On Tue, 2008-02-19 at 11:03 +0100, Václav Ovsík wrote:
> Hi,
> the package cracklib-runtime on Debian contains a daily maintenance script
> /etc/cron.daily/cracklib-runtime, that calls
> update-cracklib and that calls
> crack_mkdict, witch is a shell script. :)
> Run of the job daily cron job emits:
>
> audit(1203412448.496:30): avc: denied { execute } for pid=1961 comm="crack_mkdict" name="bash" dev=sda1 ino=81922 scontext=system_u:system_r:crack_t:s0 tcontext=system_u:object_r:shell_exec_t:s0 tclass=file
> audit(1203412448.496:31): avc: denied { read } for pid=1961 comm="crack_mkdict" name="bash" dev=sda1 ino=81922 scontext=system_u:system_r:crack_t:s0 tcontext=system_u:object_r:shell_exec_t:s0 tclass=file
>
> A patch is attached that suppresses these two denials.
Merged. I moved this into a distro_debian block.
--
Chris PeBenito
Tresys Technology, LLC
(410) 290-1411 x150
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with
the words "unsubscribe selinux" without quotes as the message.
