Le mardi 15 novembre 2005 à 16:45 -0500, Christopher J. PeBenito a écrit : > On Tue, 2005-11-15 at 21:17 +0100, Nicolas Mailhot wrote: > > Is selinux-policy-targeted-2.0.0-1 really ready for use ? Basic stuff > > like udev access to /dev/.udevdb and su seems to be blocked > > Can you provide denials from your audit.log? I can't reproduce these > problems. The udev bit is too early to end in the logs, it flashes during the boot messages. Maybe it's not selinux related but it looks like it Strangely su works from the console but not from gnome-terminal Attached a full audit.log for the system. Generation process : - force an autorelabel (touch /.autorelabel) - reboot - switch to init 1 - remove /var/log/audit/audit.log - reboot - do_stuff (including a failed root login ;)) - copy the resulting audit.log All the denied accesses in the log can therefore be attributed directly to the policy. Lots of denied stuff for 2 minutes of system activity before copying the log. -- Nicolas Mailhot
Attachment:
audit.log.bz2
Description: application/bzip
Attachment:
signature.asc
Description: Ceci est une partie de message =?ISO-8859-1?Q?num=E9riquement?= =?ISO-8859-1?Q?_sign=E9e?=
-- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list
