nfs avc messages with kernel-2.6.16-1.2069_FC4
sds at tycho.nsa.gov
Mon Apr 3 13:14:33 UTC 2006
On Mon, 2006-04-03 at 09:02 -0400, Stephen Smalley wrote:
> On Sat, 2006-04-01 at 00:51 -0800, Antonio Olivares wrote:
> > Dear all,
> > I decided to install latest FC4 kernel
> > 2.6.16-1.2069_FC4 or so. Upon booting I can no longer
> > surf the internet. I get some avc denied messages
> > from dmesg. How can I fix this issue?
> > I do not want to disable selinux.
> Can you post the avc messages (or just the first few if there are many
> repeats)? You can use audit2allow to temporarily generate allow rules
> for the denials until a policy update is issued, although it isn't
> always what you want to do. See the EXAMPLE section of the audit2allow
> man page.
Sorry - I see that you did in fact attach them. The denials in this
case were due to new IPSEC-related SELinux controls that went into
2.6.16, introduced by IBM, so you did need an updated policy, as you
National Security Agency
More information about the fedora-selinux-list