using audit2allow
Jim
binarynut at comcast.net
Sat Nov 6 00:52:46 UTC 2010
Fedora 14 /KDE
This is the real Raw Audit Message.
This location that has a bunch of FAQ's which one is for making
policies, http://docs.fedoraproject.org/selinux-faq-fc5/#id2961385
Where is there a very good instructions on creating policies.
# audit2allow -w -a node=(removed) type=AVC
msg=audit(1288923096.835:99): avc: denied { write } for pid=16148
comm="kdm" name="root" dev=sda1 ino=798
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023
tcontext=system_u:object_r:admin_home_t:s0 tclass=dir
bash: syntax error near unexpected token `('
This is the second Audit message of the same , SELinux is preventing
/usr/bin/kdm "write" access on /root
node=(removed) type=SYSCALL msg=audit(1288923096.835:99): arch=40000003
syscall=5 success=no exit=-13 a0=bfdb0c9b a1=c1 a2=180 a3=1 items=0
ppid=5003 pid=16148 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0
sgid=0 fsgid=0 tty=(none) ses=7 comm="kdm" exe="/usr/bin/kdm"
subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 key=(null)
More information about the users
mailing list