All of lore.kernel.org
 help / color / mirror / Atom feed
* [refpolicy] consolekit etc
@ 2010-07-18 10:02 Russell Coker
  2010-07-19  7:30 ` Martin Orr
  0 siblings, 1 reply; 3+ messages in thread
From: Russell Coker @ 2010-07-18 10:02 UTC (permalink / raw)
  To: refpolicy

type=AVC msg=audit(1279446912.175:7): avc:  denied  { search } for  pid=880 
comm="dbus-daemon" name="console" dev=sda1 ino=243 
scontext=system_u:system_r:system_dbusd_t:s0-s0:c0.c1023 
tcontext=system_u:object_r:consolekit_var_run_t:s0 tclass=dir


I'm getting a bunch of denials such as the above.  It seems that dbus-daemon 
is trying to access /var/run/console for some reason - even though that 
directory is empty.

What is supposed to be happening here?

-- 
russell at coker.com.au
http://etbe.coker.com.au/          My Main Blog
http://doc.coker.com.au/           My Documents Blog

^ permalink raw reply	[flat|nested] 3+ messages in thread
* [refpolicy] consolekit etc
  2010-07-18 10:02 [refpolicy] consolekit etc Russell Coker
@ 2010-07-19  7:30 ` Martin Orr
  2010-07-19 12:52   ` Daniel J Walsh
  0 siblings, 1 reply; 3+ messages in thread
From: Martin Orr @ 2010-07-19  7:30 UTC (permalink / raw)
  To: refpolicy

On Sun 18 Jul 11:02:37 2010, Russell Coker wrote:

> type=AVC msg=audit(1279446912.175:7): avc:  denied  { search } for  pid=880
> comm="dbus-daemon" name="console" dev=sda1 ino=243
> scontext=system_u:system_r:system_dbusd_t:s0-s0:c0.c1023
> tcontext=system_u:object_r:consolekit_var_run_t:s0 tclass=dir
>
>
> I'm getting a bunch of denials such as the above.  It seems that dbus-daemon
> is trying to access /var/run/console for some reason - even though that
> directory is empty.

Shouldn't /var/run/console be labelled as pam_var_console_t?

-- 
Martin Orr

^ permalink raw reply	[flat|nested] 3+ messages in thread
* [refpolicy] consolekit etc
  2010-07-19  7:30 ` Martin Orr
@ 2010-07-19 12:52   ` Daniel J Walsh
  0 siblings, 0 replies; 3+ messages in thread
From: Daniel J Walsh @ 2010-07-19 12:52 UTC (permalink / raw)
  To: refpolicy

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 07/19/2010 03:30 AM, Martin Orr wrote:
> On Sun 18 Jul 11:02:37 2010, Russell Coker wrote:
> 
>> type=AVC msg=audit(1279446912.175:7): avc:  denied  { search } for  pid=880
>> comm="dbus-daemon" name="console" dev=sda1 ino=243
>> scontext=system_u:system_r:system_dbusd_t:s0-s0:c0.c1023
>> tcontext=system_u:object_r:consolekit_var_run_t:s0 tclass=dir
>>
>>
>> I'm getting a bunch of denials such as the above.  It seems that dbus-daemon
>> is trying to access /var/run/console for some reason - even though that
>> directory is empty.
> 
> Shouldn't /var/run/console be labelled as pam_var_console_t?
> 
It is in Fedora.  I think dbus is trying to check if the user is logged
into the console.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.14 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/

iEYEARECAAYFAkxESpUACgkQrlYvE4MpobNRJQCfQnMyn6n8w8C3vyXGfhe1BFCe
SmYAoMfvxXQvl5WWJMihZlpL9h/UMSK+
=meVq
-----END PGP SIGNATURE-----

^ permalink raw reply	[flat|nested] 3+ messages in thread
end of thread, other threads:[~2010-07-19 12:52 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2010-07-18 10:02 [refpolicy] consolekit etc Russell Coker
2010-07-19  7:30 ` Martin Orr
2010-07-19 12:52   ` Daniel J Walsh

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.