Latest kernel (2356), avc's on hwclock
Ian Pilcher
i.pilcher at comcast.net
Fri Jul 7 23:06:59 UTC 2006
Stephen Smalley wrote:
> Looks like the Fedora hwclock is instrumented to generate an audit
> record, but policy doesn't yet allow it to do so. These capability
> checks used to be silent (no auditing) since they occur on netlink recv,
> but a recent patch has enabled SELinux to generate audit messages on the
> netlink recv capability checks. So we can expect these types of denials
> to show up now. Should be allowed in this case.
So it's generating an audit message, because it wasn't allowed to
generate an audit message?
I've only had half a beer...
--
========================================================================
Ian Pilcher i.pilcher at comcast.net
========================================================================
More information about the fedora-selinux-list
mailing list