error in today's rawhide update....
Tom London
selinux at gmail.com
Wed Apr 12 14:51:35 UTC 2006
On 4/12/06, Tom London <selinux at gmail.com> wrote:
> I did 'setenforce 0', and 'rpm -Uvh selinux-policy-targeted*', and
> this seems to be proceeding without errors.
>
> I'm getting lots of files relabeled (>400), mostly texrel_shlib_t to
> lib_t, for things like /usr/lib/firefox, /usr/lib/mozilla,
> /usr/lib/wine.
>
> This expected?
Hmmm...Suspect relabeling has broken some stuff. Get this when I try
to start firefox:
type=AVC msg=audit(1144853278.073:58): avc: denied { execmod } for
pid=4819 comm="firefox-bin" name="libxpcom_core.so" dev=dm-0
ino=6114892 scontext=user_u:system_r:unconfined_t:s0
tcontext=system_u:object_r:lib_t:s0 tclass=file
type=SYSCALL msg=audit(1144853278.073:58): arch=40000003 syscall=125
success=yes exit=0 a0=327000 a1=cc000 a2=5 a3=bfc5e610 items=0
pid=4819 auid=500 uid=500 gid=500 euid=500 suid=500 fsuid=500 egid=500
sgid=500 fsgid=500 tty=(none) comm="firefox-bin"
exe="/usr/lib/firefox-1.5.0.1/firefox-bin"
subj=user_u:system_r:unconfined_t:s0
type=AVC_PATH msg=audit(1144853278.073:58):
path="/usr/lib/firefox-1.5.0.1/libxpcom_core.so"
I'll reboot in permissive mode and try to capture all the AVCs....
tom
--
Tom London
More information about the selinux
mailing list