setroub;eshoot problem
max
maximilianbianco at gmail.com
Thu Jul 17 19:55:52 UTC 2008
>
> P.S. - this line from the output below :
>
>> SELinux: policy loaded with handle_unknown=deny
>
> Something about this is bugging me, I am checking with google but so far
> I haven't found what I am looking for, try searching for this and see
> what you come up with... I think it should be set to allow on fedora but
> I am not sure of the circumstances under which it would be set to
> allow/deny so I could be wrong....it has to do, IIRC, with other
> security checks in the kernel? I am not finding the same info I did
> before on this and my memory isn't playing ball.
>
>
Unknown Permissions Handling
# The behavior for handling permissions defined in the
# kernel but missing from the policy. The permissions
# can either be allowed, denied, or the policy loading
# can be rejected.
That is from the build.conf file. It explains at least what the above
option means. From looking at my default install of f9 that I have (from
dmesg):
SELinux: policy loaded with handle_unknown=allow
This could be your problem or part of it anyway. I am going to rebuild
policy and set it to deny and see what happens. The default is allow in
the refpolicy and I never tried changing it, i have i think been
spending too much time reading....good a time as any to see what i've
learned.
Max
--
Fortune favors the BOLD
More information about the fedora-list
mailing list