targeted policy: crond_t now invalid for initrc_t ?
Tom London
selinux at gmail.com
Tue Jan 25 15:40:43 UTC 2005
On Mon, 24 Jan 2005 15:02:22 -0500, Daniel J Walsh <dwalsh at redhat.com> wrote:
> Can you try a
> make -C /etc/selinux/targeted/src/policy load
>
Sorry, no soap. :-(
Here's a log:
[root at tlondon ~]# cd /etc/selinux/targeted
[root at tlondon targeted]# cd src/policy
[root at tlondon policy]# make -C /etc/selinux/targeted/src/policy load
make: Entering directory `/etc/selinux/targeted/src/policy'
/usr/sbin/load_policy /etc/selinux/targeted/policy/policy.18
touch tmp/load
make: Leaving directory `/etc/selinux/targeted/src/policy'
[root at tlondon ~]# cd /etc/init.d
[root at tlondon init.d]# ./crond status
crond is stopped
[root at tlondon init.d]# ./crond start
Starting crond: /etc/init.d/functions: line 148: /usr/sbin/crond:
Permission denied
[FAILED]
[root at tlondon init.d]#
Here's the AVC:
Jan 25 07:38:17 localhost kernel: audit(1106667497.815:0):
security_compute_sid: invalid context root:system_r:crond_t for
scontext=root:system_r:initrc_t
tcontext=system_u:object_r:crond_exec_t tclass=process
tom
--
Tom London
More information about the fedora-selinux-list
mailing list