| 1 |
> Unfortunately, booting stops with the following (plus others) |
| 2 |
> Apr 24 00:34:05 laptop audit(1177374818.420:3): avc: denied { read |
| 3 |
> write } for pid=1 comm="init" name="console" dev=hda7 ino=17092 |
| 4 |
> scontext=system_u:system_r:init_t tcontext=system_u:object_r:file_t |
| 5 |
> tclass=chr_file |
| 6 |
> Apr 24 00:34:05 laptop audit(1177374818.420:4): avc: denied { ioctl } |
| 7 |
> for pid=1 comm="init" name="tty0" dev=hda7 ino=20828 |
| 8 |
> scontext=system_u:system_r:init_t tcontext=system_u:object_r:file_t |
| 9 |
> tclass=chr_file |
| 10 |
Once had the same issue. The problem is that the root-filesystem carries a |
| 11 |
directory "/dev" which udev is mounted on sometime later in the booting |
| 12 |
process. Device-files in this static /dev are not catched by any labeling |
| 13 |
as they are kind of hidden once udev kicks in. My solution was to mount the |
| 14 |
root-filesystem again under /mnt and label these files by hand using chcon. |
| 15 |
|
| 16 |
Greetings |
| 17 |
Joern |
| 18 |
-- |
| 19 |
gentoo-hardened@g.o mailing list |
Archives