SELinux enforcing disallows opening floppy drive in Nautilus
J. K. Cliburn
jcliburn at gmail.com
Thu Apr 13 15:25:03 UTC 2006
On 4/12/06, Stephen Smalley <sds at tycho.nsa.gov> wrote:
> On Wed, 2006-04-12 at 14:43 -0400, Stephen Smalley wrote:
> > > And "some process" can be as simple as umount:
> > >
> > > # ls -Z /etc/mtab
> > > -rw-r--r-- root root system_u:object_r:etc_runtime_t /etc/mtab
> > > # ls -i /etc/mtab
> > > 31987 /etc/mtab
> > > # umount /opt
> > > # ls -Z /etc/mtab
> > > -rw-r--r-- root root user_u:object_r:etc_t /etc/mtab
> > > # ls -i /etc/mtab
> > > 33358 /etc/mtab
> >
> > Hmm...that's interesting. umount should run in the same domain as
> > mount, and they should thus have a type transition on etc_t:file to
> > etc_runtime_t. ls -Z /bin/umount
>
> Looks like there is no transition defined into mount_t from
> unconfined_t? So umount and mount are just run in unconfined_t? And
> unconfined_t lacks the type transition?
Sorry to be a pest, but what action do I need to take on my system to
enable correct floppy drive mounting and unmounting?
More information about the fedora-selinux-list
mailing list