Need some help with a new policy module
Fred Wittekind
rom at twister.dyndns.org
Wed Sep 10 23:47:22 UTC 2008
I'm trying to write a new policy for PvPGN.
When I try to start the service via the init script I get:
Starting PvPGN game server: /usr/sbin/bnetd: error while loading shared
libraries: libm.so.6: cannot open shared object file: Permission denied
[FAILED]
And:
host=twister.dragon type=AVC msg=audit(1221090145.148:30403): avc:
denied { search } for pid=3526 comm="bnetd" name="usr" dev=dm-0
ino=3284993 scontext=unconfined_u:system_r:pvpgn_t:s0
tcontext=system_u:object_r:usr_t:s0 tclass=dir
host=twister.dragon type=SYSCALL msg=audit(1221090145.148:30403):
arch=40000003 syscall=195 success=no exit=-13 a0=bfaad190 a1=bfaad1f0
a2=ca3fc0 a3=8 items=0 ppid=3525 pid=3526 auid=500 uid=0 gid=0 euid=0
suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts0 ses=151 comm="bnetd"
exe="/usr/sbin/bnetd" subj=unconfined_u:system_r:pvpgn_t:s0 key=(null)
Policy RPM selinux-policy-3.3.1-84.fc9
If I run the service from the command line without the init script, it
works. I'm sure I'm missing something stuipid, just can't figure out
what it is. Can't figure out why it works without the initscript, and
throws selinux errors when run from the init script.
Thanks in advance for any help.
Fred Wittekind IV
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: pvpgn.fc
Url: http://lists.fedoraproject.org/pipermail/selinux/attachments/20080910/93a46b97/attachment.pl
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: pvpgn.te
Url: http://lists.fedoraproject.org/pipermail/selinux/attachments/20080910/93a46b97/attachment-0001.pl
More information about the selinux
mailing list