On Fri, 2005-06-10 at 21:09 -0700, Bob Kashani wrote:
> On Fri, 2005-06-10 at 19:51 -0400, Ivan Gyurdiev wrote:
> > On Fri, 2005-06-10 at 19:46 -0400, Ivan Gyurdiev wrote:
> > > > [medieval@chaucer ~]$ touch tmpfile
> > > > [medieval@chaucer ~]$ ls -Z tmpfile
> > > > -rw-rw-r-- medieval medieval user_u:object_r:user_home_t tmpfile
> > >
> > > The user is user_u, but the type is user_home_t. This is normal.
> >
> > Unless you have a user defined in /etc/selinux/targeted/*.users,
> > in which case make sure the policy upgrade didn't replace any of
> > those files, and erase your user.
>
> Thanks Ivan for the info. For some reason everything in my home dir was
> labeled as system_u and so I thought maybe something was up. :)
That's odd...for a home directory I would have expected user_u.
However, I haven't ran targeted policy in ages...
The user part of the context just represents the SElinux user
that created the file, and I don't think it's actually used
for anything important...at least not for files on disk.
> Now for the problem that I'm having:
>
> Jun 10 20:57:47 chaucer kernel: audit(1118462267.758:0): avc: denied
> { execmod } for pid=20348 comm=lt-glib-genmars
> path=/mnt/hdb1/home/gnome/garnome-2.11-20050610.1755/platform/glib/work/main.d/glib-2.6.4/glib/.libs/libglib-2.0.so.0.600.4 dev=hdb1 ino=4407601 scontext=user_u:system_r:unconfined_t tcontext=user_u:object_r:user_home_t tclass=file
Looks like text relocations in the library. Try to find out how to get
rid of them (readelf -d <path-to-lib> |grep TEXTREL)
> When I try to compile garnome in my home dir I get the above avc and the
> build stops. Do you know what has changed in the most recent policy
> update that would cause this?
No...I'm sorry, I only follow strict policy.
--
Ivan Gyurdiev <ivg2@xxxxxxxxxxx>
Cornell University
--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
http://www.redhat.com/mailman/listinfo/fedora-selinux-list
