Le mardi 15 novembre 2005 à 16:45 -0500, Christopher J. PeBenito a
écrit :
> On Tue, 2005-11-15 at 21:17 +0100, Nicolas Mailhot wrote:
> > Is selinux-policy-targeted-2.0.0-1 really ready for use ? Basic stuff
> > like udev access to /dev/.udevdb and su seems to be blocked
>
> Can you provide denials from your audit.log? I can't reproduce these
> problems.
The udev bit is too early to end in the logs, it flashes during the boot
messages. Maybe it's not selinux related but it looks like it
Strangely su works from the console but not from gnome-terminal
Attached a full audit.log for the system. Generation process :
- force an autorelabel (touch /.autorelabel)
- reboot
- switch to init 1
- remove /var/log/audit/audit.log
- reboot
- do_stuff (including a failed root login ;))
- copy the resulting audit.log
All the denied accesses in the log can therefore be attributed directly
to the policy. Lots of denied stuff for 2 minutes of system activity
before copying the log.
--
Nicolas Mailhot
audit.log.bz2
Description: application/bzip
signature.asc
Description: Ceci est une partie de message =?ISO-8859-1?Q?num=E9riquement?= =?ISO-8859-1?Q?_sign=E9e?=
| 
