AVCs with rawhide policy....
Stephen Smalley
sds at tycho.nsa.gov
Thu Mar 1 12:04:17 UTC 2007
On Wed, 2007-02-28 at 18:15 -0800, Tom London wrote:
> Running latest rawhide, targeted/enforcing.
>
> Get these on boot in /var/log/messages:
>
> Feb 28 18:03:58 localhost kernel: audit(1172714587.604:4): avc:
> denied { getattr } for pid=436 comm="mount" name="/" dev=selinuxfs
> ino=540 scontext=system_u:system_r:mount_t:s0
> tcontext=system_u:object_r:security_t:s0 tclass=filesystem
Change to libselinux by Steve Grubb. The corresponding change to policy
was already committed upstream, so Dan just needs to pull it in
(allowing this permission in the selinux_get_fs_mount interface/macro).
--
Stephen Smalley
National Security Agency
More information about the fedora-selinux-list
mailing list