mknod problem still present denied avc's

Daniel J Walsh dwalsh at redhat.com
Thu Jun 14 14:02:35 UTC 2007 

Antonio Olivares wrote:
> dmesg returns
>
> audit(1181681041.681:4): avc:  denied  { add_name } for  pid=739 comm="mknod" name="slamr0" scontext=system_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:device_t:s0 tclass=dir
>
> After I did this again
>
> [olivares at localhost ~]$ su -
> Password: 
> [root at localhost ~]# grep insmod /var/log/audit/audit.log | audit2allow -M myinsmod
> ******************** IMPORTANT ***********************
> To make this policy package active, execute:
>
> semodule -i myinsmod.pp
>
> [root at localhost ~]# semodule -i myinsmod.pp
> [root at localhost ~]# 
>
> Selinux troubleshooter returned this:
>
> avc: denied { write } for comm="mknod" dev=tmpfs egid=0 euid=0 exe="/bin/mknod" exit=-13 fsgid=0 fsuid=0 gid=0 items=0 name="/" pid=2766 scontext=user_u:system_r:insmod_t:s0 sgid=0 subj=user_u:system_r:insmod_t:s0 suid=0 tclass=dir tcontext=system_u:object_r:device_t:s0 tty=pts0 uid=0 
>
>   
Yes you allowed add_name to the directory now it is complaing about the 
write. It is best to put the machine in permissive mode,  Run the app to 
completion, then generate the policy and
retest in enforcing mode.

setenforce 0
run test
grep insmod /var/log/audit/audit.log | audit2allow -M myinsmod
semodule -i myinsmod.pp
setenforce 1
run test
> Policy RPM:  selinux-policy-2.6.4-8.fc7
>
> Affected RPM Packages:  coreutils-6.9-2.fc7 [application]Policy RPM:  selinux-policy-2.6.4-12.fc7
>
>
> How can I effectively fix this?
>
> This is my /etc/modprobe.conf
>
> [root at localhost Download]# cat /etc/modprobe.conf
> alias eth0 8139too
> alias scsi_hostadapter sata_via
> alias scsi_hostadapter1 pata_via
> alias snd-card-0 snd-via82xx
> options snd-card-0 index=0  
> options snd-via82xx index=0  
> install slamr modprobe --ignore-install ungrab-winmodem ; modprobe --ignore-install slamr; test -e /dev/slamr0 || (/bin/mknod -m 660 /dev/slamr0 c 242 0 2>/dev/null && chgrp dialout /dev/slamr0)
> [root at localhost Download]#
>
> Thanks,
>
> Antonio 
>
>
>
>        
> ____________________________________________________________________________________
> Yahoo! oneSearch: Finally, mobile search 
> that gives answers, not web links. 
> http://mobile.yahoo.com/mobileweb/onesearch?refer=1ONXIC
>
> --
> fedora-selinux-list mailing list
> fedora-selinux-list at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-selinux-list
>

More information about the selinux mailing list