udevsend....
Tom London
selinux at comcast.net
Tue Aug 24 16:01:22 UTC 2004
The newest Rawhide udev seems to add 'udevsend' that seems to want
allow udev_t selinux_config_t:dir { search };
allow udev_t selinux_config_t:file { read };
I'm guessing that udevsend replaces the script
/etc/dev.d/default/selinux.dev.
tom
Here are the avcs....
Aug 24 08:45:13 fedora kernel: audit(1093362313.380:0): avc: denied {
search } for pid=3905 exe=/sbin/udevsend name=selinux dev=hda2
ino=4509743 scontext=system_u:system_r:udev_t
tcontext=system_u:object_r:selinux_config_t tclass=dir
Aug 24 08:45:13 fedora kernel: audit(1093362313.380:0): avc: denied {
read } for pid=3905 exe=/sbin/udevsend name=config dev=hda2 ino=4509759
scontext=system_u:system_r:udev_t
tcontext=system_u:object_r:selinux_config_t tclass=file
Aug 24 08:45:13 fedora kernel: audit(1093362313.380:0): avc: denied {
getattr
} for pid=3905 exe=/sbin/udevsend path=/etc/selinux/config dev=hda2
ino=4509759 scontext=system_u:system_r:udev_t
tcontext=system_u:object_r:selinux_config_t tclass=file
More information about the fedora-selinux-list
mailing list