> Update to
>
> selinux-policy-3.6.10-2.fc11
Not available :(
[root@riohigh ~]# yum update
adobe-linux-i386 | 951 B 00:00
adobe-linux-i386/primary | 10 kB 00:00
adobe-linux-i386 17/17
rawhide/metalink | 7.1 kB 00:00
rawhide | 3.4 kB 00:00
rawhide/primary_db | 8.0 MB 00:24
Setting up Update Process
No Packages marked for Update
Selinux is going crazy, the setroubleshooter hogs the CPU with a great deal of denials even in permissive mode. I hope I wake up next Monday and the problem goes away, hopefully with the release of Fedora 11 Beta :)
nsplugin, pulseaudio and others are also causing lots of trouble, problem is I tried to write a bug report but was unable to, setroubleshoot deamon died and I could not copy paste it :(
[olivares@riohigh ~]$ dmesg | grep 'avc'
type=1400 audit(1238189886.196:3): avc: denied { search } for pid=1553 comm="ifconfig" name="selinux" dev=sda5 ino=25722 scontext=system_u:system_r:ifconfig_t:s0-s0:c0.c1023 tcontext=system_u:object_r:selinux_config_t:s0 tclass=dir
type=1400 audit(1238189886.196:4): avc: denied { read } for pid=1553 comm="ifconfig" name="config" dev=sda5 ino=97197 scontext=system_u:system_r:ifconfig_t:s0-s0:c0.c1023 tcontext=system_u:object_r:selinux_config_t:s0 tclass=file
type=1400 audit(1238189886.196:5): avc: denied { open } for pid=1553 comm="ifconfig" name="config" dev=sda5 ino=97197 scontext=system_u:system_r:ifconfig_t:s0-s0:c0.c1023 tcontext=system_u:object_r:selinux_config_t:s0 tclass=file
type=1400 audit(1238189886.196:6): avc: denied { getattr } for pid=1553 comm="ifconfig" path="/etc/selinux/config" dev=sda5 ino=97197 scontext=system_u:system_r:ifconfig_t:s0-s0:c0.c1023 tcontext=system_u:object_r:selinux_config_t:s0 tclass=file
type=1400 audit(1238189886.197:7): avc: denied { getattr } for pid=1553 comm="ifconfig" name="/" dev=selinuxfs ino=1 scontext=system_u:system_r:ifconfig_t:s0-s0:c0.c1023 tcontext=system_u:object_r:security_t:s0 tclass=filesystem
type=1400 audit(1238189886.197:8): avc: denied { search } for pid=1553 comm="ifconfig" name="/" dev=selinuxfs ino=1 scontext=system_u:system_r:ifconfig_t:s0-s0:c0.c1023 tcontext=system_u:object_r:security_t:s0 tclass=dir
type=1400 audit(1238189886.197:9): avc: denied { getattr } for pid=1553 comm="ifconfig" path="/selinux/class" dev=selinuxfs ino=26 scontext=system_u:system_r:ifconfig_t:s0-s0:c0.c1023 tcontext=system_u:object_r:security_t:s0 tclass=dir
type=1400 audit(1238189886.197:10): avc: denied { read } for pid=1553 comm="ifconfig" name="mls" dev=selinuxfs ino=12 scontext=system_u:system_r:ifconfig_t:s0-s0:c0.c1023 tcontext=system_u:object_r:security_t:s0 tclass=file
type=1400 audit(1238189886.198:11): avc: denied { open } for pid=1553 comm="ifconfig" name="mls" dev=selinuxfs ino=12 scontext=system_u:system_r:ifconfig_t:s0-s0:c0.c1023 tcontext=system_u:object_r:security_t:s0 tclass=file
type=1400 audit(1238189892.172:12): avc: denied { rlimitinh } for pid=1815 comm="modprobe" scontext=system_u:system_r:iptables_t:s0 tcontext=system_u:system_r:insmod_t:s0 tclass=process
type=1400 audit(1238189892.172:13): avc: denied { siginh } for pid=1815 comm="modprobe" scontext=system_u:system_r:iptables_t:s0 tcontext=system_u:system_r:insmod_t:s0 tclass=process
type=1400 audit(1238189892.172:14): avc: denied { noatsecure } for pid=1815 comm="modprobe" scontext=system_u:system_r:iptables_t:s0 tcontext=system_u:system_r:insmod_t:s0 tclass=process
Here are some anyway even with enforcing=0(permissive mode) :(
Regards,
Antonio
--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
