Dawid Gajownik wrote:
Dnia 03/14/2006 04:40 PM, Użytkownik Daniel J Walsh napisał:
Does this cause a problem that you can see or are you just seeing the
AVC message?
No the question was whether your swap file is working? Is it mounted?
These avc messages may just need to be dontaudit'd.
Well, I'm just a SELinux newbie and I may be wrong, but I think that
this is a cause. I have disabled dontaudit rules in this way →
http://fedora.redhat.com/docs/selinux-faq-fc3/index.html#id2827008
and I don't see other AVC messages related to swap:
[root@X ~]# grep -i swap /var/log/audit/audit.log
type=AVC msg=audit(1142351580.781:283): avc: denied { getattr } for
pid=1918 comm="fstab-sync" name="swapfile" dev=hda5 ino=881811
scontext=system_u:system_r:updfstab_t
tcontext=root:object_r:swapfile_t tclass=file
type=AVC_PATH msg=audit(1142351580.781:283): path="/var/swapfile"
type=PATH msg=audit(1142351580.781:283): item=0 name="/var/swapfile"
flags=0 inode=881811 dev=03:05 mode=0100600 ouid=0 ogid=0 rdev=00:00
type=AVC msg=audit(1142351580.941:285): avc: denied { getattr } for
pid=1921 comm="fstab-sync" name="swapfile" dev=hda5 ino=881811
scontext=system_u:system_r:updfstab_t
tcontext=root:object_r:swapfile_t tclass=file
type=AVC_PATH msg=audit(1142351580.941:285): path="/var/swapfile"
type=PATH msg=audit(1142351580.941:285): item=0 name="/var/swapfile"
flags=0 inode=881811 dev=03:05 mode=0100600 ouid=0 ogid=0 rdev=00:00
type=AVC msg=audit(1142351581.077:287): avc: denied { getattr } for
pid=1925 comm="fstab-sync" name="swapfile" dev=hda5 ino=881811
scontext=system_u:system_r:updfstab_t
tcontext=root:object_r:swapfile_t tclass=file
type=AVC_PATH msg=audit(1142351581.077:287): path="/var/swapfile"
type=PATH msg=audit(1142351581.077:287): item=0 name="/var/swapfile"
flags=0 inode=881811 dev=03:05 mode=0100600 ouid=0 ogid=0 rdev=00:00
[root@X ~]#
Feel free to send me patches - I will eagerly test them :)
--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
