[root@dell root]# ls -l /udev/microcode crw------- 1 root root 10, 184 May 25 13:56 /udev/microcode [root@dell root]# ls -lZ /udev/microcode crw------- root root system_u:object_r:device_t /udev/microcode [root@dell root]#
------------------------------------------------------------------------
* /From/: Russell Coker <russell coker com au> * /To/: Richard Hally <rhallyx mindspring com> * /Cc/: fedora-selinux-list redhat com * /Subject/: Re: avc denied messages from microcode_ctl * /Date/: Tue, 15 Jun 2004 11:50:29 +1000
------------------------------------------------------------------------
On Tue, 15 Jun 2004 04:59, Richard Hally <rhallyx mindspring com> wrote:
I suggest just using setfiles to relabel /dev/cpu.
There is no /udev/cpu. There is a /udev/microcode. It is labeled device_t.
There is no /dev/microcode listed in Documentation/devices.txt in the kernel source tree from kernel.org.
Please show me the "ls -l /dev/microcode" output. We'll have to add an entry to file_contexts/types.fc for it.
On Tue, 15 Jun 2004 12:13, Tom London selinux@comcast.net wrote:
[root@dell root]# ls -l /udev/microcode crw------- 1 root root 10, 184 May 25 13:56 /udev/microcode [root@dell root]# ls -lZ /udev/microcode crw------- root root system_u:object_r:device_t /udev/microcode [root@dell root]#
It seems that /dev/cpu/[0-9]+/microcode has moved to /dev/microcode. I think that's a good thing.
Add the following to file_contexts/types.fc right after the /dev/cpu entry and then things should be fine.
/u?dev/microcode -c system_u:object_r:cpu_device_t
selinux@lists.fedoraproject.org
-
Russell Coker -
Tom London