Jason L Tibbitts III wrote:
"DJW" == Daniel J Walsh <Daniel> writes:
DJW> Did you get any avc messages?
That system is constantly throwing denials from hald and mount, but
looking back through the log I see the following two messages at the
time I applied the update:
Apr 4 16:24:21 util10 kernel: audit(1144185861.320:675): avc: denied { write } for pid=19560 comm="semodule" name="files" dev=dm-0 ino=165314 scontext=user_u:system_r:semanage_t:s0 tcontext=system_u:object_r:file_context_t:s0 tclass=dir
Apr 4 16:24:21 util10 kernel: audit(1144185861.340:676): avc: denied { write } for pid=19560 comm="semodule" name="files" dev=dm-0 ino=165314 scontext=user_u:system_r:semanage_t:s0 tcontext=system_u:object_r:file_context_t:s0 tclass=dir
- J<
This rule should be in policy, but it might have been in this update.
You can force the update by temporarily executing setenforce 0, or you
could add this rule to policy via
grep semodule /var/log/messages | audit2allow -M temp
semodule -l temp.pp
Update rpm
semodule -r temp
--
fedora-test-list mailing list
fedora-test-list@xxxxxxxxxx
To unsubscribe:
https://www.redhat.com/mailman/listinfo/fedora-test-list