On Mon, 2006-04-03 at 09:02 -0400, Stephen Smalley wrote:
On Sat, 2006-04-01 at 00:51 -0800, Antonio Olivares wrote:
> Dear all,
> I decided to install latest FC4 kernel
> 2.6.16-1.2069_FC4 or so. Upon booting I can no longer
> surf the internet. I get some avc denied messages
> from dmesg. How can I fix this issue?
>
> I do not want to disable selinux.
Can you post the avc messages (or just the first few if there are many
repeats)? You can use audit2allow to temporarily generate allow rules
for the denials until a policy update is issued, although it isn't
always what you want to do. See the EXAMPLE section of the audit2allow
man page.
Sorry - I see that you did in fact attach them. The denials in this
case were due to new IPSEC-related SELinux controls that went into
2.6.16, introduced by IBM, so you did need an updated policy, as you
discovered.
--
Stephen Smalley
National Security Agency