Re: [refpolicy] WARNING: at kernel/printk.c:430 do_syslog+0x40d/0x441()

On 01/19/11 13:06, Justin P. Mattock wrote:
> this is showing up with the latest kernel in enforcing mode..
> (I have not update the policy and/or selinux userspace)
>
> [ 12.803882] type=1400 audit(1295457694.801:3): avc: denied { syslog
> } for pid=1540 comm="rsyslogd" capability=34
> scontext=system_u:system_r:init_t:s0
> tcontext=system_u:system_r:init_t:s0 tclass=capability2
[cut]
> when using audit2allow I get:
>
> allow init_t self:capability2 syslog;
>
> which gives an error when trying to install the module, due to the
> policy not knowing what capability2 is
>
> system is ubuntu maverick, if this is already in(refpolicy) then I'll
> pull the latest when I get a chance..

Support for this capability is upstream in refpolicy.

-- Chris PeBenito Tresys Technology, LLC www.tresys.com | oss.tresys.com -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with the words "unsubscribe selinux" without quotes as the message.

• This message: [ Message body ]
• Next message: Stephen Smalley: "Re: SELinux role separation"
• Previous message: Justin P. Mattock: "WARNING: at kernel/printk.c:430 do_syslog+0x40d/0x441()"
• In reply to: Justin P. Mattock: "WARNING: at kernel/printk.c:430 do_syslog+0x40d/0x441()"
• Next in thread: Justin P. Mattock: "Re: [refpolicy] WARNING: at kernel/printk.c:430 do_syslog+0x40d/0x441()"
• Reply: Justin P. Mattock: "Re: [refpolicy] WARNING: at kernel/printk.c:430 do_syslog+0x40d/0x441()"

• Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ]