While booting to run level 5 and logging in, with the 427 kernel in enforcing mode and selinux-policy-strict-1.13.4-5, the following avc denied messages occur:
Jun 13 21:05:09 new2 kernel: audit(1087175109.179:0): avc: denied { getattr } for pid=3137 exe=/usr/libexec/gnome-vfs-daemon path=/initrd dev=ram0 ino=2 scontext=richard:staff_r:staff_t tcontext=system_u:object_r:file_t tclass=dir Jun 13 21:05:09 new2 kernel: audit(1087175109.839:0): avc: denied { getattr } for pid=3148 exe=/usr/bin/nautilus path=/initrd dev=ram0 ino=2 scontext=richard:staff_r:staff_t tcontext=system_u:object_r:file_t tclass=dir Jun 13 21:05:09 new2 kernel: audit(1087175109.957:0): avc: denied { getattr } for pid=3149 exe=/usr/bin/nautilus path=/initrd dev=ram0 ino=2 scontext=richard:staff_r:staff_t tcontext=system_u:object_r:file_t tclass=dir
HTH Richard Hally
On Mon, 14 Jun 2004 15:46, Richard Hally rhallyx@mindspring.com wrote:
While booting to run level 5 and logging in, with the 427 kernel in enforcing mode and selinux-policy-strict-1.13.4-5, the following avc denied messages occur:
Jun 13 21:05:09 new2 kernel: audit(1087175109.179:0): avc: denied { getattr } for pid=3137 exe=/usr/libexec/gnome-vfs-daemon path=/initrd dev=ram0 ino=2 scontext=richard:staff_r:staff_t tcontext=system_u:object_r:file_t tclass=dir
/initrd should not be mounted at that time.
I have filed a bugzilla entry: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=125925
selinux@lists.fedoraproject.org