Jul 20 09:23:46 fedora kernel: audit(1090340592.421:0): avc: denied { read write } for pid=991 exe=/sbin/restorecon path=/dev/.udev.tdb dev=hda2 ino=2698913 scontext=system_u:system_r:restorecon_t tcontext=system_u:object_r:udev_tbl_t tclass=file
Jul 20 09:23:47 fedora kernel: audit(1090340592.431:0): avc: denied { read write } for pid=992 exe=/sbin/restorecon path=/dev/.udev.tdb dev=hda2 ino=2698913 scontext=system_u:system_r:restorecon_t tcontext=system_u:object_r:udev_tbl_t tclass=file
Jul 20 09:23:47 fedora kernel: audit(1090340600.740:0): avc: denied { unlink } for pid=1297 exe=/sbin/udev name=microcode dev=hda2 ino=2689375 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:device_t tclass=lnk_file
Jul 20 09:23:47 fedora kernel: audit(1090340600.759:0): avc: denied { read write } for pid=1309 exe=/sbin/restorecon path=/dev/.udev.tdb dev=hda2 ino=2698913 scontext=system_u:system_r:restorecon_t tcontext=system_u:object_r:udev_tbl_t tclass=file
Russell Coker wrote:
On Tue, 20 Jul 2004 13:24, Tom London <selinux@xxxxxxxxxxx> wrote:
I'm getting lots of of 'denied' avc for /dev/.udev.tdb from /sbin/udev.
I see an entry in file_contexts for '/dev/udev.tbl' (which doesn't
seem to exist on my system). Has .udev.tbd replaced udev.tbl?
(udev_db in /etc/udev/udev.conf is set to /dev/.udev.tdb).
Your analysis sounds reasonable. How do things work if you put the following in udev.fc, run "make install" and then run "restorecon /dev/.udev.tdb"?
/dev/\.udev\.tdb -- system_u:object_r:udev_tbl_t
