Hey John,
Doing latest update right now and will try a fixfiles relabel
afterwards. If it still exists, i gonna file it in bugzilla.
Roger
Am Mittwoch, den 18.01.2006, 09:16 -0500 schrieb John (J5) Palmieri:
> Do you have the latest SE-Linux updates. I though we fixed
> the /usr/share/scripts issue. If it is the latest update please file a
> bug on selinux-policy-targeted in bugzilla with the exact same
> description you gave below.
>
> On Wed, 2006-01-18 at 10:11 +0100, Roger Grosswiler wrote:
> > Again,
> >
> > if i have selinux enabled, the g-p-m icon disappears and i find the
> > following in my audit.log:
> >
> > type=AVC msg=audit(1137522144.013:60): avc: denied { execute } for
> > pid=2641 comm="hald" name="hal-system-power-set-power-save" dev=dm-0
> > ino=1763088 scontext=system_u:system_r:hald_t:s0
> > tcontext=system_u:object_r:usr_t:s0 tclass=file
> > type=PATH msg=audit(1137522144.013:60): item=0
> > name="/usr/share/hal/scripts/hal-system-power-set-power-save" flags=101
> > inode=1763088 dev=fd:00 mode=0100755 ouid=0 ogid=0 rdev=00:00
> >
> > so, in this, audit2allow says:
> > [root@niobe audit]# audit2allow -i audit.log | grep hal
> > allow hald_t boot_t:dir getattr;
> > allow hald_t home_root_t:dir search;
> > allow hald_t initctl_t:fifo_file write;
> > allow hald_t initrc_var_run_t:file lock;
> > allow hald_t mnt_t:dir create;
> > allow hald_t mnt_t:file write;
> > allow hald_t sysctl_fs_t:dir search;
> > allow hald_t usr_t:file execute;
> > allow hald_t var_lib_nfs_t:dir search;
> >
> > (ok, nfs really doesn't belong to the g-p-m :-D )
> >
> >
> > HTH, Thanks
> > Roger
>
> --
> John (J5) Palmieri <johnp@xxxxxxxxxx>
>
--
Mit freundlichen Grüssen
Roger Grosswiler
------------------------
mailto:roger@xxxxxxxx
http://www.gwch.net
--
fedora-test-list mailing list
fedora-test-list@xxxxxxxxxx
To unsubscribe:
https://www.redhat.com/mailman/listinfo/fedora-test-list