On Tue, 2007-06-12 at 07:32 -0400, Stephen Smalley wrote: > On Mon, 2007-06-11 at 16:16 -0500, Tom "spot" Callaway wrote: > > On Mon, 2007-06-11 at 12:07 -0700, Tom London wrote: > > > On 6/10/07, Tom London <selinux@xxxxxxxxx> wrote: > > > > Running latest Rawhide, targeted. > > > > > > > > Running in enforcing mode, audio-entropyd fails to start. > > > > > > > > Flipping to permissive mode and restarting, I get these: > > > > (audit messages snipped) > > > > I tried to make a module for audio-entropyd to fix this, but it doesn't > > seem to do the job. Can anyone advise me on what I'm doing wrong? > > > > Here are my three files: > > > > http://people.redhat.com/tcallawa/selinux/ > > > > Thanks in advance, > > Can you clarify what you mean by "doesn't seem to do the job"? You > still get avc denials? Which ones? I'm still getting similar avc denials: Raw Audit Messages :avc: denied { read, write } for comm="audio-entropyd" dev=tmpfs egid=0 euid=0 exe="/usr/sbin/audio-entropyd" exit=4 fsgid=0 fsuid=0 gid=0 items=0 name="random" pid=3939 scontext=user_u:system_r:entropyd_t:s0 sgid=0 subj=user_u:system_r:entropyd_t:s0 suid=0 tclass=chr_file tcontext=system_u:object_r:random_device_t:s0 tty=(none) uid=0 Raw Audit Messages :avc: denied { dac_override } for comm="audio-entropyd" egid=0 euid=0 exe="/usr/sbin/audio-entropyd" exit=5 fsgid=0 fsuid=0 gid=0 items=0 pid=3939 scontext=user_u:system_r:entropyd_t:s0 sgid=0 subj=user_u:system_r:entropyd_t:s0 suid=0 tclass=capability tcontext=user_u:system_r:entropyd_t:s0 tty=(none) uid=0 ~spot -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list
