hald denied avcs for Fedora Core 6
Antonio Olivares
olivares14031 at yahoo.com
Wed Sep 19 12:47:21 UTC 2007
--- Ken YANG <spng.yang at gmail.com> wrote:
> Antonio Olivares wrote:
> > --- Daniel J Walsh <dwalsh at redhat.com> wrote:
> >
> > Antonio Olivares wrote:
> >>>> Dear all,
> >>>>
> >>>> I am getting the following denied avcs for hald
> > upon startup/shutdown. The selinux policy is up
> to
> > date, how can I fix this? There is no
> > troubleshooter like in fedora 7 which suggests a
> > fix.
> >>>> audit(1189722647.486:4): avc: denied { use }
> for
> > pid=3098 comm="hald" name="console" dev=tmpfs
> > ino=1083 scontext=system_u:system_r:hald_t:s0
> > tcontext=system_u:system_r:init_t:s0 tclass=fd
> >>>> audit(1189722647.487:5): avc: denied { use }
> for
> > pid=3098 comm="hald" name="console" dev=tmpfs
> > ino=1083 scontext=system_u:system_r:hald_t:s0
> > tcontext=system_u:system_r:init_t:s0 tclass=fd
> >>>> audit(1189722647.488:6): avc: denied { use }
> for
> > pid=3098 comm="hald" name="console" dev=tmpfs
> > ino=1083 scontext=system_u:system_r:hald_t:s0
> > tcontext=system_u:system_r:init_t:s0 tclass=fd
> >>>> [olivares at localhost ~]$ rpm -qa selinux*
> >>>> selinux-policy-2.4.6-80.fc6
> >>>> selinux-policy-targeted-2.4.6-80.fc6
> >>>> [olivares at localhost ~]$
> >>>>
> >>>>
> >>>> Thanks,
> >>>>
> >>>> Antonio
> >>>>
> >>>>
> >>>>
> >>>>
> >>>>
> >>>>
> >>
>
____________________________________________________________________________________
> >>>> Tonight's top picks. What will you watch
> tonight?
> > Preview the hottest shows on Yahoo! TV.
> >>>> http://tv.yahoo.com/
> >>>>
> >>>>
> >>>> --
> >>>> fedora-selinux-list mailing list
> >>>> fedora-selinux-list at redhat.com
> >>>>
> >
> https://www.redhat.com/mailman/listinfo/fedora-seli
> > grep hald /var/log/audit/audit.log | audit2allow
> -M
> > myhald
> > semodule -i myhald.pp
> >>
> > Thanks Daniel for responding, however applying
> your
> > commands fails with the following messages:
>
> > [root at localhost ~]# grep hald
> /var/log/audit/audit.log
> > | audit2allow -M myhald
> > grep: /var/log/audit/audit.log: No such file or
> > directory
> > compilation failed:
> > sh: /usr/bin/checkmodule: No such file or
> directory
>
> do you have checkpolicy package installed? the
> "checkmodule"
> command is in checkpolicy package
>
> > [root at localhost ~]# semodule -i myhald.pp
> > semodule: Could not read file 'myhald.pp':
> > [root at localhost ~]#
>
> > Thanks,
>
> > Antonio
>
>
>
> >
>
____________________________________________________________________________________
> > Moody friends. Drama queens. Your life? Nope! -
> their life, your story. Play Sims Stories at Yahoo!
> Games.
> > http://sims.yahoo.com/
>
> > --
> > fedora-selinux-list mailing list
> > fedora-selinux-list at redhat.com
> >
>
You have hit the nail in the coffin. checkpolicy is
not installed.
[olivares at localhost ~]$ rpm -qa check-policy
[olivares at localhost ~]$ rpm -qa checkpolicy
I'll yum install it and then report back.
I am thinking of moving this fc6 machine to f8t2,
should I wait till this bug is resolved/proceed with
the updates?
Regards,
Antonio
____________________________________________________________________________________
Tonight's top picks. What will you watch tonight? Preview the hottest shows on Yahoo! TV.
http://tv.yahoo.com/
More information about the fedora-selinux-list
mailing list