Re: hotplug_t?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Tue, Aug 01, 2006 at 09:08:37AM -0400, Stephen Smalley wrote:
> On Tue, 2006-08-01 at 07:05 +0200, Axel Thimm wrote:
> > Process contexts:
> > Current context:		root:system_r:hotplug_t:SystemLow-SystemHigh
> > Init context:                   system_u:system_r:init_t
> > /sbin/mingetty                  system_u:system_r:kernel_t
> > /usr/sbin/sshd                  system_u:system_r:kernel_t
> 
> That's puzzling; init is in the correct domain (init_t) but mingetty and
> sshd are in kernel_t rather than getty_t  init starts life in kernel_t,
> then re-execs into init_t after loading policy, then performs normal
> startup.  But there are no transitions back into kernel_t.  And the
> files appear to have the right contexts.

Restarting sshd from a root:system_r:hotplug_t:SystemLow-SystemHigh
root login results in a root:system_r:unconfined_t:SystemLow-SystemHigh
master sshd process. Is that correct?

> rpm -q selinux-policy-targeted SysVinit
> rpm -V selinux-policy-targeted
> /usr/sbin/semodule -l
> cmp /etc/selinux/targeted/modules/active/policy.kern /etc/selinux/targeted/policy/policy.20

# rpm -q selinux-policy-targeted SysVinit
selinux-policy-targeted-2.3.2-1.fc5
SysVinit-2.86-2.2.2
# rpm -V selinux-policy-targeted
# /usr/sbin/semodule -l
amavis  1.0.5
clamav  1.0.4
dcc     1.0.1
pyzor   1.0.4
razor   1.0.1
# cmp /etc/selinux/targeted/modules/active/policy.kern /etc/selinux/targeted/policy/policy.20
-- 
Axel.Thimm at ATrpms.net

Attachment: pgpx1GwBdyLD7.pgp
Description: PGP signature

--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list

[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Big List of Linux Books]     [Yosemite News]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux