On 09/28/2009 03:50 AM, chenh wrote:

Everytime I use adsl connection, AVC alerts: "SELinux is preventing consoletype (consoletype_t) "read write" pppd_t. " I typed "audit2allow -a" and saw:

#============= alsa_t ==============
allow alsa_t file_t:file read;

#============= consoletype_t ==============
allow consoletype_t file_t:file read;
allow consoletype_t pppd_t:packet_socket { read write };

#============= dmesg_t ==============
allow dmesg_t file_t:file read;

#============= hwclock_t ==============
allow hwclock_t file_t:file read;

#============= ifconfig_t ==============
allow ifconfig_t file_t:file read;

#============= mount_t ==============
allow mount_t file_t:file unlink;

#============= setroubleshootd_t ==============
allow setroubleshootd_t locate_var_lib_t:file read;

Looks like your machine is mislabeled. Could you try to execute:

# fixfiles restore
# reboot

What is your version of selinux-policy.
# rpm -q selinux-policy selinux-policy-targeted

There're two rule about consoletype above. Is it safe to add them using audit2allow? Thanks!

"中国制造",讲述中国60年往事
--
fedora-selinux-list mailing list
fedora-selinux-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-selinux-list