On Wed, 2004-12-22 at 08:04 -0800, rich turner wrote:
> i dont really see anything that stands out related to ldconfig or my
> ramdisk. perhaps you see something differently.
One thing I notice is that your setenforce is in /usr/bin, which is the
location set in the libselinux package that shipped with FC3 (iirc).
However, this has moved to /usr/sbin since then in updates. Is your
system otherwise updated?
- Karsten
> [root@redhat ~]# grep avc /var/log/messages
> Dec 21 15:46:03 redhat kernel: audit(1103672763.346:0): avc: granted {
> setenforce } for pid=15023 exe=/bin/bash
> scontext=user_u:system_r:unconfined_t
> tcontext=system_u:object_r:security_t tclass=security
> Dec 21 15:51:56 redhat kernel: audit(1103673116.843:0): avc: granted {
> setenforce } for pid=3416 exe=/bin/bash
> scontext=root:system_r:unconfined_t
> tcontext=system_u:object_r:security_t tclass=security
> Dec 21 16:15:28 redhat kernel: audit(1103674528.036:0): avc: granted {
> setenforce } for pid=5529 exe=/usr/bin/setenforce
> scontext=root:system_r:unconfined_t
> tcontext=system_u:object_r:security_t tclass=security
> Dec 21 16:23:45 redhat kernel: audit(1103675025.790:0): avc: granted {
> setenforce } for pid=5515 exe=/usr/bin/setenforce
> scontext=root:system_r:unconfined_t
> tcontext=system_u:object_r:security_t tclass=security
> Dec 21 16:29:12 redhat dbus: avc: 1 AV entries and 1/512 buckets used,
> longest chain length 1
>
>
> On Wed, 2004-12-22 at 07:14, Daniel J Walsh wrote:
> > rich turner wrote:
> >
> > >i am somewhat of a newbie at selinux so forgive some of my ignorance. i
> > >am using fc3 and have created a filesystem using ramdev. in this
> > >filesystem i have put a bunch of files, some executables, and would like
> > >to update ld.so.cache in this filesystem by running "ldconfig -r /mnt",
> > >where /mnt is the mount point of the ramdev.
> > >
> > >if i put the running systems /etc/ld.so.cache into /mnt/etc/ld.so.cache
> > >then the system hangs when running "ldconfig -r /mnt". however, if i
> > >dont include the systems /etc/ld.so.cache into /mnt and then run
> > >ldconfig, it succeeds.
> > >
> > >i believe this has something to do with selinux because if i boot with
> > >"selinux=0" then it doesnt seem to be an issue either way.
> > >
> > >it also appears /etc/ld.so.cache is being handled in some way by selinux
> > >because there is an entry in
> > >/etc/selinux/targeted/contexts/files/file_contexts.
> > >
> > >i realize the short answer is to not include ld.so.cache in my ramdev,
> > >but i would like to know why this is actually happening.
> > >
> > >anyone have any suggestions?
> > >
> > >
> > >
> > What is your log file showing? SELinux reports errors in
> > /var/log/messages with AVC prefix.
> >
> > Dan
> >
> > >--
> > >fedora-selinux-list mailing list
> > >fedora-selinux-list@xxxxxxxxxx
> > >http://www.redhat.com/mailman/listinfo/fedora-selinux-list
> > >
> > >
> >
> > --
> > fedora-selinux-list mailing list
> > fedora-selinux-list@xxxxxxxxxx
> > http://www.redhat.com/mailman/listinfo/fedora-selinux-list
>
> --
> fedora-selinux-list mailing list
> fedora-selinux-list@xxxxxxxxxx
> http://www.redhat.com/mailman/listinfo/fedora-selinux-list
--
Karsten Wade, RHCE, Sr. Tech Writer
a lemon is just a melon in disguise
http://people.redhat.com/kwade/
gpg fingerprint: 2680 DBFD D968 3141 0115 5F1B D992 0E06 AD0E 0C41
