Below a few of the over 100 warning and error messages from doing yum update today.(6/12/04) Of the ones that didn't scroll off, they are all about the 427/build directory tree. This is in enforcing mode using the most recent strict policy that existed before todays update to selinux-policy-strict-sources-1.13.4-5. The avc denied messages are further below. HTH Richard Hally
----------------------------------------------------------------------------------------------------- from yum update: ... WARNING: Couldn't stat /lib/modules/2.6.6-1.427/build/.config: Permission denied WARNING: Couldn't stat /lib/modules/2.6.6-1.427/build/init/Makefile: Permission denied WARNING: Couldn't stat /lib/modules/2.6.6-1.427/build/init/Kconfig: Permission denied FATAL: Could not open /lib/modules/2.6.6-1.427/modules.dep.temp for writing: Permission denied /bin/bash: /root/.bashrc: Permission denied No dep file found for kernel 2.6.6-1.427 mkinitrd failed
------------------------------------------------------------------- And here are some of the avc denied messages
Jun 12 19:27:20 new2 kernel: audit(1087082831.128:0): avc: denied { getattr } for pid=5774 exe=/sbin/depmod path=/lib/modules/2.6.6-1.427/build/net/ipv4/Kconfig dev=hda2 ino=543312 scontext=root:sysadm_r:depmod_t tcontext=system_u:object_r:lib_t tclass=file Jun 12 19:27:20 new2 kernel: audit(1087082831.142:0): avc: denied { getattr } for pid=5774 exe=/sbin/depmod path=/lib/modules/2.6.6-1.427/build/.config dev=hda2 ino=525543 scontext=root:sysadm_r:depmod_t tcontext=system_u:object_r:lib_t tclass=file Jun 12 19:27:20 new2 kernel: audit(1087082831.142:0): avc: denied { getattr } for pid=5774 exe=/sbin/depmod path=/lib/modules/2.6.6-1.427/build/init/Makefile dev=hda2 ino=525592 scontext=root:sysadm_r:depmod_t tcontext=system_u:object_r:lib_t tclass=file Jun 12 19:27:20 new2 kernel: audit(1087082831.142:0): avc: denied { getattr } for pid=5774 exe=/sbin/depmod path=/lib/modules/2.6.6-1.427/build/init/Kconfig dev=hda2 ino=525591 scontext=root:sysadm_r:depmod_t tcontext=system_u:object_r:lib_t tclass=file Jun 12 19:27:20 new2 kernel: audit(1087082831.142:0): avc: denied { write } for pid=5774 exe=/sbin/depmod name=2.6.6-1.427 dev=hda2 ino=525541 scontext=root:sysadm_r:depmod_t tcontext=system_u:object_r:lib_t tclass=dir
selinux@lists.fedoraproject.org