From: domg472@gmail.com (Dominick Grift) Date: Sun, 26 Oct 2008 19:58:59 +0100 Subject: [refpolicy] Help with policy writing In-Reply-To: References: Message-ID: <1225047539.3435.5.camel@sulphur.notebook.internal> To: refpolicy@oss.tresys.com List-Id: refpolicy.oss.tresys.com On Sun, 2008-10-26 at 19:43 +0100, Konrad Azzopardi wrote: > > Raw Audit Messages > > host=MALTA type=AVC msg=audit(1225045152.583:1290): avc: denied { > execute_no_trans } for pid=7159 comm="samhain" > path="/usr/local/sbin/samhain" dev=dm-0 ino=7552222 > scontext=unconfined_u:system_r:samhain_t:s0 > tcontext=system_u:object_r:samhain_exec_t:s0 tclass=file > > host=MALTA type=SYSCALL msg=audit(1225045152.583:1290): arch=40000003 > syscall=11 success=yes exit=0 a0=b8f57000 a1=bfc3cc48 a2=bfc3cfa0 > a3=bfc3cd4c items=0 ppid=7158 pid=7159 auid=500 uid=0 gid=0 euid=0 > suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts0 ses=1 comm="samhain" > exe="/usr/local/sbin/samhain" subj=unconfined_u:system_r:samhain_t:s0 > key=(null) samhain_t is trying to execute samhain executable file: can_exec(samhain_t, samhain_exec_t) might solve this. refer to this interface call in reference policy. > _______________________________________________ > refpolicy mailing list > refpolicy at oss.tresys.com > http://oss.tresys.com/mailman/listinfo/refpolicy -- Dominick Grift -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 197 bytes Desc: This is a digitally signed message part Url : http://oss.tresys.com/pipermail/refpolicy/attachments/20081026/c6ce8ed8/attachment.bin