selinux and udev ?
Nicolas Mailhot
nicolas.mailhot at laposte.net
Wed Nov 30 20:12:36 UTC 2005
Le mardi 29 novembre 2005 à 18:49 -0500, Daniel J Walsh a écrit :
> Nicolas Mailhot wrote:
> > Le mardi 29 novembre 2005 à 15:01 -0500, Daniel J Walsh a écrit :
> >
> >> Nicolas Mailhot wrote:
> >>
> >
> >
> >>> The udev denial seems fixed with selinux-policy-targeted-2.0.6-1. So
> >>> things get (slowly) fixed. But most issues are still there :
> >>>
> >>> audit2allow < /var/log/audit/audit.log
> >>>
> You should do
>
> audit2allow -l < /var/log/audit/audit.log
>
> To only get the messages of what AVC messages you got after the last reload.
Right now my procedure is :
1. install policy
2. touch ./autorelabel
3. init 6
4. init 1
5. mv /var/log/audit/audit.log somewhere_else
6. init 6
7. do some stuff
8. audit2allow
which should be at least as strict of what you propose
> Please attach the audit.log
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=172496#c23
Regards,
--
Nicolas Mailhot
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 197 bytes
Desc: Ceci est une partie de message num?riquement sign?e
URL: <http://listman.redhat.com/archives/fedora-selinux-list/attachments/20051130/6fb6f26b/attachment.sig>
More information about the fedora-selinux-list
mailing list