Fresh rawhide install / AVC messages
Bill Nottingham
notting at redhat.com
Wed Mar 10 13:19:12 UTC 2004
Dax Kelson (dax at gurulabs.com) said:
> > I have attached a first cut at cpuspeed policy, it won't work but if you try
> > it out I'll get more information and be able to write more policy. What is
> > the full path name for this scaling_governor file?
>
> /sys/devices/system/cpu/cpu0/cpufreq/scaling_governor
Of course, you want cpu* in the policy.
> > > audit(1078849148.792:0): avc: denied { getattr } for
> > > pid=1141 exe=/bin/bash path=/etc/ntp.conf dev=hda8 ino=19690
> > > scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:ntpd_etc_t
> > > tclass=file audit(1078849148.796:0): avc: denied { rename } for pid=1160
> > > exe=/bin/mv name=ntp.conf dev=hda8 ino=19690
> > > scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:ntpd_etc_t
> > > tclass=file audit(1078849148.797:0): avc: denied { getattr } for
> > > pid=1161 exe=/bin/bash path=/tmp dev=hda8 ino=588673
> >
> > This is a problem. Is this standard functionality of the dhcp client or have
> > you written your own scripts?
>
> This is standard behavior on RHL8.0 and above if the DHCP server sends the
> 'time-server' options. I don't know off hand if it is RH specific or stock
> dhclient.
I believe it's an upstream thing. /sbin/dhclient-script has
all the things that dhclient tries to do.
Bill
More information about the fedora-selinux-list
mailing list