On Tue, 15 Feb 2005 13:26:24 -0500, Stephen Smalley <sds@xxxxxxxxxxxxxx> wrote: > On Tue, 2005-02-15 at 12:10, Daniel J Walsh wrote: > > Current policy should allow unconfined_t to have these perms. If you > > have allow_execmod set? > > The audit messages in his posting showed the denials happening for > initrc_t, not unconfined_t. Why is vmware running in initrc_t? > > -- > Stephen Smalley <sds@xxxxxxxxxxxxxx> > National Security Agency > Ah... good point. VMware has stuff in /etc/init.d to install its kernel modules and setup its networking stuff. So this script is running as initrc_t as is failing. Because of this, I don't even get to run the 'vmware' command. Sorry for the confusion. tom -- Tom London
