* Another thing... console logins
@ 2005-11-30 18:04 Erich Schubert
0 siblings, 0 replies; only message in thread
From: Erich Schubert @ 2005-11-30 18:04 UTC (permalink / raw)
To: SELinux
Hi again,
I just tried a console login while in enforcing mode...
avc: denied { use } for pid=15513 comm="bash" name="tty1" dev=md1
ino=118355 scontext=root:sysadm_r:sysadm_t
tcontext=system_u:system_r:getty_t tclass=fd
(the only error during login when in permissive mode, apart from some
staff_t accessing sysadm_home_t)
and my iptables seems to need to be able to read etc_runtime_t:
avc: denied { read } for pid=28226 comm="iptables" name="mtab"
dev=ida/c0d0p5 ino=102335 scontext=root:system_r:iptables_t
tcontext=system_u:object_r:etc_runtime_t tclass=file
Regards,
Erich Schubert
--
erich@(mucl.de|debian.org) -- GPG Key ID: 4B3A135C (o_
There was never a good war or a bad peace. - Benjamin Franklin //\
Wenn zwei gute Freunde sind, die einander kennen, Sonn' und Mond V_/_
begegnen sich, ehe sie sich trennen. --- Clemens von Brentano
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2005-11-30 18:04 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2005-11-30 18:04 Another thing... console logins Erich Schubert
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).