I wonder that whether node and netif are checked in RHEL5 or not.
I tried to add some auditallow sentences in RHEL4 at first.
> auditallow unconfined_t node_type: node *;
> auditallow unconfined_t netif_type:netif *;
and executeed some commands such as,
> nc -p -l 8888
> echo "testtest" | nc 127.0.0.1 8888
Then, SELinux generated granted logs such as,
> localhost kernel: audit(1190468263.024:250): avc: granted { tcp_send } for pid=6057 comm="nc" name="bash" dev=dm-0 ino=686823 scontext=root:system_r:unconfind_t tcontext=root:system_r:node_t tclass=node
I tried same thing in RHEL5. but no granted logs are found in /var/log/audit/audit.log.
I created module like below, and after compiling the module, tried "semodule -i test.pp".
> policy_module(test, 1.0.0)
> gen_require {
> attribute node_type;
> attribute netif_type;
> type unconfined_t;
> }
> auditallow unconfined_t node_type:node *;
> auditallow unconfined_t netif_type:netif *;
>
> ( fc and if file are empty.)
I thought subject domain was not unconfined_t, so I confirmed what user security context was.
But I logined root( unconfined_t )
Anyway, Does SELinux in RHEL5 checks node and netif ? or just my mistake?
Regards,
K
_______________________________________________________________
Get the FREE email that has everyone talking at http://www.mail2world.com
Unlimited Email Storage – POP3 – Calendar – SMS – Translator – Much More!
