Felipe Alfaro Solana wrote:
OK, so I'm trying SElinux after having it disabled for some time. That's what I did:
1. Installed selinux-policy-targeted-1.17.16-2 2. Recompiled the kernel with SElinux support 3. Booted into single user mode 4. Ran "fixfiles relabel" 5. Rebooted with "selinux=1"
Now, I'm seeing a lot of these:
audit(1095681913.039:0(: avc: denied { search } for pid=2515 exe=/usr/sbin/ntpd dev=tmpfs ino=357 scontext=user_u:system_r:ntpd_t tcontext=user_u:object_r"tmpfs_t tclass=dir
The problem here is that I'm using UDEV and that the initial ramdisk mounts a tmpfs on top of "/dev", thus, covering the labeled "/dev" that resides on disk.
How should I fix this?
Try the policy available on people.redhat.com:~dwalsh/Fedora/
-- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx http://www.redhat.com/mailman/listinfo/fedora-selinux-list
