libgpod HAL callout and SELinux denials
Todd Zullinger
tmz at pobox.com
Thu Jan 29 18:17:01 UTC 2009
Hi Miroslav,
Miroslav Grepl wrote:
> I will fix the issue with execstack in the next release of selinux policy.
>
> F9: selinux-policy-3.3.1-119.fc9
> F10: selinux-policy-3.5.13-40.fc10
Sorry for the slow reply. I did test this on F-10 and I still get an
AVC whenever an iPod is connected:
time->Thu Jan 29 13:09:58 2009
type=SYSCALL msg=audit(1233252598.707:637): arch=40000003 syscall=125 success=no exit=-13 a0=bfe31000 a1=1000 a2=1000007 a3=fffff000 items=0 ppid=30975 pid=30978 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="mono" exe="/usr/bin/mono" subj=system_u:system_r:podsleuth_t:s0 key=(null)
type=AVC msg=audit(1233252598.707:637): avc: denied { execstack } for pid=30978 comm="mono" scontext=system_u:system_r:podsleuth_t:s0 tcontext=system_u:system_r:podsleuth_t:s0 tclass=process
(I missed the window while this was in testing to add this info to
Bodhi.)
$ rpm -q selinux-policy
selinux-policy-3.5.13-40.fc10.noarch
--
Todd OpenPGP -> KeyID: 0xBEAF0CE3 | URL: www.pobox.com/~tmz/pgp
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Going to trial with a lawyer who considers your whole life-style a
Crime in Progress is not a happy prospect.
-- Hunter S. Thompson
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 542 bytes
Desc: not available
Url : http://lists.fedoraproject.org/pipermail/selinux/attachments/20090129/d9dd68db/attachment.bin
More information about the selinux
mailing list