many avcs at startup, readahead and several others

Antonio Olivares olivares14031 at yahoo.com
Wed Sep 3 12:02:56 UTC 2008




--- On Tue, 9/2/08, Tom London <selinux at gmail.com> wrote:

> I'm running selinux-policy-targeted-3.5.5-3.fc10.noarch
> and
> selinux-policy-3.5.5-3.fc10.noarch.
> 
> and on my system ~/.pulse is:
> [tbl at tlondon ~]$ ls -ld .pulse
> drwx------ 2 tbl tbl 4096 2008-09-02 19:48 .pulse
> [tbl at tlondon ~]$ ls -ldZ .pulse
> drwx------  tbl tbl system_u:object_r:gnome_home_t:s0
> .pulse
> [tbl at tlondon ~]$
> 
> On yours, it seems to be user_home_t.
> 
> type=1400 audit(1220391480.206:24): avc:  denied  { setattr
> } for
> pid=3267 comm="npviewer.bin"
> name=".pulse" dev=dm-0 ino=7176200
> scontext=unconfined_u:unconfined_r:nsplugin_t:s0-s0:c0.c1023
> tcontext=unconfined_u:object_r:user_home_t:s0 tclass=dir
> 
> You running the same policy?  Did you update from F9?

[olivares at localhost ~]$ cat .selinux-policy.txt
selinux-policy-targeted-3.5.5-3.fc10.noarch
selinux-policy-3.5.5-3.fc10.noarch
[olivares at localhost ~]$ ls -ld .pulse
drwx------ 2 olivares olivares 4096 2008-09-03 07:00 .pulse
[olivares at localhost ~]$ ls -ldZ .pulse
drwx------  olivares olivares system_u:object_r:gnome_home_t   .pulse
[olivares at localhost ~]$

I did a 
# touch ./autorelabel; reboot

and the denied avcs still appear :(.  Wonder what is happening?
> 
> tom
> -- 
> Tom London


      




More information about the fedora-test-list mailing list