On 01/19/11 13:06, Justin P. Mattock wrote:
> this is showing up with the latest kernel in enforcing mode..
> (I have not update the policy and/or selinux userspace)
>
> [ 12.803882] type=1400 audit(1295457694.801:3): avc: denied { syslog
> } for pid=1540 comm="rsyslogd" capability=34
> scontext=system_u:system_r:init_t:s0
> tcontext=system_u:system_r:init_t:s0 tclass=capability2
[cut]
> when using audit2allow I get:
>
> allow init_t self:capability2 syslog;
>
> which gives an error when trying to install the module, due to the
> policy not knowing what capability2 is
>
> system is ubuntu maverick, if this is already in(refpolicy) then I'll
> pull the latest when I get a chance..
Support for this capability is upstream in refpolicy.
--
Chris PeBenito
Tresys Technology, LLC
www.tresys.com | oss.tresys.com
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with
the words "unsubscribe selinux" without quotes as the message.
