Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-hardened

From: Chris PeBenito <pebenito@g.o>
To: Joshua Brindle <method@g.o>
Cc: nixnut <nixnut@×××××.nl>, gentoo-hardened@l.g.o
Subject: Re: [gentoo-hardened] selinux + pty problem
Date: Sat, 10 Apr 2004 14:39:40
Message-Id: 1081607780.30281.2.camel@gorn.pebenito.net
In Reply to: Re: [gentoo-hardened] selinux + pty problem by Joshua Brindle
1 Also make sure that the directory /dev/pts exists. It recently came to
2 my attention that the current set of stages don't have this directory,
3 causing devpts to not mount when booting.
4
5 On Sat, 2004-04-10 at 06:24, Joshua Brindle wrote:
6 > Per the instructions for selinux use devpts and a standard (non devfs) /dev
7 >
8 > see
9 > http://www.gentoo.org/proj/en/hardened/selinux/selinux-x86-install.xml#doc_chap15
10 > for the fstab entries required by selinux
11 >
12 > Joshua Brindle
13 >
14 > nixnut wrote:
15 >
16 > > G'day all,
17 > >
18 > > I'm having some problems with selinux and devfs. selinux does not support devfs but without devfs normal users
19 > > can't start xterms.
20 > >
21 > > I've tried a number of kernels (all 2.6.4-hardened-r3) with different configurations.
22 > > All kernels without devfs result in the pty problem:
23 > > xterm: Error 32, errno 2: No such file or directory
24 > > Reason: get_pty: not enough ptys
25 > >
26 > > selinux enabled kernels with devfs result in a large number of "avc: denied .." messages. If I understand correctly
27 > > the dynamically created devices can't be labelled properly.
28 > >
29 > > The solution for non-selinux systems is obviously enabling devfs (as mentioned in a number of threads on
30 > > forums.gentoo), but for selinux creates the other problem.
31 > > Any ideas on how to have both selinux and the usual use of pty's?
32 > >
33 > > regards,
34 > > nixnut
35 > >
36 > > www.lycosmail.nl - Gratis 15 MB mailbox - Nu ook hotmail via Lycos Mail!
37 > >
38 > >
39 > >
40 > >
41 > >
42 > > ------------------------------------------------------------------------
43 > >
44 > > --
45 > > gentoo-hardened@g.o mailing list
46 >
47 >
48 > --
49 > gentoo-hardened@g.o mailing list
50 --
51 Chris PeBenito
52 <pebenito@g.o>
53 Developer,
54 Hardened Gentoo Linux
55 Embedded Gentoo Linux
56
57 Public Key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xE6AF9243
58 Key fingerprint = B0E6 877A 883F A57A 8E6A CB00 BC8E E42D E6AF 9243

Attachments

File name MIME type
signature.asc application/pgp-signature
Report Message
Find on MARC Find on Google Groups