insmod_t wants sys_nice ....
Tom London
selinux at gmail.com
Sat Jul 21 17:52:26 UTC 2007
After installing this morning's Rawhide, including
selinux-policy-targeted-3.0.3-3.fc8, selinux-policy-3.0.3-3.fc8 and
selinux-policy-devel-3.0.3-3.fc8, I get lots of
Jul 21 10:39:01 localhost kernel: audit(1185039533.420:74): avc:
denied { sys_nice } for pid=1796 comm="modprobe" capability=23
scontext=system_u:system_r:insmod_t:s0
tcontext=system_u:system_r:insmod_t:s0 tclass=capability
Jul 21 10:39:01 localhost kernel: audit(1185039533.920:75): avc:
denied { sys_nice } for pid=1829 comm="modprobe" capability=23
scontext=system_u:system_r:insmod_t:s0
tcontext=system_u:system_r:insmod_t:s0 tclass=capability
in /var/log/messages, and similar
type=AVC msg=audit(1185039594.415:93): avc: denied { sys_nice } for
pid=3157 comm="modprobe" capability=23
scontext=system_u:system_r:insmod_t:s0-s0:c0.c1023
tcontext=system_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=capability
type=SYSCALL msg=audit(1185039594.415:93): arch=40000003 syscall=128
success=yes exit=0 a0=b7f13008 a1=180f4 a2=a0166f8 a3=a0166f8 items=0
ppid=3133 pid=3157 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0
egid=0 sgid=0 fsgid=0 tty=(none) comm="modprobe" exe="/sbin/modprobe"
subj=system_u:system_r:insmod_t:s0-s0:c0.c1023 key=(null)
in /var/log/audit/audit.log
tom
--
Tom London
More information about the fedora-selinux-list
mailing list