On Wednesday 27 May 2009 12:39:55 pm Nigel Rumens wrote:
> On 05/26/2009 11:32 PM, Paul Moore wrote:
> > Hi Nigel,
> >
> > Can you send us the AVC denial messages? If you are running a recent
> > kernel (F11/Rawhide should qualify and F10 will likely as well) there
> > should only be a handful of areas where you should be hitting transport
> > protocol specific code that isn't SCTP aware in the kernel, it would be
> > nice to verify that so we could better identify what work needs to be
> > done.
>
> Certainly - here you are.
...
> Raw Audit Messages :
>
> node=bear.cwb.uk type=AVC msg=audit(1242974819.377:32014): avc: denied {
> name_bind } for pid=14773 comm="sctp_darn" src=9876
> scontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
> tcontext=system_u:object_r:port_t:s0 tclass=rawip_socket
> node=bear.cwb.uk type=SYSCALL msg=audit(1242974819.377:32014):
> arch=c000003e syscall=49 success=no exit=-13 a0=3 a1=7fff08b0bdd0 a2=10
> a3=7fff08b0bdc0 items=0 ppid=14732 pid=14773 auid=500 uid=500 gid=500
> euid=500 suid=500 fsuid=500 egid=500 sgid=500 fsgid=500 tty=pts2 ses=51
> comm="sctp_darn" exe="/usr/bin/sctp_darn"
> subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 key=(null)
Thanks!
--
paul moore
linux @ hp
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with
the words "unsubscribe selinux" without quotes as the message.
