Re: kernel RPM install avc message

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thu, 1 Apr 2004 14:38, Dax Kelson <dax@xxxxxxxxxxxx> wrote:
> I have a fresh FC2T2 install. I did the following to make up2date work:
>
> /usr/bin/setfilecon system_u:object_r:rpm_exec_t /usr/sbin/up2date
>
> Then I ran "up2date-nox kernel"
>
> The following appeared. It seems the kernel did install OK.
>
> audit(1080787992.351:0): avc:  denied  { search } for  pid=20375
> exe=/bin/bash name=root dev=hda8 ino=179873
> scontext=root:sysadm_r:bootloader_t
> tcontext=root:object_r:staff_home_dir_t tclass=dir
> /bin/bash: /root/.bashrc: Permission denied

What was the working directory at the time you ran up2date?  Was 
it /home/something?

We don't want to grant such domains wide access, and we also don't want large 
dontaudit rules (they increase the size of the policy, increase kernel memory 
use, etc).

Is it acceptable that sometimes if you run something from an unusual directory 
then it will cause an audit message?

-- 
http://www.coker.com.au/selinux/   My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/  Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/    Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/  My home page

[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Big List of Linux Books]     [Yosemite News]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux