more on udev.te
Tom London
selinux at comcast.net
Sun Aug 29 20:48:15 UTC 2004
Russell,
Get many avc's like:
Aug 29 12:45:06 fedora kernel: audit(1093808656.624:0): avc: denied {
search } for pid=1354 exe=/bin/bash name=console dev=hda2 ino=4456494
scontext=system_u:system_r:udev_t
tcontext=system_u:object_r:pam_var_console_t tclass=dir
Aug 29 12:45:06 fedora kernel: audit(1093808656.757:0): avc: denied {
search } for pid=1357 exe=/bin/bash name=console dev=hda2 ino=4456494
scontext=system_u:system_r:udev_t
tcontext=system_u:object_r:pam_var_console_t tclass=dir
indicating that udev.te needs either
allow udev_t pam_var_console_t:dir { search };
or dontaudit udev_t pam_var_console_t:dir { search };
Either of those correct?
tom
More information about the fedora-selinux-list
mailing list