mknod denials, avcs from dmesg please help
Daniel J Walsh
dwalsh at redhat.com
Mon Jun 4 18:55:57 UTC 2007
Ok the avc
audit(1180944508.786:4): avc: denied { write } for pid=655 comm="mknod" name="/" dev=tmpfs ino=752 scontext=system_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:device_t:s0 tclass=dir
Looks like the interesting one. The rest were caused by you doing a restorecon -R -v /, or the original mislabeling of /root.
What node is insmod trying to create in /dev? Do you have any idea what is going on here?
This is very strange that you would get this avc since insmod_t is supposed to be unconfined in FC-7
Also
More information about the fedora-selinux-list
mailing list