| View previous topic :: View next topic |
| Author |
Message |
GNUtoo
Veteran
Joined: 05 May 2005
Posts: 1919
|
 Posted: Sat Jun 09, 2007 5:33 am Post subject: selinux questions[solved] |
 |
|
i have several questions on selinux:
*is there any tools compatible with the 2006.1 profile in portage that can make security policies for applications such as tremulous and nexuiz
*how do i make boot possible with the enforcement mode on? i have some denys:
| Code: | audit(1181367493.741:3): avc: denied { read write } for pid=1231 comm="hotplug" name="tty" dev=md3 ino=20710227 scontext=system_u:system_r:hotplug_t tcontext=system_u:object_r:file_t tclass=chr_file
audit(1181367495.241:4): avc: denied { read write } for pid=1267 comm="mount" name="console" dev=md3 ino=20709389 scontext=system_u:system_r:mount_t tcontext=system_u:object_r:file_t tclass=chr_file
audit(1181367495.241:5): avc: denied { read write } for pid=1286 comm="restorecon" name="console" dev=md3 ino=20709389 scontext=system_u:system_r:restorecon_t tcontext=system_u:object_r:file_t tclass=chr_file
audit(1181367501.240:6): avc: denied { read write } for pid=3414 comm="dmsetup" name="console" dev=md3 ino=20709389 scontext=system_u:system_r:lvm_t tcontext=system_u:object_r:file_t tclass=chr_file
audit(1181367501.240:7): avc: denied { mounton } for pid=3428 comm="mount" name="tmp" dev=md3 ino=6668330 scontext=system_u:system_r:mount_t tcontext=system_u:object_r:lib_t tclass=dir
audit(1181360304.943:8): avc: denied { getattr } for pid=3496 comm="update-modules" name="rc" dev=md3 ino=19466647 scontext=system_u:system_r:update_modules_t tcontext=system_u:object_r:initrc_exec_t tclass=file
audit(1181360304.943:9): avc: denied { execute } for pid=3497 comm="update-modules" name="rc" dev=md3 ino=19466647 scontext=system_u:system_r:update_modules_t tcontext=system_u:object_r:initrc_exec_t tclass=file
audit(1181360304.943:10): avc: denied { execute_no_trans } for pid=3497 comm="update-modules" name="rc" dev=md3 ino=19466647 scontext=system_u:system_r:update_modules_t tcontext=system_u:object_r:initrc_exec_t tclass=file
audit(1181360304.943:11): avc: denied { read } for pid=3497 comm="update-modules" name="rc" dev=md3 ino=19466647 scontext=system_u:system_r:update_modules_t tcontext=system_u:object_r:initrc_exec_t tclass=file
audit(1181360306.943:12): avc: denied { read } for pid=3495 comm="update-modules" name="build" dev=md3 ino=7575114 scontext=system_u:system_r:update_modules_t tcontext=system_u:object_r:modules_object_t tclass=lnk_file
audit(1181360306.943:13): avc: denied { read } for pid=7144 comm="update-modules" name="linux-2.6.21-rt2" dev=md3 ino=2539665 scontext=system_u:system_r:update_modules_t tcontext=system_u:object_r:src_t tclass=dir
|
Last edited by GNUtoo on Sat Mar 01, 2008 6:01 pm; edited 1 time in total |
|
| Back to top |
|
 |
GNUtoo
Veteran
Joined: 05 May 2005
Posts: 1919
|
| Posted: Sat Mar 01, 2008 6:01 pm Post subject: |
|
|
i have found the solution:
audit2allow
in order to make nexuiz and tremulous and opengl games work simply do that:
chcon -t texrel_shlib_t libGL.so.1.2 |
|
| Back to top |
|
|
|
Networking & Security
