http://people.fedoraproject.org/~dwalsh/SELinux/F13/kernel_storage.patch
Add files context for /dev/etherd
Dontaudit attempts to relable lnk_files.
On Tue, 2010-02-23 at 14:36 -0500, Daniel J Walsh wrote:
> http://people.fedoraproject.org/~dwalsh/SELinux/F13/kernel_storage.patch
>
> Add files context for /dev/etherd
Merged.
> Dontaudit attempts to relable lnk_files.
Not so sure about this; it doesn't seem like it would be a general
problem, rather, a broken behavior of a particular program. Since
relabeling means there is some SELinux awareness, it shouldn't be tough
to track this down.
--
Chris PeBenito
Tresys Technology, LLC
(410) 290-1411 x150
On 03/04/2010 02:23 PM, Christopher J. PeBenito wrote:
> On Tue, 2010-02-23 at 14:36 -0500, Daniel J Walsh wrote:
>
>> http://people.fedoraproject.org/~dwalsh/SELinux/F13/kernel_storage.patch
>>
>> Add files context for /dev/etherd
>>
> Merged.
>
>
>> Dontaudit attempts to relable lnk_files.
>>
> Not so sure about this; it doesn't seem like it would be a general
> problem, rather, a broken behavior of a particular program. Since
> relabeling means there is some SELinux awareness, it shouldn't be tough
> to track this down.
>
>
I think some of these are caused by the cp command.
./services/virt.te:storage_relabel_fixed_disk(virtd_t)
./system/lvm.te:storage_relabel_fixed_disk(clvmd_t)
./system/lvm.te:storage_relabel_fixed_disk(lvm_t)
If you execute cp -p it causes this AVC to happen when it tries to set
the context.
On 03/04/2010 02:23 PM, Christopher J. PeBenito wrote:
> On Tue, 2010-02-23 at 14:36 -0500, Daniel J Walsh wrote:
>
>> http://people.fedoraproject.org/~dwalsh/SELinux/F13/kernel_storage.patch
>>
>> Add files context for /dev/etherd
>>
> Merged.
>
>
>> Dontaudit attempts to relable lnk_files.
>>
> Not so sure about this; it doesn't seem like it would be a general
> problem, rather, a broken behavior of a particular program. Since
> relabeling means there is some SELinux awareness, it shouldn't be tough
> to track this down.
>
>
https://bugzilla.redhat.com/show_bug.cgi?id=525119
On Fri, 2010-03-05 at 11:06 -0500, Daniel J Walsh wrote:
> On 03/04/2010 02:23 PM, Christopher J. PeBenito wrote:
> > On Tue, 2010-02-23 at 14:36 -0500, Daniel J Walsh wrote:
> >
> >> http://people.fedoraproject.org/~dwalsh/SELinux/F13/kernel_storage.patch
> >>
> >> Add files context for /dev/etherd
> >>
> > Merged.
> >
> >
> >> Dontaudit attempts to relable lnk_files.
> >>
> > Not so sure about this; it doesn't seem like it would be a general
> > problem, rather, a broken behavior of a particular program. Since
> > relabeling means there is some SELinux awareness, it shouldn't be tough
> > to track this down.
> >
> >
> https://bugzilla.redhat.com/show_bug.cgi?id=525119
In the last comment, it says that the bug went away in F12, so it sounds
like that the dontaudit can be dropped.
--
Chris PeBenito
Tresys Technology, LLC
(410) 290-1411 x150