On Thu, 2005-04-14 at 22:54 -0700, Florin Andrei wrote:
> Apr 14 22:47:52 demo kernel: audit(1113544072.328:0): avc: denied
> { read } for pid=3042 exe=/bin/cp name=config dev=hda2 ino=1212848
> scontext=root:system_r:postgresql_t
> tcontext=user_u:object_r:selinux_config_t tclass=file
> Apr 14 22:47:52 demo kernel: audit(1113544072.334:0): avc: denied
> { getattr } for pid=3042 exe=/bin/cp path=/etc/selinux/config dev=hda2
> ino=1212848 scontext=root:system_r:postgresql_t
> tcontext=user_u:object_r:selinux_config_t tclass=file
Hm, and now i'm getting something very similar when running a simple DB
initialization script (create databases, create users, create tables,
assign privileges) that before (with non-updated FC4t2) did not give any
SELinux warnings.
Apr 14 22:55:47 demo kernel: audit(1113544547.453:0): avc: denied
{ read } for pid=3269 exe=/bin/cp name=config dev=hda2 ino=1212848
scontext=root:system_r:postgresql_t
tcontext=user_u:object_r:selinux_config_t tclass=file
Apr 14 22:55:47 demo kernel: audit(1113544547.459:0): avc: denied
{ getattr } for pid=3269 exe=/bin/cp path=/etc/selinux/config dev=hda2
ino=1212848 scontext=root:system_r:postgresql_t
tcontext=user_u:object_r:selinux_config_t tclass=file
--
Florin Andrei
http://florin.myip.org/