.udev.tdb ?

Tom London selinux at comcast.net
Tue Jul 20 16:35:16 UTC 2004


Yikes.... sorry, but this doesn't look right.... 
now produces hordes of 'restorecon' avcs....

Jul 20 09:23:46 fedora kernel: audit(1090340592.421:0): avc:  denied  { 
read write } for  pid=991 exe=/sbin/restorecon path=/dev/.udev.tdb 
dev=hda2 ino=2698913 scontext=system_u:system_r:restorecon_t 
tcontext=system_u:object_r:udev_tbl_t tclass=file
Jul 20 09:23:47 fedora kernel: audit(1090340592.431:0): avc:  denied  { 
read write } for  pid=992 exe=/sbin/restorecon path=/dev/.udev.tdb 
dev=hda2 ino=2698913 scontext=system_u:system_r:restorecon_t 
tcontext=system_u:object_r:udev_tbl_t tclass=file
Jul 20 09:23:47 fedora kernel: audit(1090340600.740:0): avc:  denied  { 
unlink } for  pid=1297 exe=/sbin/udev name=microcode dev=hda2 
ino=2689375 scontext=system_u:system_r:udev_t 
tcontext=system_u:object_r:device_t tclass=lnk_file
Jul 20 09:23:47 fedora kernel: audit(1090340600.759:0): avc:  denied  { 
read write } for  pid=1309 exe=/sbin/restorecon path=/dev/.udev.tdb 
dev=hda2 ino=2698913 scontext=system_u:system_r:restorecon_t 
tcontext=system_u:object_r:udev_tbl_t tclass=file


Russell Coker wrote:

>On Tue, 20 Jul 2004 13:24, Tom London <selinux at comcast.net> wrote:
>  
>
>>I'm getting lots of of 'denied' avc for /dev/.udev.tdb from /sbin/udev.
>>I see an entry in file_contexts for '/dev/udev.tbl' (which doesn't
>>seem to exist on my system).  Has .udev.tbd replaced udev.tbl?
>>(udev_db in /etc/udev/udev.conf is set to /dev/.udev.tdb).
>>    
>>
>
>Your analysis sounds reasonable.  How do things work if you put the following 
>in udev.fc, run "make install" and then run "restorecon /dev/.udev.tdb"?
>/dev/\.udev\.tdb --     system_u:object_r:udev_tbl_t
>
>  
>



More information about the selinux mailing list