Gentoo Archives: gentoo-hardened

From: Peter Simons <simons@××××.to>
To: gentoo-hardened@g.o
Subject: [gentoo-hardened] /dev/log troubles in SELinux
Date: Wed, 04 Jun 2003 06:27:16
Message-Id: 873ciqe4se.fsf@peti.cryp.to
1 Hi,
2
3 I just installed the very latest SELinux version on a fresh machine
4 and it works like a charm. I can even boot the machine in enforcing
5 mode and it will come up correctly. The only problem I haven't solved
6 yet is to figure out how to make syslog-ng work.
7
8 I'm getting this error all the time:
9
10 avc: denied { write } for pid=144 exe=/sbin/devfsd path=/log dev=00:06
11 ino=423 scontext=system_u:system_r:devfsd_t
12 tcontext=system_u:object_r:device_t tclass=sock_file
13
14 My problem now is that the kernel will mount the /dev/log file in this
15 mode, no matter what I do. Alternatively, I thought about giving
16 devfsd access to 'device_t', but that doesn't sound right.
17
18 Does anyone have an idea how to fix this?
19
20 Peter
21
22
23 --
24 gentoo-hardened@g.o mailing list