selinux is now denying its own manager
Gene Heskett
gene.heskett at verizon.net
Tue Aug 5 22:53:08 UTC 2008
On Tuesday 05 August 2008, Daniel J Walsh wrote:
>Gene Heskett wrote:
>> On Tuesday 05 August 2008, Daniel J Walsh wrote:
>>> Gene Heskett wrote:
>>>> On Monday 04 August 2008, Daniel J Walsh wrote:
>>>>> Gene Heskett wrote:
>>>>>> Greetings;
>>>>>>
>>>>>> I just did a yumex update which included the python and semanage
>>>>>> updates, and selinux positively threw a fit.
>>>>>>
>>>>>> setroubleshooter says I now have 47 brand new copies of this:
>>>>>>
>>>>>> host=coyote.coyote.den type=AVC msg=audit(1217637926.43:906): avc:
>>>>>> denied { sys_tty_config } for pid=2768 comm="semanage" capability=26
>>>>>> scontext=system_u:system_r:semanage_t:s0
>>>>>> tcontext=system_u:system_r:semanage_t:s0 tclass=capability
>>>>>>
>>>>>> host=coyote.coyote.den type=SYSCALL msg=audit(1217637926.43:906):
>>>>>> arch=40000003 syscall=54 success=yes exit=0 a0=1 a1=5401 a2=bfd9796c
>>>>>> a3=bfd97a8c items=0 ppid=2762 pid=2768 auid=0 uid=0 gid=0 euid=0
>>>>>> suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=1 comm="semanage"
>>>>>> exe="/usr/bin/python" subj=system_u:system_r:semanage_t:s0 key=(null)
>>>>>>
>>>>>> Fixable?
>>>>>>
>>>>>> Thanks.
>>>>>
>>>>> These should be fixed in latest Rawhide and Fedora 9 policy.
>>>>
>>>> I'm running F8 Daniel. This s/b backported to F8, that is where the
>>>> problem came from. I haven't changed my repos in ages.
>>>>
>>>> Thanks.
>>>
>>> Ok, such and old OS. :^)
>>>
>>> Dontaudited in selinux-policy-3.0.8-113.fc8
>>
>> Well, its supposedly still a supported version, till F10 is out plus 30
>> days. :-)
>>
>> I have 3.0.8-111.fc8, and nothing newer is being offered. I turned on
>> updates-testing but 113 isn't there either so I turned it back off.
>
>Request has been sent. It is in koji now and should be in testing soon.
Thanks Daniel.
--
Cheers, Gene
"There are four boxes to be used in defense of liberty:
soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
Why don't you fix your little problem... and light this candle?
-- Alan Shepherd, the first man into space, Gemini program
More information about the users
mailing list