Can I allow console_type_t to access pppd_t?
Miroslav Grepl
mgrepl at redhat.com
Tue Sep 29 11:28:11 UTC 2009
On 09/28/2009 03:50 AM, chenh wrote:
>
> Everytime I use adsl connection, AVC alerts: "SELinux is preventing
> consoletype (consoletype_t) "read write" pppd_t. " I typed
> "audit2allow -a" and saw:
>
> #============= alsa_t ==============
> allow alsa_t file_t:file read;
>
> #============= consoletype_t ==============
> allow consoletype_t file_t:file read;
> allow consoletype_t pppd_t:packet_socket { read write };
>
> #============= dmesg_t ==============
> allow dmesg_t file_t:file read;
>
> #============= hwclock_t ==============
> allow hwclock_t file_t:file read;
>
> #============= ifconfig_t ==============
> allow ifconfig_t file_t:file read;
>
> #============= mount_t ==============
> allow mount_t file_t:file unlink;
>
> #============= setroubleshootd_t ==============
> allow setroubleshootd_t locate_var_lib_t:file read;
>
Looks like your machine is mislabeled. Could you try to execute:
# fixfiles restore
# reboot
What is your version of selinux-policy.
# rpm -q selinux-policy selinux-policy-targeted
> There're two rule about consoletype above. Is it safe to add them
> using audit2allow? Thanks!
>
>
> ------------------------------------------------------------------------
> "??? ?",????60???
> <http://news.163.com/madeinchina/index.html?from=mailfooter>
> ------------------------------------------------------------------------
>
> --
> fedora-selinux-list mailing list
> fedora-selinux-list at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-selinux-list
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/fedora-selinux-list/attachments/20090929/346275f8/attachment.htm>
More information about the fedora-selinux-list
mailing list