fstab, mount, minilog ...
Tom London
selinux at comcast.net
Tue Aug 24 16:46:11 UTC 2004
Newest Rawhide: some funny things at boot up:
Aug 24 08:43:24 fedora kernel: audit(1093336939.824:0): avc: denied {
use } for pid=546 exe=/sbin/minilogd path=/init dev=rootfs ino=14
scontext=system_u:system_r:syslogd_t tcontext=system_u:system_r:kernel_t
tclass=fd
Aug 24 08:43:24 fedora kernel: audit(1093336939.943:0): avc: denied {
read } for pid=551 exe=/bin/mount name=fstab dev=hda2 ino=4654138
scontext=system_u:system_r:mount_t tcontext=system_u:object_r:tmp_t
tclass=file
Aug 24 08:43:24 fedora kernel: audit(1093336939.943:0): avc: denied {
getattr
} for pid=551 exe=/bin/mount path=/etc/fstab dev=hda2 ino=4654138
scontext=system_u:system_r:mount_t tcontext=system_u:object_r:tmp_t
tclass=file
The minilog avc is 'old', but the ones from mount are new. In addition,
looks
like /etc/fstab is created with the wrong label. Here's the output from
'setfiles'
after boot:
setfiles: relabeling /etc/fstab from system_u:object_r:tmp_t to
system_u:object_r:etc_t
For minilog, is this a case of a file descriptor leaking across the exec?
tom
More information about the fedora-selinux-list
mailing list