-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Richi Plana wrote: > Hi, Daniel. > > On Thu, 2007-11-01 at 13:58 -0400, Daniel J Walsh wrote: >> Please attach avc messages? >> >> These devices should be labeled usb_device_t > > Thanks for the tip. > > Well, after reading your email, I checked the context and it's > definitely labeled "device_t". I looked at my selinux file_contexts and > the closest match for /dev/usbmon? was /dev/.* (which gave it a context > of device_t). > > More info: > > selinux-policy-targeted-2.6.4-48.fc7 > > I haven't edited it. And: > > # ll -Z /dev/usb* > lrwxrwxrwx root root > system_u:object_r:device_t /dev/usbdev1.1_ep00 -> > bus/usb/1/1_ep/00 > lrwxrwxrwx root root > system_u:object_r:device_t /dev/usbdev1.1_ep81 -> > bus/usb/1/1_ep/81 > lrwxrwxrwx root root > system_u:object_r:device_t /dev/usbdev1.2_ep00 -> > bus/usb/1/2_ep/00 > lrwxrwxrwx root root > system_u:object_r:device_t /dev/usbdev1.2_ep81 -> > bus/usb/1/2_ep/81 > lrwxrwxrwx root root > system_u:object_r:device_t /dev/usbdev2.1_ep00 -> > bus/usb/2/1_ep/00 > lrwxrwxrwx root root > system_u:object_r:device_t /dev/usbdev2.1_ep81 -> > bus/usb/2/1_ep/81 > crw------- root root system_u:object_r:device_t /dev/usbmon0 > crw------- root root system_u:object_r:device_t /dev/usbmon1 > crw------- root root system_u:object_r:device_t /dev/usbmon2 > > FYI. > > Thanks! > -- > > Richi Plana > Ok please update to the latest fc7 policy. selinux-policy-2.6.4-53.fc7 is in testing. I definitely see a path match for this in there. grep usbmon policy-20070501.patch +/dev/usbmon[0-9]+ -c gen_context(system_u:object_r:usb_device_t,s0) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iD8DBQFHMIftrlYvE4MpobMRAkgdAKCm8fRWlWQDWUmkMDHvGRNdk1+CfwCfXlJg PJ6V75ukrSeM2iwOwX0rvoI= =up/s -----END PGP SIGNATURE----- -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
