Re: gpg avc

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Tue, 2004-04-20 at 22:02, Josh Boyer wrote:
> Trying to generate a new gpg key fails with the latest policy updates. 
> Below is the avc:
> 
> audit(1082512578.827:0): avc:  denied  { read } for  pid=2543
> exe=/usr/bin/gpg name=random dev=hda5 ino=267501
> scontext=user_u:user_r:user_gpg_t
> tcontext=system_u:object_r:random_device_t tclass=chr_file
> 
> [jwboyer@localhost jwboyer]$ rpm -q policy
> policy-1.11.2-9

Try this patch, will be in the next policy.



--- policy-1.11.2/macros/program/gpg_macros.te~	2004-04-13 19:56:28.000000000 -0400
+++ policy-1.11.2/macros/program/gpg_macros.te	2004-04-20 22:34:54.883836664 -0400
@@ -42,7 +42,7 @@
 allow $1_t $1_gpg_secret_t:file getattr;
 
 allow $1_gpg_t device_t:dir r_dir_perms;
-allow $1_gpg_t urandom_device_t:chr_file r_file_perms;
+allow $1_gpg_t { random_device_t urandom_device_t }:chr_file r_file_perms;
 
 allow $1_gpg_t etc_t:file r_file_perms;

Attachment: signature.asc
Description: This is a digitally signed message part


[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Big List of Linux Books]     [Yosemite News]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux