On Wed, 2013-06-05 at 15:44 -0400, Vadym Chepkov wrote:
Hi,
Unfortunately,
Linode.com VPS provider doesn't include SELinux support in their
kernels, so I had to recompile my kernel with SELinux enabled.
Due to some other limitations they do not support stock centos6 kernel (2.6.32) and told
me to install the latest 3.x, which I did.
But now I see these messages in the kernel boot log, which makes me to think my SELinux
is "broken"
You can ignore those if you like they aren't that important and it
should not break anything. Its just an incompatibility between your
policy and kernel versions.
dracut: Loading SELinux policy
type=1404 audit(1370460658.483:2): enforcing=1 old_enforcing=0 auid=4294967295
ses=4294967295
SELinux: Permission audit_access in class file not defined in policy.
SELinux: Permission audit_access in class dir not defined in policy.
SELinux: Permission execmod in class dir not defined in policy.
SELinux: Permission audit_access in class lnk_file not defined in policy.
SELinux: Permission open in class lnk_file not defined in policy.
SELinux: Permission execmod in class lnk_file not defined in policy.
SELinux: Permission audit_access in class chr_file not defined in policy.
SELinux: Permission audit_access in class blk_file not defined in policy.
SELinux: Permission execmod in class blk_file not defined in policy.
SELinux: Permission audit_access in class sock_file not defined in policy.
SELinux: Permission execmod in class sock_file not defined in policy.
SELinux: Permission audit_access in class fifo_file not defined in policy.
SELinux: Permission execmod in class fifo_file not defined in policy.
SELinux: Permission syslog in class capability2 not defined in policy.
SELinux: Permission wake_alarm in class capability2 not defined in policy.
SELinux: Permission block_suspend in class capability2 not defined in policy.
SELinux: Permission attach_queue in class tun_socket not defined in policy.
SELinux: the above unknown classes and permissions will be allowed
type=1403 audit(1370460659.259:3): policy loaded auid=4294967295 ses=4294967295
Is there anything I can do besides changing provider?
Thanks,
Vadym
--
selinux mailing list
selinux(a)lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/selinux