On 03/22/2013 04:31 PM, Daniel J Walsh wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 03/22/2013 10:17 AM, Erick Staal wrote:
Hi,
After the last update of selinux to 3.11.1-86 the following error appears
in /var/log/messages:
SELinux: Context unconfined_u:system_r:unconfined_dbusd_t:s0-s0:c0.c1023
would be invalid if enforcing
Looks like that there is a problem with the selinux config for dbusd. Can
anyone tell how to fix this?
Sincerely, Erick -- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/selinux
I have a feeling you can just ignore it.
Not sure it why you had this label mapped into your kernel.
system_r is not allowed to run unconfined_dbusd_t, which is basically what the
kernel is telling you. Maybe prior to the update this was allowed. but as
long as you did not have a process with this label on it, you would be fine.
And there should be no way to get this label on an enforcing machine.
ps -eZ | grep unconfined_dbusd_t
If you get nothing that looks like system_r:unconfined_dbusd_t, you should be
fine.
Also have you ever run in permissive mode?
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iEYEARECAAYFAlFMeUoACgkQrlYvE4MpobMlggCghXY9vmlnxVqP/bcshvLJIq5Q
LsMAoKGDP0H3gAbGEHYXjuQ3Zc6ztGyW
=+MJJ
-----END PGP SIGNATURE-----
--
selinux mailing list
selinux@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/selinux
--
selinux mailing list
selinux@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/selinux
