On Tue, 2007-04-10 at 06:23 -0700, Antonio Olivares wrote: > Dear list, > > I am running rawhide and I get these denied avcs > > [olivares@localhost ~]$ cat /etc/fedora-release > Fedora release 6.92 (Rawhide) > [olivares@localhost ~]$ > > There is a tool semanage, but I do not know how to use it. Is there any reference to this new tool. > How do I fix this using chcon -? or other tools to troubleshoot this. > > audit(1176209974.281:4): avc: denied { create } for pid=991 comm="create_floppy_d" name="fd0u1440" scontext=system_u:system_r:udev_t:s0-s0:c0.c1023 tcontext=system_u:object_r:default_t:s0 tclass=blk_file In this case, it appears that udev is creating a device node without properly setting its security context. I can confirm the same behavior on a rawhide system here. /sbin/restorecon -nv /dev/fd0u1440 reports that it has default_t but should have removable_device_t according to policy. Possibly a bug in the latest version of udev? -- Stephen Smalley National Security Agency -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list