avc denied from kernel 427 update
Richard Hally
rhallyx at mindspring.com
Sun Jun 13 06:29:05 UTC 2004
Below a few of the over 100 warning and error messages from doing yum
update today.(6/12/04) Of the ones that didn't scroll off, they are all
about the 427/build directory tree.
This is in enforcing mode using the most recent strict policy that
existed before todays update to
selinux-policy-strict-sources-1.13.4-5. The avc denied messages are
further below.
HTH
Richard Hally
-----------------------------------------------------------------------------------------------------
from yum update:
...
WARNING: Couldn't stat /lib/modules/2.6.6-1.427/build/.config:
Permission denied
WARNING: Couldn't stat /lib/modules/2.6.6-1.427/build/init/Makefile:
Permission denied
WARNING: Couldn't stat /lib/modules/2.6.6-1.427/build/init/Kconfig:
Permission denied
FATAL: Could not open /lib/modules/2.6.6-1.427/modules.dep.temp for
writing: Permission denied
/bin/bash: /root/.bashrc: Permission denied
No dep file found for kernel 2.6.6-1.427
mkinitrd failed
-------------------------------------------------------------------
And here are some of the avc denied messages
Jun 12 19:27:20 new2 kernel: audit(1087082831.128:0): avc: denied {
getattr }
for pid=5774 exe=/sbin/depmod
path=/lib/modules/2.6.6-1.427/build/net/ipv4/Kconfig dev=hda2 ino=543312
scontext=root:sysadm_r:depmod_t tcontext=system_u:object_r:lib_t tclass=file
Jun 12 19:27:20 new2 kernel: audit(1087082831.142:0): avc: denied {
getattr }
for pid=5774 exe=/sbin/depmod
path=/lib/modules/2.6.6-1.427/build/.config dev=hda2 ino=525543
scontext=root:sysadm_r:depmod_t tcontext=system_u:object_r:lib_t
tclass=file
Jun 12 19:27:20 new2 kernel: audit(1087082831.142:0): avc: denied {
getattr }
for pid=5774 exe=/sbin/depmod
path=/lib/modules/2.6.6-1.427/build/init/Makefile dev=hda2 ino=525592
scontext=root:sysadm_r:depmod_t tcontext=system_u:object_r:lib_t tclass=file
Jun 12 19:27:20 new2 kernel: audit(1087082831.142:0): avc: denied {
getattr }
for pid=5774 exe=/sbin/depmod
path=/lib/modules/2.6.6-1.427/build/init/Kconfig
dev=hda2 ino=525591 scontext=root:sysadm_r:depmod_t
tcontext=system_u:object_r:lib_t tclass=file
Jun 12 19:27:20 new2 kernel: audit(1087082831.142:0): avc: denied {
write } for pid=5774 exe=/sbin/depmod name=2.6.6-1.427 dev=hda2
ino=525541 scontext=root:sysadm_r:depmod_t
tcontext=system_u:object_r:lib_t tclass=dir
More information about the fedora-selinux-list
mailing list