On Fri, 2013-12-06 at 17:54 -0500, Paul Moore wrote: > On Friday, December 06, 2013 08:57:51 AM Eric Paris wrote: > > Hmmm, it could happen if hashtab_insert failed... > > > > I wonder why we don't check the return value there.... > > I noticed the same thing when Mimi and I were talking about this offline. > Although, I've got to think that if the hash insert operation was failing we > would notice it as the loaded policy would be wonky, wouldn't it? What's confusing is that policy seems to have loaded. >From "journalctl -a": SELinux: Permission attach_queue in class tun_socket not defined in policy. SELinux: the above unknown classes and permissions will be allowed SELinux: Completing initialization. SELinux: Setting up existing superblocks. SELinux: initialized (dev sysfs, type sysfs), uses genfs_contexts SELinux: initialized (dev rootfs, type rootfs), uses genfs_contexts SELinux: initialized (dev bdev, type bdev), uses genfs_contexts SELinux: initialized (dev proc, type proc), uses genfs_contexts SELinux: initialized (dev tmpfs, type tmpfs), uses transition SIDs SELinux: initialized (dev devtmpfs, type devtmpfs), uses transition SIDs SELinux: initialized (dev sockfs, type sockfs), uses task SIDs SELinux: initialized (dev debugfs, type debugfs), uses genfs_contexts SELinux: initialized (dev pipefs, type pipefs), uses task SIDs SELinux: initialized (dev anon_inodefs, type anon_inodefs), uses genfs_contexts SELinux: initialized (dev devpts, type devpts), uses transition SIDs SELinux: initialized (dev hugetlbfs, type hugetlbfs), uses transition SIDs SELinux: initialized (dev mqueue, type mqueue), uses transition SIDs SELinux: initialized (dev selinuxfs, type selinuxfs), uses genfs_contexts SELinux: initialized (dev sysfs, type sysfs), uses genfs_contexts SELinux: initialized (dev securityfs, type securityfs), uses genfs_contexts SELinux: initialized (dev tmpfs, type tmpfs), uses transition SIDs SELinux: initialized (dev tmpfs, type tmpfs), uses transition SIDs SELinux: initialized (dev tmpfs, type tmpfs), uses transition SIDs SELinux: initialized (dev cgroup, type cgroup), uses genfs_contexts SELinux: initialized (dev pstore, type pstore), uses genfs_contexts SELinux: initialized (dev cgroup, type cgroup), uses genfs_contexts SELinux: initialized (dev cgroup, type cgroup), uses genfs_contexts SELinux: initialized (dev cgroup, type cgroup), uses genfs_contexts SELinux: initialized (dev cgroup, type cgroup), uses genfs_contexts SELinux: initialized (dev cgroup, type cgroup), uses genfs_contexts SELinux: initialized (dev cgroup, type cgroup), uses genfs_contexts SELinux: initialized (dev cgroup, type cgroup), uses genfs_contexts SELinux: initialized (dev cgroup, type cgroup), uses genfs_contexts SELinux: initialized (dev vda2, type ext4), uses xattr type=1403 audit(1386081788.639:3): policy loaded auid=4294967295 ses=4294967295 Dec 03 09:43:09 localhost.localdomain systemd[1]: Successfully loaded SELinux policy in 2.978298s. Dec 03 09:43:09 localhost.localdomain systemd[1]: Relabelled /dev and /run in 24.555ms. SELinux: initialized (dev tmpfs, type tmpfs), uses transition SIDs SELinux: initialized (dev hugetlbfs, type hugetlbfs), uses transition SIDs Let me know if you need anything else. Mimi -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with the words "unsubscribe selinux" without quotes as the message.
