Re: selinux and mcelog

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 02/17/2012 09:19 PM, Daniel J Walsh wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 02/17/2012 11:43 AM, m.roth@xxxxxxxxx wrote:
I'm running CentOS 6.2, all updates. selinux-policy
3.7.19-126.el6_2.6. I see
/usr/share/selinux/devel/include/admin/mcelog.if:
######################################## ##<summary>  ##
Execute a domain transition to run mcelog. ##</summary>  ##<param
name="domain">  ##<summary>  ##      Domain allowed to
transition. ##</summary>  ##</param>  #
interface(`mcelog_domtrans',` gen_require(` type mcelog_t,
mcelog_exec_t; ')

domtrans_pattern($1, mcelog_exec_t, mcelog_t) ')

Yet, I'm seeing SELinux is preventing /usr/sbin/mcelog from getattr
access on the file /var/run/mcelog.pid.

Now, from some googling, it *looks* as though this was fixed
already. Am I missing something, or has this bug been
reintroduced?

mark


-- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/selinux


Well i am not sure if it is was fixed in 6.2 policy or 6.3.  I provide
the current selinux policy prerelease in
people.redhat.com/dwalsh/SELinux/RHEL6
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAk8+xEsACgkQrlYvE4MpobPJqACeJfF5X0UW4sAeQeeTznTE5jOq
uwoAniRES1D+aspYM3oQQrWb4D3dP0Lc
=4SV1
-----END PGP SIGNATURE-----
--
selinux mailing list
selinux@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/selinux
Please, could you use the latest selinux-policy packages from

people.redhat.com/dwalsh/SELinux/RHEL6


how Dan wrote.
--
selinux mailing list
selinux@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/selinux



[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Big List of Linux Books]     [Yosemite News]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux