||||||||
||||||||
^^'''''^^||root||^^^'''''''^^
// \\ ))
//(( \\// \\
// /\\ || \\
|| / )) (( \\
--
Fishbowl, n.:
A glass-enclosed isolation cell where newly promoted managers are
kept for observation.
--
_
~|~
=
More information about the fedora-list
mailing list