This is my first stab at working with selinux, so be gentle ;).
I am getting these avc messages when I run dmesg:
avc: denied { use } for pid=2674 exe=/bin/dmesg path=/dev/pts/2 dev= ino=4
scontext=root:system_r:dmesg_t tcontext=jwboyer:user_r:user_t tclass=fd
avc: denied { read write } for pid=2674 exe=/bin/dmesg path=/dev/pts/2 dev=
ino=4 scontext=root:system_r:dmesg_t tcontext=root:object_r:user_devpts_t
tclass=chr_file
So in the dmesg.te file, i defined the following rules:
allow dmesg_t user_devpts_t:chr_file { read write getattr };
allow dmesg_t user_t:fd { use };
does that look correct? from my understanding, the 2 rules i added allow the
dmesg_t domain read, write, and getattr access to pts char files...
josh
