SElinux issues with vanilla 2.6.9 kernel on FC3
Serge de Souza
serge at cs.curtin.edu.au
Fri Dec 17 03:42:23 UTC 2004
Stephen Smalley wrote:
> On Tue, 2004-12-14 at 13:47, Orion Poplawski wrote:
>
>>I've installed a kernel.org 2.6.9 kernel updated to acpi 20041203. I'm
>>seeing lots of SElinux audit messages that I don't see with the Fedora
>>kernels. Is there something I can do short of disabling SElinux?
>>
>>audit(1103024554.837:0): avc: denied { read write } for pid=656
>>exe=/sbin/minilogd name=console dev=tmpfs ino=1138
>>scontext=user_u:system_r:syslogd_t tcontext=user_u:object_r:tmpfs_t
>>tclass=chr_file
>
>
> In order for SELinux to work with udev and a tmpfs /dev, you need tmpfs
> xattr support. That exists in 2.6.10-rc3, as well as in the Fedora
> kernels.
>
Or you can just apply the linux-2.6.9-xattr-rework-tmpfs-mm.patch to the
2.6.9 vanilla kernel and enable it in the config. The patch is in the
current fedora source kernel rpm.
Serge
More information about the fedora-list
mailing list