SELinux: security_context_to_sid error
Anamitra Dutta Majumdar (anmajumd)
anmajumd at cisco.com
Tue Aug 14 17:29:02 UTC 2012
Hi Dan,
We are compiling our policies on the new OS and then installing it. All
the policies install fine.
When the box comes up after firstboot following the install that is when
we see this error in the
D message buffer.
Here are our current entries in the /etc/fstab file
#
UUID=0325a3b6-4c4d-468d-8d41-218a625104af / ext4
defaults,noatime 1 1
UUID=9da9fcd3-127a-4cfd-8354-bda6b7b12b39 /common ext4
defaults 1 2
UUID=43b41e10-8147-4e6b-95fd-663b904a248a /grub ext4
defaults 1 2
UUID=a0e34fd5-d4a8-48e0-a1e8-c58b38880dd6 /partB ext4
defaults 1 0
UUID=41d14b91-c85d-4a69-8c35-df8213a0647c swap swap
defaults 0 0
tmpfs /dev/shm tmpfs defaults 0 0
devpts /dev/pts devpts gid=5,mode=620 0 0
sysfs /sys sysfs defaults 0 0
proc /proc proc defaults 0 0
none /var/log/ramfs/cm/trace/ccm/sdi dbcfs
noauto,uid=513,gid=506,mode=0770,size=128M,wproc=ccm,dest=/var/log/active/c
m/trace/ccm/sdi 0 0
none /var/log/ramfs/cm/trace/ccm/sdl dbcfs
noauto,uid=513,gid=506,mode=0770,size=128M,wproc=ccm,dest=/var/log/active/c
m/trace/ccm/sdl 0 0
none /var/log/ramfs/cm/trace/ccm/calllogs dbcfs
noauto,uid=513,gid=506,mode=0770,size=128M,wproc=ccm,dest=/var/log/active/c
m/trace/ccm/calllogs 0 0
none /var/log/ramfs/cm/trace/ccm/dntrace dbcfs
noauto,uid=513,gid=506,mode=0770,size=128M,wproc=ccm,dest=/var/log/active/c
m/trace/ccm/dntrace 0 0
none /var/log/ramfs/cm/trace/lbm/sdl dbcfs
noauto,uid=0,gid=506,mode=0770,size=128M,wproc=lbm,dest=/var/log/active/cm/
trace/lbm/sdl 0 0
none /var/log/ramfs/cm/trace/cti/sdi dbcfs
noauto,uid=513,gid=506,mode=0770,size=128M,wproc=CTIManager,dest=/var/log/a
ctive/cm/trace/cti/sdi 0 0
none /var/log/ramfs/cm/trace/cti/sdl dbcfs
noauto,uid=513,gid=506,mode=0770,size=128M,wproc=CTIManager,dest=/var/log/a
ctive/cm/trace/cti/sdl 0 0
~
Thanks,
Anamitra
On 8/14/12 6:44 AM, "Daniel J Walsh" <dwalsh at redhat.com> wrote:
>-----BEGIN PGP SIGNED MESSAGE-----
>Hash: SHA1
>
>On 08/13/2012 06:55 PM, Anamitra Dutta Majumdar (anmajumd) wrote:
>> Hi Dan,
>>
>> Thanks for your response.
>>
>> I do not see any denials though.
>>
>> What policies should I be checking for.
>>
>I am not sure what you are doing, but if you have a compiled policy on an
>Older OS, you should recompile it on the NEW Os. not just attempt to
>install a
>policy module.
>
>http://danwalsh.livejournal.com/49762.html
>-----BEGIN PGP SIGNATURE-----
>Version: GnuPG v1.4.12 (GNU/Linux)
>Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
>
>iEYEARECAAYFAlAqVlkACgkQrlYvE4MpobMUvgCgsiHuJ9wOaqVdfdR1R8lAQhRi
>u8wAoN6tL4tz9d34PRkTOaJpZWVLQGXs
>=SsuI
>-----END PGP SIGNATURE-----
More information about the selinux
mailing list