AVC's and Xen
Daniel J Walsh
dwalsh at redhat.com
Thu Jun 15 13:03:17 UTC 2006
Gawain Lynch wrote:
> On Tue, 2006-06-13 at 11:51 -0400, James Antill wrote:
>
>> On Tue, 2006-06-13 at 22:24 +1000, Gawain Lynch wrote:
>>
>>> audit(1150200957.379:95): avc: denied { use } for pid=4853 comm="xm"
>>> name="console" dev=tmpfs ino=838 scontext=system_u:system_r:xm_t:s0
>>> tcontext=system_u:system_r:init_t:s0 tclass=fd
>>>
This probably can be ignored, if it is not causing a problem.
>> What xm command were you doing for this?
>>
>
>
> xm list
> xm create
> xm save
>
> All of these were triggering the avc's
>
>
>> You can use setbool xm_disable_trans=no, as a temporary workaround.
>>
>
> Is that maybe supposed to be setsebool xm_disable_trans=false
>
> I obviously need to do a *lot* more reading on selinux before going down
> this path. :-)
>
>
>> Until recently combining Xen and SELinux basically didn't work at all,
>> so we are improving a lot :).
>>
>
> That is OK, I thought it was up and running and just wanted to report
> issues. I'll leave it be for the time being and study up so I can be of
> more use in reporting/fixing these things.
>
> Thanks kindly for your help,
>
> Gawain
>
> --
> fedora-selinux-list mailing list
> fedora-selinux-list at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-selinux-list
>
More information about the selinux
mailing list