Re: Can I allow console_type_t to access pppd_t?
On 09/28/2009 03:50 AM, chenh wrote:
Everytime I use adsl connection, AVC alerts: "SELinux is preventing
consoletype (consoletype_t) "read write" pppd_t. " I typed
"audit2allow -a" and saw:
#============= alsa_t ==============
allow alsa_t file_t:file read;
#============= consoletype_t ==============
allow consoletype_t file_t:file read;
allow consoletype_t pppd_t:packet_socket { read write };
#============= dmesg_t ==============
allow dmesg_t file_t:file read;
#============= hwclock_t ==============
allow hwclock_t file_t:file read;
#============= ifconfig_t ==============
allow ifconfig_t file_t:file read;
#============= mount_t ==============
allow mount_t file_t:file unlink;
#============= setroubleshootd_t ==============
allow setroubleshootd_t locate_var_lib_t:file read;
Looks like your machine is mislabeled. Could you try to execute:
# fixfiles restore
# reboot
What is your version of selinux-policy.
# rpm -q selinux-policy selinux-policy-targeted
There're two rule about consoletype above. Is it safe to add them
using audit2allow? Thanks!
------------------------------------------------------------------------
"??? ?",????60???
<http://news.163.com/madeinchina/index.html?from=mailfooter>
------------------------------------------------------------------------
--
fedora-selinux-list mailing list
fedora-selinux-list(a)redhat.com
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
Attachments:
- attachment.html (text/html — 2.3 KB)