insmod_t wants sys_nice ....

Tom London selinux at gmail.com
Sat Jul 21 17:52:26 UTC 2007


After installing this morning's Rawhide, including
selinux-policy-targeted-3.0.3-3.fc8, selinux-policy-3.0.3-3.fc8 and
selinux-policy-devel-3.0.3-3.fc8, I get lots of

Jul 21 10:39:01 localhost kernel: audit(1185039533.420:74): avc:
denied  { sys_nice } for  pid=1796 comm="modprobe" capability=23
scontext=system_u:system_r:insmod_t:s0
tcontext=system_u:system_r:insmod_t:s0 tclass=capability
Jul 21 10:39:01 localhost kernel: audit(1185039533.920:75): avc:
denied  { sys_nice } for  pid=1829 comm="modprobe" capability=23
scontext=system_u:system_r:insmod_t:s0
tcontext=system_u:system_r:insmod_t:s0 tclass=capability

in /var/log/messages, and similar

type=AVC msg=audit(1185039594.415:93): avc:  denied  { sys_nice } for
pid=3157 comm="modprobe" capability=23
scontext=system_u:system_r:insmod_t:s0-s0:c0.c1023
tcontext=system_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=capability
type=SYSCALL msg=audit(1185039594.415:93): arch=40000003 syscall=128
success=yes exit=0 a0=b7f13008 a1=180f4 a2=a0166f8 a3=a0166f8 items=0
ppid=3133 pid=3157 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0
egid=0 sgid=0 fsgid=0 tty=(none) comm="modprobe" exe="/sbin/modprobe"
subj=system_u:system_r:insmod_t:s0-s0:c0.c1023 key=(null)

in /var/log/audit/audit.log

tom
-- 
Tom London




More information about the fedora-selinux-list mailing list