Questions about /net and /proc

James Z. Li at
Mon Aug 15 21:25:27 UTC 2005

In the shell script, namely
if [ ! -d ${REDHAT_AREA}/bin ]; then
    mkdir -p ${REDHAT_AREA}/bin;
echo "Copying some files from server"

I labeled the script as file_t and shell_exec_t,
but they both did not work. There is no security context for /net
and /net is empty on my machine, so when I run this script, the 
error messages are:
mkdir: cannot create directory `/net/redhat': Permission denied
Copying some files from server
/net/redhat: Permission denied

There is no AVC messages in either /var/log/messages or 
/var/log/audit/audit.log. There are these lines in /var/log/messages:
Aug 15 16:51:17 ko automount[3254]: >> /usr/sbin/showmount: can't get
address for redhat
Aug 15 16:51:17 ko automount[3254]: lookup(program): lookup for redhat failed
Aug 15 16:51:17 ko automount[3254]: failed to mount /net/redhat

Thanks a lot,


On 8/15/05, Daniel J Walsh <dwalsh at> wrote:
> James Z. Li wrote:
> >Hi all,
> >
> >I have several root shell scripts which need create directories
> >under /net or /proc. They are running well under Fedora Core 2.
> >After I upgrate to FC4 with targeted SELinux policy, those
> >scripts are not running under either enforcing or permissive mode.
> >Error messages like Unable to create directories under /net or /proc.
> >I used "ls -Z" to check security contexts for /net and /proc,
> >they both have empty security labels.
> >As a root (root:system_r:unconfined_t), I cannot manually create
> >anything under those two directories.
> >
> >What should I do in order to make /net and /proc writtable?
> >
> >Thanks,
> >
> >James
> >
> >--
> >fedora-selinux-list mailing list
> >fedora-selinux-list at
> >
> >
> >
> Could you supply the avc messages from /var/log/audit/audit.log or
> /var/log/messages.
> --

More information about the fedora-selinux-list mailing list