Re: denied avcs Rawhide how to troubleshoot

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Tue, 2007-04-10 at 06:23 -0700, Antonio Olivares wrote:
> Dear list,
> 
> I am running rawhide and I get these denied avcs
> 
> [olivares@localhost ~]$ cat /etc/fedora-release 
> Fedora release 6.92 (Rawhide)
> [olivares@localhost ~]$ 
> 
> There is a tool semanage, but I do not know how to use it.  Is there any reference to this new tool.  
> How do I fix this using chcon -?  or other tools to troubleshoot this.
> 
> audit(1176209974.281:4): avc:  denied  { create } for  pid=991 comm="create_floppy_d" name="fd0u1440" scontext=system_u:system_r:udev_t:s0-s0:c0.c1023 tcontext=system_u:object_r:default_t:s0 tclass=blk_file

In this case, it appears that udev is creating a device node without
properly setting its security context.

I can confirm the same behavior on a rawhide system here.
/sbin/restorecon -nv /dev/fd0u1440 reports that it has default_t but
should have removable_device_t according to policy.

Possibly a bug in the latest version of udev?
  
-- 
Stephen Smalley
National Security Agency

--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list

[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Big List of Linux Books]     [Yosemite News]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux