audio-entropd needs some help....
Daniel J Walsh
dwalsh at redhat.com
Tue Jun 12 17:07:27 UTC 2007
Tom "spot" Callaway wrote:
> On Tue, 2007-06-12 at 07:32 -0400, Stephen Smalley wrote:
>
>> On Mon, 2007-06-11 at 16:16 -0500, Tom "spot" Callaway wrote:
>>
>>> On Mon, 2007-06-11 at 12:07 -0700, Tom London wrote:
>>>
>>>> On 6/10/07, Tom London <selinux at gmail.com> wrote:
>>>>
>>>>> Running latest Rawhide, targeted.
>>>>>
>>>>> Running in enforcing mode, audio-entropyd fails to start.
>>>>>
>>>>> Flipping to permissive mode and restarting, I get these:
>>>>>
>>> (audit messages snipped)
>>>
>>> I tried to make a module for audio-entropyd to fix this, but it doesn't
>>> seem to do the job. Can anyone advise me on what I'm doing wrong?
>>>
>>> Here are my three files:
>>>
>>> http://people.redhat.com/tcallawa/selinux/
>>>
>>> Thanks in advance,
>>>
>> Can you clarify what you mean by "doesn't seem to do the job"? You
>> still get avc denials? Which ones?
>>
>
> I'm still getting similar avc denials:
>
> Raw Audit Messages :avc: denied { read, write } for
> comm="audio-entropyd" dev=tmpfs egid=0 euid=0
> exe="/usr/sbin/audio-entropyd" exit=4 fsgid=0 fsuid=0 gid=0 items=0
> name="random" pid=3939 scontext=user_u:system_r:entropyd_t:s0 sgid=0
> subj=user_u:system_r:entropyd_t:s0 suid=0 tclass=chr_file
> tcontext=system_u:object_r:random_device_t:s0 tty=(none) uid=0
>
> Raw Audit Messages :avc: denied { dac_override } for
> comm="audio-entropyd" egid=0 euid=0 exe="/usr/sbin/audio-entropyd"
> exit=5 fsgid=0 fsuid=0 gid=0 items=0 pid=3939
> scontext=user_u:system_r:entropyd_t:s0 sgid=0
> subj=user_u:system_r:entropyd_t:s0 suid=0 tclass=capability
> tcontext=user_u:system_r:entropyd_t:s0 tty=(none) uid=0
>
> ~spot
>
>
>
Are you sure you installed you pp file?
semodule -l
Will list the installed modules.
> --
> fedora-selinux-list mailing list
> fedora-selinux-list at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-selinux-list
>
More information about the selinux
mailing list