Kernel 2.6.14-1.1653 & selinux 1.27.1.-2.16
Valdis.Kletnieks at vt.edu
Valdis.Kletnieks at vt.edu
Fri Jan 27 19:18:42 UTC 2006
On Fri, 27 Jan 2006 11:44:07 EST, Stephen Smalley said:
> On Fri, 2006-01-27 at 17:49 +0200, G Jahchan wrote:
> > ls -Z /sbin/init
> > -rwxr-xr-x root root system_u:object_r:staff_home_t /sbin/init
>
> That's your problem - your filesystem is incorrectly labeled. Don't
> know how your /sbin/init program ended up with the type of a staff home
> directory; it should have init_exec_t.
It's probably related to the strict policy whoopsage I reported - the system
would end up with only some 10% of the policy modules in place, and a restorecon
wouldn't include the *.fc rules for the missing modules - so some less-restrictive
rule would set the context (I ended up with almost everything as default_t,
but I could see how staff_home_t might happen too...)
At one point, every single process on my laptop was running in kernel_t, because
the various init_t and similar types weren't defined, nor were the transitions for
them. Good thing I'm running in permissive. ;)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 226 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/fedora-selinux-list/attachments/20060127/3272914c/attachment.sig>
More information about the fedora-selinux-list
mailing list