Re: AVCs with ntpd

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Felipe Alfaro Solana wrote:

OK, so I'm trying SElinux after having it disabled for some time. That's what I did:

1. Installed selinux-policy-targeted-1.17.16-2
2. Recompiled the kernel with SElinux support
3. Booted into single user mode
4. Ran "fixfiles relabel"
5. Rebooted with "selinux=1"

Now, I'm seeing a lot of these:

audit(1095681913.039:0(: avc: denied { search } for pid=2515 exe=/usr/sbin/ntpd dev=tmpfs ino=357 scontext=user_u:system_r:ntpd_t tcontext=user_u:object_r"tmpfs_t tclass=dir

The problem here is that I'm using UDEV and that the initial ramdisk mounts a tmpfs on top of "/dev", thus, covering the labeled "/dev" that resides on disk.

How should I fix this?

Try the policy available on people.redhat.com:~dwalsh/Fedora/

--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
http://www.redhat.com/mailman/listinfo/fedora-selinux-list



[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Big List of Linux Books]     [Yosemite News]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux