AVCs denied from latest FC4 kernel startup
Bob Kashani
bobk at ocf.berkeley.edu
Tue Feb 7 04:50:04 UTC 2006
On Mon, 2006-02-06 at 15:00 -0500, Matthew Saltzman wrote:
> On Sun, 5 Feb 2006, Bob Kashani wrote:
>
> > On Sat, 2006-02-04 at 23:35 -0500, Matthew Saltzman wrote:
> >> After installing kernel-2.6.15-1.1830_FC4 (or any of the 2.6.15 kernels),
> >> I get the following on startup. Startup appears to complete normally and
> >> the system seems functional (at least for what I've tried so far).
> >>
> >> audit(1139113698.796:2): avc: denied { search } for pid=578
> >> comm="hotplug" name="proc" dev=dm-0 ino=851969
> >> scontext=system_u:system_r:hotplug_t
> >> tcontext=system_u:object_r:unlabeled_t tclass=dir
> >
> > Matt, what's the context of /etc/hotplug and /sbin/hotplug? I have this:
> >
> > drwxr-xr-x root root
> > system_u:object_r:hotplug_etc_t /etc/hotplug
> > drwxr-xr-x root root
> > system_u:object_r:etc_t /etc/hotplug.d
> > -rwxr-xr-x root root
> > system_u:object_r:hotplug_exec_t /sbin/hotplug
> >
> > Try /sbin/restorecon -R /etc/hotplug* /sbin/hotplug
>
> $ ls -dZ /etc/hotplug.* /sbin/hotplug
> drwxr-xr-x root root system_u:object_r:etc_t /etc/hotplug.d
> drwxr-xr-x root root system_u:object_r:hotplug_etc_t /etc/hotplug
> -rwxr-xr-x root root system_u:object_r:hotplug_exec_t /sbin/hotplug
>
> After the restorecon, mine are the same as yours. The startup messages
> are nto affected.
>
> BTW, I get the same startup messages in 2.6.14 FC4 kernels if I boot in
> non-quiet mode.
>
> I filed a bug against the kernel as requested by Stephen Smalley.
Try doing a full relabel to verify that everything is labeled correctly:
touch /.autorelabel
reboot
Bob
--
Bob Kashani
GARNOME Project
http://www.gnome.org/projects/garnome
More information about the fedora-selinux-list
mailing list