AVC messages at boot and kdm login (latest Rawhide)
Bill Nottingham
notting at redhat.com
Thu Mar 11 16:17:49 UTC 2004
Russell Coker (russell at coker.com.au) said:
> > Mar 11 04:19:53 dell kernel: audit(1079007592.976:0): avc: denied {
> > read write } for pid=1665 exe=/usr/sbin/gpm name=event0 dev=hda2
> > ino=4219044 scontext=system_u:system_r:gpm_t
> > tcontext=system_u:object_r:device_t tclass=chr_file
> > Mar 11 04:19:53 dell kernel: audit(1079007592.976:0): avc: denied {
> > ioctl } for pid=1665 exe=/usr/sbin/gpm path=/dev/input/event0 dev=hda2
> > ino=4219044 scontext=system_u:system_r:gpm_t
> > tcontext=system_u:object_r:device_t tclass=chr_file
>
> How does /dev/input really work? As I understand it event0 could be a
> keyboard or a mouse. So maybe we want a separate type for this so that when
> using gpm it can access it, but when the user is granted direct mouse access
> they can't read the keyboard directly.
>
> Does this make sense?
X will need access to eventX as well.
Bill
More information about the selinux
mailing list