Re: Fresh rawhide install / AVC messages

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wed, 2004-03-10 at 01:19, Dax Kelson wrote:
> On Wed, 10 Mar 2004, Russell Coker wrote:
[SNIP]
> I think a fair amount of these were triggered from RH's "firstboot"  
> program that does some post-install tasks on the first boot (surprise
> surprise) of a freshly installed system.
> 
> I have made no custom changes to my box at this point.
[SNIP]
> > > audit(1078849246.286:0): avc:  denied  { create } for  pid=4526
> > > exe=/usr/bin/python key=0 scontext=system_u:system_r:initrc_t
> > > tcontext=system_u:system_r:initrc_t tclass=shm audit(1078849246.286:0):
> > > avc:  denied  { unix_read unix_write } for  pid=4526 exe=/usr/bin/python
> > > key=0 scontext=system_u:system_r:initrc_t
> > > tcontext=system_u:system_r:initrc_t tclass=shm audit(1078849246.286:0):
> > > avc:  denied  { read write } for  pid=4526 exe=/usr/bin/python key=0
> > > scontext=system_u:system_r:initrc_t tcontext=system_u:system_r:initrc_t
> > > tclass=shm
> > 
> > Any idea what this program is?
> 
> Maybe it is firstboot.

Firstboot was what came to mind when I read Dax's original message.

Since firstboot exists to perform one-time, first-time (though not
entirely necessary) things I think we should look at adding policy just
for firstboot.  Then, the last thing that firstboot should do is to
remove the firstboot only policy into the appropriate "unused"
directory.
-- 
Lamont Peterson <lamont@xxxxxxxxxxxx>
Senior Instructor
Guru Labs <http://www.gurulabs.com/>

Attachment: signature.asc
Description: This is a digitally signed message part


[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Big List of Linux Books]     [Yosemite News]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux