I am just adding the audit output I got with regards to lvm.static:
audit(1087215619.565:0): avc: denied { read } for pid=835
exe=/sbin/lvm.static name=dri dev=hda6 ino=409347
scontext=system_u:system_r:lvm_t tcontext=system_u:object_r:dri_device_t
tclass=dir
audit(1087215619.575:0): avc: denied { search } for pid=835
exe=/sbin/lvm.static name=dri dev=hda6 ino=409347
scontext=system_u:system_r:lvm_t tcontext=system_u:object_r:dri_device_t
tclass=dir
audit(1087215621.189:0): avc: denied { getattr } for pid=835
exe=/sbin/lvm.static path=/dev/shm dev=hda6 ino=603157
scontext=system_u:system_r:lvm_t tcontext=system_u:object_r:file_t
tclass=dir
audit(1087215621.189:0): avc: denied { read } for pid=835
exe=/sbin/lvm.static name=shm dev=hda6 ino=603157
scontext=system_u:system_r:lvm_t tcontext=system_u:object_r:file_t
tclass=dir
Regards,
Frank
On Mon, 2004-06-14 at 07:28, Russell Coker wrote:
> On Mon, 14 Jun 2004 15:27, Richard Hally <rhallyx@xxxxxxxxxxxxxx> wrote:
> > While booting the 427 kernel in enforcing mode with
> > selinux-policy-strict-1.13.4-5,
> > the following avc denied messages occur:
> >
> > Jun 13 21:04:03 new2 kernel: audit(1087175021.671:0): avc: denied {
> > search } for pid=931 exe=/sbin/lvm.static dev=devpts ino=1
> > scontext=system_u:system_r:lvm_t tcontext=system_u:object_r:devpts_t
> > tclass=dir
>
> I guess we should add that, I'll put it in my tree now.
>
> > Jun 13 21:04:03 new2 kernel: audit(1087175022.193:0): avc: denied {
> > getattr }
> > for pid=931 exe=/sbin/lvm.static path=/dev/shm dev=hda2 ino=1091316
> > scontext=system_u:system_r:lvm_t tcontext=system_u:object_r:file_t
> > tclass=dir
>
> It looks like you don't have /dev/shm mounted. Have you done anything
> deliberately to cause this?
--
Francis K Shim <francis.shim@xxxxxxxxxxxx>
