Denial showing up even when allow rule appied
Daniel J Walsh
dwalsh at redhat.com
Wed May 22 17:04:28 UTC 2013
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 05/21/2013 02:04 PM, Anamitra Dutta Majumdar (anmajumd) wrote:
> Hi Dan,
>
> We added the domain_obj_id_change_exemption(pwrecoveryd_t) to our src
> module but no luck.
>
> And also our app does not do a setfscreatecon() call however from the
> syslogs we found Calls to setfscreate() by our app.
>
> Is there a way to look at the constraints on a RHEL5 box using seinfo.
>
> As indicated earlier in the email thread , the seinfo command on RHEL5 does
> not have the "--constrain" option.
>
>
> Thanks, Anamitra
>
Could you attach your current AVC messages? Are you using kerberos libraries?
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iEYEARECAAYFAlGc+pwACgkQrlYvE4MpobN/6QCgtqqBj0lc0PJQqp7gIGUNwB+N
ptkAoKu36vK2vcqUgymCVyNbQ9Va5hYh
=+6sy
-----END PGP SIGNATURE-----
More information about the selinux
mailing list