NFS Update and SELinux
Richi Plana
myfedora at richip.dhs.org
Thu Nov 1 18:27:34 UTC 2007
Hi, Daniel.
On Thu, 2007-11-01 at 13:58 -0400, Daniel J Walsh wrote:
> Please attach avc messages?
>
> These devices should be labeled usb_device_t
Thanks for the tip.
Well, after reading your email, I checked the context and it's
definitely labeled "device_t". I looked at my selinux file_contexts and
the closest match for /dev/usbmon? was /dev/.* (which gave it a context
of device_t).
More info:
selinux-policy-targeted-2.6.4-48.fc7
I haven't edited it. And:
# ll -Z /dev/usb*
lrwxrwxrwx root root
system_u:object_r:device_t /dev/usbdev1.1_ep00 ->
bus/usb/1/1_ep/00
lrwxrwxrwx root root
system_u:object_r:device_t /dev/usbdev1.1_ep81 ->
bus/usb/1/1_ep/81
lrwxrwxrwx root root
system_u:object_r:device_t /dev/usbdev1.2_ep00 ->
bus/usb/1/2_ep/00
lrwxrwxrwx root root
system_u:object_r:device_t /dev/usbdev1.2_ep81 ->
bus/usb/1/2_ep/81
lrwxrwxrwx root root
system_u:object_r:device_t /dev/usbdev2.1_ep00 ->
bus/usb/2/1_ep/00
lrwxrwxrwx root root
system_u:object_r:device_t /dev/usbdev2.1_ep81 ->
bus/usb/2/1_ep/81
crw------- root root system_u:object_r:device_t /dev/usbmon0
crw------- root root system_u:object_r:device_t /dev/usbmon1
crw------- root root system_u:object_r:device_t /dev/usbmon2
FYI.
Thanks!
--
Richi Plana
More information about the fedora-devel-list
mailing list