http://people.fedoraproject.org/~dwalsh/SELinux/F12/kernel_terminal.patch
ptmx moved to /dev/pts
fixup interfaces
console_device_t on Zseries is same as tty_device_t
On Thu, 2009-11-12 at 16:05 -0500, Daniel J Walsh wrote:
> http://people.fedoraproject.org/~dwalsh/SELinux/F12/kernel_terminal.patch
>
> ptmx moved to /dev/pts
>
> fixup interfaces
Merged.
> console_device_t on Zseries is same as tty_device_t
If I recall correctly, there is an instance where a system logs into
console_device_t, so relabel permissions are required on that type.
Perhaps we should look into conditionally treating console_device_t and
tty_device_t as the same thing on these system(s)?
--
Chris PeBenito
Tresys Technology, LLC
(410) 290-1411 x150
On 11/19/2009 03:01 PM, Christopher J. PeBenito wrote:
> On Thu, 2009-11-12 at 16:05 -0500, Daniel J Walsh wrote:
>> http://people.fedoraproject.org/~dwalsh/SELinux/F12/kernel_terminal.patch
>>
>> ptmx moved to /dev/pts
>>
>> fixup interfaces
>
> Merged.
>
>> console_device_t on Zseries is same as tty_device_t
>
> If I recall correctly, there is an instance where a system logs into
> console_device_t, so relabel permissions are required on that type.
> Perhaps we should look into conditionally treating console_device_t and
> tty_device_t as the same thing on these system(s)?
>
Yes although I do not plan on per arch policy.