hald denied avcs for Fedora Core 6

Ken YANG spng.yang at gmail.com
Wed Sep 19 04:43:37 UTC 2007 

Antonio Olivares wrote:
> --- Daniel J Walsh <dwalsh at redhat.com> wrote:
> 
> Antonio Olivares wrote:
>>>> Dear all,
>>>>
>>>> I am getting the following denied avcs for hald
> upon startup/shutdown.  The selinux policy is up to
> date, how can I fix this?  There is no
> troubleshooter like in fedora 7 which suggests a
> fix.  
>>>> audit(1189722647.486:4): avc:  denied  { use } for
>  pid=3098 comm="hald" name="console" dev=tmpfs
> ino=1083 scontext=system_u:system_r:hald_t:s0
> tcontext=system_u:system_r:init_t:s0 tclass=fd
>>>> audit(1189722647.487:5): avc:  denied  { use } for
>  pid=3098 comm="hald" name="console" dev=tmpfs
> ino=1083 scontext=system_u:system_r:hald_t:s0
> tcontext=system_u:system_r:init_t:s0 tclass=fd
>>>> audit(1189722647.488:6): avc:  denied  { use } for
>  pid=3098 comm="hald" name="console" dev=tmpfs
> ino=1083 scontext=system_u:system_r:hald_t:s0
> tcontext=system_u:system_r:init_t:s0 tclass=fd
>>>> [olivares at localhost ~]$ rpm -qa selinux*
>>>> selinux-policy-2.4.6-80.fc6
>>>> selinux-policy-targeted-2.4.6-80.fc6
>>>> [olivares at localhost ~]$ 
>>>>
>>>>
>>>> Thanks,
>>>>
>>>> Antonio 
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>      
>> ____________________________________________________________________________________
>>>> Tonight's top picks. What will you watch tonight?
> Preview the hottest shows on Yahoo! TV.
>>>> http://tv.yahoo.com/ 
>>>>
>>>>
>>>> --
>>>> fedora-selinux-list mailing list
>>>> fedora-selinux-list at redhat.com
>>>>
> https://www.redhat.com/mailman/listinfo/fedora-seli
> grep hald /var/log/audit/audit.log | audit2allow -M
> myhald
> semodule -i myhald.pp
>>
> Thanks Daniel for responding, however applying your
> commands fails with the following messages:

> [root at localhost ~]# grep hald /var/log/audit/audit.log
> | audit2allow -M myhald
> grep: /var/log/audit/audit.log: No such file or
> directory
> compilation failed:
> sh: /usr/bin/checkmodule: No such file or directory

do you have checkpolicy package installed? the "checkmodule"
command is in checkpolicy package

> [root at localhost ~]# semodule -i myhald.pp
> semodule:  Could not read file 'myhald.pp':
> [root at localhost ~]#

> Thanks,

> Antonio 



> ____________________________________________________________________________________
> Moody friends. Drama queens. Your life? Nope! - their life, your story. Play Sims Stories at Yahoo! Games.
> http://sims.yahoo.com/  

> --
> fedora-selinux-list mailing list
> fedora-selinux-list at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-selinux-list

More information about the fedora-selinux-list mailing list