Please help me in resolving this issue
Srinivasa Rao Ragolu
sragolu at mvista.com
Tue Aug 25 11:58:26 UTC 2015
Hi Daniel,
I have cleaned up and using more stable branch of meta-selinux now.
Surprisingly in enforcing mode, if I try to login as root, its omitting
with not messages.
Then I logged as root user and permissive mode. Please find results of
above commands on my platform.
1060 avahi 3172 S avahi-daemon: running [arm-cortex-a15.local]
1061 avahi 3172 S avahi-daemon: chroot helper
1072 distcc 3124 S N /usr/bin/distccd --pid-file=/var/run/distcc.pid
--da
1076 root 3544 S /bin/login --
1078 root 0 SW [kauditd]
1080 root 3020 S -sh
1081 root 2504 R {ps} /bin/busybox /bin/ps
root at arm-cortex-a15:~# sesearch -T -t login_exec_t
Found 3 semantic te rules:
type_transition rlogind_t login_exec_t : process remote_login_t;
type_transition telnetd_t login_exec_t : process remote_login_t;
type_transition getty_t login_exec_t : process local_login_t;
root at arm-cortex-a15:~# sesearch -T -t getty_exec_t
Found 2 semantic te rules:
type_transition init_t getty_exec_t : process getty_t;
type_transition initrc_t getty_exec_t : process getty_t;
le_contextsrtex-a15:~# grep getty_exec_t
/etc/selinux/targeted/contexts/files/fi
/sbin/.*getty -- system_u:object_r:getty_exec_t:s0
root at arm-cortex-a15:~#
It looks as same as Fedora. But could not able to login as root user in
enforcing mode. Any other aspect causing this issue?
Thanks,
Srinivas.
On Tue, Aug 25, 2015 at 3:36 PM, Daniel J Walsh <dwalsh at redhat.com> wrote:
> Looking at Fedora policy I see
>
> sesearch -T -t login_exec_t
> Found 4 semantic te rules:
> type_transition rlogind_t login_exec_t : process remote_login_t;
> type_transition telnetd_t login_exec_t : process remote_login_t;
> type_transition getty_t login_exec_t : process local_login_t;
> type_transition kmscon_t login_exec_t : process local_login_t;
>
> Which means only getty_t and kmscon_t transition to local_login_t
>
> Then looking at getty_exec_t I see.
>
> sesearch -T -t getty_exec_t
> Found 8 semantic te rules:
> type_transition kdumpctl_t getty_exec_t : process getty_t;
> type_transition piranha_pulse_t getty_exec_t : process getty_t;
> type_transition initrc_t getty_exec_t : process getty_t;
> type_transition condor_startd_t getty_exec_t : process getty_t;
> type_transition glusterd_t getty_exec_t : process getty_t;
> type_transition openshift_initrc_t getty_exec_t : process getty_t;
> type_transition init_t getty_exec_t : process getty_t;
> type_transition cluster_t getty_exec_t : process getty_t;
>
>
> Which shows init_t transitioning to getty_t via getty_exec_t
>
> # grep getty_exec_t /etc/selinux/targeted/contexts/files/file_contexts
> /sbin/.*getty -- system_u:object_r:getty_exec_t:s0
> /usr/sbin/.*getty -- system_u:object_r:getty_exec_t:s0
>
> So on fedora the init system executes /usr/sbin/.*getty which should
> transition to getty_t.
>
> We are obviously not seeing this on your platform.
>
>
> On 08/24/2015 08:09 AM, Srinivasa Rao Ragolu wrote:
>
> Hi Daniel,
>
> See the contexts of init scripts
>
> *******************************************
> root at arm-cortex-a15:~# ls -Z /etc/rc5.d/
> system_u:object_r:etc_t:s0 S02dbus-1
> system_u:object_r:etc_t:s0 S02sssd
> system_u:object_r:etc_t:s0 S20distcc
> system_u:object_r:etc_t:s0 S20hwclock.sh
> system_u:object_r:etc_t:s0 S20nslcd
> system_u:object_r:etc_t:s0 S20syslog
> system_u:object_r:etc_t:s0 S21avahi-daemon
> system_u:object_r:etc_t:s0 S99rmnologin.sh
> system_u:object_r:etc_t:s0 S99stop-bootlogd
> root at arm-cortex-a15:~# ls -Z /etc/init.d
> system_u:object_r:initrc_exec_t:s0 0selinux-init
> system_u:object_r:initrc_exec_t:s0 alignment.sh
> system_u:object_r:avahi_initrc_exec_t:s0 avahi-daemon
> system_u:object_r:initrc_exec_t:s0 banner.sh
> system_u:object_r:initrc_exec_t:s0 bootlogd
> system_u:object_r:initrc_exec_t:s0 bootmisc.sh
> system_u:object_r:initrc_exec_t:s0 checkroot.sh
> system_u:object_r:initrc_exec_t:s0 dbus-1
> system_u:object_r:initrc_exec_t:s0 devpts.sh
> system_u:object_r:initrc_exec_t:s0 distcc
> system_u:object_r:etc_t:s0 functions
> system_u:object_r:initrc_exec_t:s0 functions.initscripts
> system_u:object_r:initrc_exec_t:s0 functions.lsbinitscripts
> system_u:object_r:initrc_exec_t:s0 halt
> system_u:object_r:initrc_exec_t:s0 hostname.sh
> system_u:object_r:initrc_exec_t:s0 hwclock.sh
> ************************************************************************
>
> /etc/inittab file l0:0:wait:/etc/init.d/rc 0
> *******************************************
> # /etc/inittab: init(8) configuration.
> # $Id: inittab,v 1.91 2002/01/25 13:35:21 miquels Exp $
>
> # The default runlevel.
> id:5:initdefault:
>
> # Boot-time system configuration/initialization script.
> # This is run first except when booting in emergency (-b) mode.
> si::sysinit:/etc/init.d/rcS
>
> # What to do in single-user mode.
> ~~:S:wait:/sbin/sulogin
>
> # /etc/init.d executes the S and K scripts upon change
> # of runlevel.
> #
> # Runlevel 0 is halt.
> # Runlevel 1 is single-user.
> # Runlevels 2-5 are multi-user.
> # Runlevel 6 is reboot.
> l1:1:wait:/etc/init.d/rc 1
> l2:2:wait:/etc/init.d/rc 2
> l3:3:wait:/etc/init.d/rc 3
> l4:4:wait:/etc/init.d/rc 4
> l5:5:wait:/etc/init.d/rc 5
> l6:6:wait:/etc/init.d/rc 6
> # Normally not reached, but fallthrough in case of emergency.
> z6:6:respawn:/sbin/sulogin
> con:2345:respawn:/sbin/getty console
> ********************************************
>
>
> I am not pretty sure which version of policy it is using, but from built
> recipes. But referred yocto link and provided you version.
>
> How this issue of labelling can be resolved?
>
> Thanks,
> Srinivas.
>
> On Mon, Aug 24, 2015 at 4:34 PM, Daniel J Walsh <dwalsh at redhat.com> wrote:
>
>> Ok so this is using your own policy. Using system v init usually meant
>> you went from init_t @ initrc_exec_t -> initrc_t @ mydomain_exec_t ->
>> mydomain_t
>>
>> You usually did not transition from the init system directly to the final
>> domain.
>>
>> Are your init script labeled initrc_exec_t?
>>
>>
>>
>> On 08/24/2015 05:15 AM, Srinivasa Rao Ragolu wrote:
>>
>> Hi Daniel,
>>
>> Sure. Sorry for late repoly. I am sharing details now.
>>
>> As I am using embedded platform, so referring yocto bitbake recipes for
>> building selinux layer. (ie:
>> http://git.yoctoproject.org/cgit/cgit.cgi/meta-selinux/tree/recipes-security/selinux
>> )
>>
>> Policy is targeted/enforcing. version is 2.3.
>>
>> *root at arm-cortex-a15:~# rpm -qa | grep selinux*
>> *packagegroup-selinux-policycoreutils-lic-1.0-r0.cortexa15hf_vfp*
>> *packagegroup-core-selinux-lic-1.0-r0.cortexa15hf_vfp*
>> *selinux-config-lic-0.1-r4.arm_cortex_a15*
>> *libselinux-lic-2.3-r0.cortexa15hf_vfp*
>> *selinux-config-0.1-r4.arm_cortex_a15*
>> *libselinux-2.3-r0.cortexa15hf_vfp*
>> *libselinux-bin-2.3-r0.cortexa15hf_vfp*
>> *libselinux-python-2.3-r0.cortexa15hf_vfp*
>> *pam-plugin-selinux-1.1.6-r2.4.2.cortexa15hf_vfp*
>> *system-config-selinux-2.3-r0.cortexa15hf_vfp*
>> *packagegroup-selinux-policycoreutils-1.0-r0.cortexa15hf_vfp*
>> *packagegroup-core-selinux-1.0-r0.cortexa15hf_vfp*
>>
>>
>> I am using sysvinit. every daemon is running on its own context. Please
>> see attached rootfs log.
>>
>>
>> Thanks and Regards,
>> Srinivas.
>>
>> On Fri, Aug 21, 2015 at 12:49 AM, Daniel J Walsh < <dwalsh at redhat.com>
>> dwalsh at redhat.com> wrote:
>>
>>>
>>>
>>> On 08/19/2015 11:51 PM, Srinivasa Rao Ragolu wrote:
>>>
>>> Hi All,
>>>
>>> Please find the security contexts of necessary files
>>>
>>> root at arm-cortex-a15:~# sestatus -v
>>> SELinux status: enabled
>>> SELinuxfs mount: /sys/fs/selinux
>>> SELinux root directory: /etc/selinux
>>> Loaded policy name: targeted
>>> Current mode: permissive
>>> Mode from config file: permissive
>>> Policy MLS status: enabled
>>> Policy deny_unknown status: allowed
>>> Max kernel policy version: 28
>>>
>>> Process contexts:
>>> Current context: unconfined_u:unconfined_r:unconfined_t:s0
>>> Init context: system_u:system_r:init_t:s0
>>>
>>> File contexts:
>>> Controlling terminal:
>>> unconfined_u:object_r:user_tty_device_t:s0
>>> /etc/passwd system_u:object_r:etc_t:s0
>>> /etc/shadow system_u:object_r:shadow_t:s0
>>> /bin/bash system_u:object_r:shell_exec_t:s0
>>> /bin/login system_u:object_r:bin_t:s0 ->
>>> system_u:object_r:login_exec_t:s0
>>> /bin/sh system_u:object_r:bin_t:s0 ->
>>> system_u:object_r:shell_exec_t:s0
>>> /sbin/init system_u:object_r:bin_t:s0 ->
>>> system_u:object_r:init_exec_t:s0
>>> /lib/libc.so.6 system_u:object_r:lib_t:s0 ->
>>> system_u:object_r:lib_t:s0
>>>
>>> Do I need to change any of the file contexts to avoid the issue of login
>>> failure?
>>>
>>> The problem is the login program is not transitioning from init_t to
>>> local_login_t.
>>>
>>> You never answered the question about what version of selinux-policy
>>>
>>> rpm -q selinux-policy
>>>
>>> Is this system using systemd?
>>>
>>> Are other programs running in different context beside kernel_t and
>>> init_t?
>>>
>>> Thanks,
>>> Srinivas.
>>>
>>> On Wed, Aug 19, 2015 at 6:05 PM, Srinivasa Rao Ragolu <
>>> <sragolu at mvista.com>sragolu at mvista.com> wrote:
>>>
>>>> As I could not able to login, changed /etc/selinux/config from
>>>> enforcing to permissive. Executed above commands.
>>>>
>>>> On Wed, Aug 19, 2015 at 6:04 PM, Srinivasa Rao Ragolu <
>>>> <sragolu at mvista.com>sragolu at mvista.com> wrote:
>>>>
>>>>> Hi Daniel,
>>>>>
>>>>> Please see the output of security contexts. Also no usr is mounted.
>>>>>
>>>>> root at arm-cortex-a15:~# ls -lZ /bin/login*
>>>>> lrwxrwxrwx. 1 root root system_u:object_r:bin_t:s0 17 Aug 18
>>>>> 15:06 /bin/login -> /bin/login.shadow
>>>>> -rwxr-xr-x. 1 root root system_u:object_r:login_exec_t:s0 31756 Aug 12
>>>>> 07:18 /bin/login.shadow
>>>>> root at arm-cortex-a15:~# mount
>>>>> /dev/root on / type ext2 (rw,relatime,seclabel)
>>>>> sysfs on /sys type sysfs (rw,relatime,seclabel)
>>>>> selinuxfs on /sys/fs/selinux type selinuxfs (rw,relatime)
>>>>> proc on /proc type proc (rw,relatime)
>>>>> none on /dev type devtmpfs
>>>>> (rw,relatime,seclabel,size=514956k,nr_inodes=128739,mode=755)
>>>>> devpts on /dev/pts type devpts
>>>>> (rw,relatime,seclabel,gid=5,mode=620,ptmxmode=000)
>>>>> tmpfs on /var/volatile type tmpfs (rw,relatime,seclabel)
>>>>> tmpfs on /media/ram type tmpfs (rw,relatime,seclabel)
>>>>>
>>>>>
>>>>> please guide if you find an clue from above output
>>>>>
>>>>> Thanks,
>>>>> Srinivas.
>>>>>
>>>>>
>>>>> On Wed, Aug 19, 2015 at 12:38 AM, Daniel J Walsh < <dwalsh at redhat.com>
>>>>> dwalsh at redhat.com> wrote:
>>>>>
>>>>>> ls -lZ /usr/bin/login*
>>>>>>
>>>>>> By any chance is the /usr directory mounted NOSUID?
>>>>>>
>>>>>>
>>>>>> On 08/18/2015 07:58 AM, Srinivasa Rao Ragolu wrote:
>>>>>>
>>>>>> Hi,
>>>>>>
>>>>>> I am building for embedded platform. Could not able to get exact
>>>>>> version. But can provide info about recipe in yocto.
>>>>>>
>>>>>>
>>>>>> <http://git.yoctoproject.org/cgit/cgit.cgi/meta-selinux/tree/recipes-security/refpolicy/>
>>>>>> http://git.yoctoproject.org/cgit/cgit.cgi/meta-selinux/tree/recipes-security/refpolicy/
>>>>>>
>>>>>> <http://git.yoctoproject.org/cgit/cgit.cgi/meta-selinux/tree/recipes-security/refpolicy/refpolicy-targeted_git.bb>
>>>>>> http://git.yoctoproject.org/cgit/cgit.cgi/meta-selinux/tree/recipes-security/refpolicy/refpolicy-targeted_git.bb
>>>>>>
>>>>>> Any pointers please?
>>>>>>
>>>>>> Thanks,
>>>>>> Srinivas.
>>>>>>
>>>>>> On Tue, Aug 18, 2015 at 8:17 PM, Miroslav Grepl < <mgrepl at redhat.com>
>>>>>> mgrepl at redhat.com> wrote:
>>>>>>
>>>>>>> On 08/18/2015 04:37 PM, Srinivasa Rao Ragolu wrote:
>>>>>>> > Hi Daniel,
>>>>>>> >
>>>>>>> > I have checked the file_contexts file
>>>>>>> >
>>>>>>> > * #grep :login_exec_t contexts/files/file_contexts*
>>>>>>> > /bin/login--system_u:object_r:login_exec_t:s0
>>>>>>> > /bin/login\.shadow--system_u:object_r:login_exec_t:s0
>>>>>>> > /bin/login\.tinylogin--system_u:object_r:login_exec_t:s0
>>>>>>> > /usr/kerberos/sbin/login\.krb5--system_u:object_r:login_exec_t:s0
>>>>>>> >
>>>>>>> > Now If I run with permissive mode. I Could see below login
>>>>>>> programs are
>>>>>>> > running
>>>>>>> > (Here I gave unconfined_r as role and s0 as range)
>>>>>>> >
>>>>>>> > * 1109 root 3540 S /bin/login --*
>>>>>>> > * 1111 root 0 SW [kauditd]*
>>>>>>> > * 1113 root 3020 S -sh*
>>>>>>> > *
>>>>>>> > *
>>>>>>> > But when I run with enforcing mode I get same error
>>>>>>> >
>>>>>>> > /*arm-cortex-a15 login: root*/
>>>>>>> > /*Last login: Tue Aug 18 11:36:58 UTC 2015 on console*/
>>>>>>> > /*Would you like to enter a security context? [N] Y*/
>>>>>>> > /*role: unconfined_r*/
>>>>>>> > /*level: s0*/
>>>>>>> > /*[ 1252.885468] type=1400 audit(1439898856.140:13): avc: denied
>>>>>>> {
>>>>>>> > transition } for pid=1120 comm="login" path="/bin/bash"
>>>>>>> dev="mmcblk0"
>>>>>>> > ino=58115 scontext=system_u:system_r:init_t:s0
>>>>>>> > tcontext=unconfined_u:unconfined_r:unconfined_t:s0 tclass=process*/
>>>>>>> > /*[ 1252.887219] type=1400 audit(1439898856.140:14): avc: denied
>>>>>>> {
>>>>>>> > transition } for pid=1120 comm="login" path="/bin/bash"
>>>>>>> dev="mmcblk0"
>>>>>>> > ino=58115 scontext=system_u:system_r:init_t:s0
>>>>>>> > tcontext=unconfined_u:unconfined_r:unconfined_t:s0 tclass=process*/
>>>>>>> > /*Cannot execute /bin/sh: Permission denied*/
>>>>>>> > /*
>>>>>>> > */
>>>>>>> > /*MontaVista Carrier Grade Linux 7.0.0 arm-cortex-a15
>>>>>>> /dev/console*/
>>>>>>> > /*
>>>>>>> > */
>>>>>>> > /*arm-cortex-a15 login:*/
>>>>>>> > /*
>>>>>>> > */
>>>>>>> > /*
>>>>>>> > */
>>>>>>> > /Please guide me what is going wrong and how to resolve this
>>>>>>> issue./
>>>>>>> > /
>>>>>>> > /
>>>>>>> > /Thanks,/
>>>>>>> > /Srinivas./
>>>>>>> >
>>>>>>> > On Tue, Aug 18, 2015 at 6:52 PM, Daniel J Walsh <
>>>>>>> <dwalsh at redhat.com>dwalsh at redhat.com
>>>>>>> > <mailto: <dwalsh at redhat.com>dwalsh at redhat.com>> wrote:
>>>>>>> >
>>>>>>> > What is the path to the login program? What is it labeled?
>>>>>>> The
>>>>>>> > problem is login is running with the wrong context.
>>>>>>> >
>>>>>>> > It should be labeled login_exec_t
>>>>>>> >
>>>>>>> > grep :login_exec_t
>>>>>>> /etc/selinux/targeted/contexts/files/file_contexts
>>>>>>> > /bin/login -- system_u:object_r:login_exec_t:s0
>>>>>>> > /usr/bin/login -- system_u:object_r:login_exec_t:s0
>>>>>>> > /usr/kerberos/sbin/login\.krb5 --
>>>>>>> > system_u:object_r:login_exec_t:s0
>>>>>>> >
>>>>>>> >
>>>>>>> > init_t is supposed to transition to local_login_t when
>>>>>>> executing the
>>>>>>> > login program.
>>>>>>> >
>>>>>>> >
>>>>>>> > On 08/18/2015 06:17 AM, Srinivasa Rao Ragolu wrote:
>>>>>>> >> Hi Daniel,
>>>>>>> >>
>>>>>>> >> Thanks for quick reply. Please find first time boot log with
>>>>>>> >> lableling and reboot.
>>>>>>> >>
>>>>>>> >> Also find second time boot log when I created /.autorelablel.
>>>>>>> >>
>>>>>>> >> Somehow I could not able to login as root.
>>>>>>> >>
>>>>>>> >> Your help is really appriciated.
>>>>>>> >>
>>>>>>> >> Thanks,
>>>>>>> >> Srinivas.
>>>>>>> >>
>>>>>>> >> On Tue, Aug 18, 2015 at 6:16 PM, Daniel J Walsh <
>>>>>>> <dwalsh at redhat.com>dwalsh at redhat.com
>>>>>>> >> <mailto: <dwalsh at redhat.com>dwalsh at redhat.com>> wrote:
>>>>>>> >>
>>>>>>> >> Looks like you have a labeling issue.
>>>>>>> >>
>>>>>>> >> touch /.autorelabel; reboot
>>>>>>> >>
>>>>>>> >> Should fix the issues.
>>>>>>> >>
>>>>>>> >>
>>>>>>> >>
>>>>>>> >> On 08/18/2015 04:53 AM, Srinivasa Rao Ragolu wrote:
>>>>>>> >>> Hi All,
>>>>>>> >>>
>>>>>>> >>> I have very new to selinux. Today I have ported selinux
>>>>>>> to my
>>>>>>> >>> embedded platform with targeted policy+enforcing.
>>>>>>> >>>
>>>>>>> >>> When I try to boot, it completes labeling filesystem.
>>>>>>> But I
>>>>>>> >>> could not able to login using root.. See my error log...
>>>>>>> >>>
>>>>>>> >>> /*arm-cortex-a15 login: root*/
>>>>>>> >>> /*Last login: Tue Aug 18 11:36:58 UTC 2015 on console*/
>>>>>>> >>> /*Would you like to enter a security context? [N] Y*/
>>>>>>> >>> /*role: unconfined_r*/
>>>>>>> >>> /*level: s0*/
>>>>>>> >>> /*[ 1252.885468] type=1400 audit(1439898856.140:13): avc:
>>>>>>> >>> denied { transition } for pid=1120 comm="login"
>>>>>>> >>> path="/bin/bash" dev="mmcblk0" ino=58115
>>>>>>> >>> scontext=system_u:system_r:init_t:s0
>>>>>>> >>> tcontext=unconfined_u:unconfined_r:unconfined_t:s0
>>>>>>> >>> tclass=process*/
>>>>>>> >>> /*[ 1252.887219] type=1400 audit(1439898856.140:14): avc:
>>>>>>> >>> denied { transition } for pid=1120 comm="login"
>>>>>>> >>> path="/bin/bash" dev="mmcblk0" ino=58115
>>>>>>> >>> scontext=system_u:system_r:init_t:s0
>>>>>>> >>> tcontext=unconfined_u:unconfined_r:unconfined_t:s0
>>>>>>> >>> tclass=process*/
>>>>>>> >>> /*Cannot execute /bin/sh: Permission denied*/
>>>>>>> >>> /*
>>>>>>> >>> */
>>>>>>> >>> /*MontaVista Carrier Grade Linux 7.0.0 arm-cortex-a15
>>>>>>> >>> /dev/console*/
>>>>>>> >>> /*
>>>>>>> >>> */
>>>>>>> >>> /*arm-cortex-a15 login:*/
>>>>>>> >>> /*
>>>>>>> >>> */
>>>>>>> >>> Please help me.. How can I solve this issue and achieve
>>>>>>> >>> normal boot.
>>>>>>> >>>
>>>>>>> >>>
>>>>>>> >>> Thanks,
>>>>>>> >>> Srinivas.
>>>>>>> >>>
>>>>>>> >>>
>>>>>>> >>> --
>>>>>>> >>> selinux mailing list
>>>>>>> >>> <selinux at lists.fedoraproject.org>
>>>>>>> selinux at lists.fedoraproject.org
>>>>>>> >>> <mailto: <selinux at lists.fedoraproject.org>
>>>>>>> selinux at lists.fedoraproject.org>
>>>>>>> >>>
>>>>>>> <https://admin.fedoraproject.org/mailman/listinfo/selinux>
>>>>>>> https://admin.fedoraproject.org/mailman/listinfo/selinux
>>>>>>> >>
>>>>>>> >>
>>>>>>> >>
>>>>>>> >>
>>>>>>> >> --
>>>>>>> >> selinux mailing list
>>>>>>> >> <selinux at lists.fedoraproject.org>
>>>>>>> selinux at lists.fedoraproject.org
>>>>>>> >> <mailto: <selinux at lists.fedoraproject.org>
>>>>>>> selinux at lists.fedoraproject.org>
>>>>>>> >> <https://admin.fedoraproject.org/mailman/listinfo/selinux>
>>>>>>> https://admin.fedoraproject.org/mailman/listinfo/selinux
>>>>>>> >
>>>>>>> >
>>>>>>> >
>>>>>>> >
>>>>>>> > --
>>>>>>> > selinux mailing list
>>>>>>> > <selinux at lists.fedoraproject.org>selinux at lists.fedoraproject.org
>>>>>>> > <https://admin.fedoraproject.org/mailman/listinfo/selinux>
>>>>>>> https://admin.fedoraproject.org/mailman/listinfo/selinux
>>>>>>> >
>>>>>>>
>>>>>>> What does
>>>>>>>
>>>>>>> $ rpm -q selinux-policy-targeted
>>>>>>>
>>>>>>> ?
>>>>>>>
>>>>>>> Also could you try to reinstall the selinux-policy-targeted to see
>>>>>>> if it
>>>>>>> blows up?
>>>>>>>
>>>>>>> --
>>>>>>> Miroslav Grepl
>>>>>>> Senior Software Engineer, SELinux Solutions
>>>>>>> Red Hat, Inc.
>>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> --
>>>>>> selinux mailing listselinux at lists.fedoraproject.orghttps://admin.fedoraproject.org/mailman/listinfo/selinux
>>>>>>
>>>>>>
>>>>>>
>>>>>
>>>>
>>>
>>>
>>> --
>>> selinux mailing listselinux at lists.fedoraproject.orghttps://admin.fedoraproject.org/mailman/listinfo/selinux
>>>
>>>
>>>
>>
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fedoraproject.org/pipermail/selinux/attachments/20150825/8d709c69/attachment-0001.html>
More information about the selinux
mailing list