selinux January 2011 archive
Main Archive Page > Month Archives  > selinux archives
selinux: Re: [refpolicy] WARNING: at kernel/printk.c:430 do_sysl

Re: [refpolicy] WARNING: at kernel/printk.c:430 do_syslog+0x40d/0x441()

From: Christopher J. PeBenito <cpebenito_at_nospam>
Date: Wed Jan 19 2011 - 19:23:34 GMT
To: "Justin P. Mattock" <>

On 01/19/11 13:06, Justin P. Mattock wrote:
> this is showing up with the latest kernel in enforcing mode..
> (I have not update the policy and/or selinux userspace)
> [ 12.803882] type=1400 audit(1295457694.801:3): avc: denied { syslog
> } for pid=1540 comm="rsyslogd" capability=34
> scontext=system_u:system_r:init_t:s0
> tcontext=system_u:system_r:init_t:s0 tclass=capability2
> when using audit2allow I get:
> allow init_t self:capability2 syslog;
> which gives an error when trying to install the module, due to the
> policy not knowing what capability2 is
> system is ubuntu maverick, if this is already in(refpolicy) then I'll
> pull the latest when I get a chance..

Support for this capability is upstream in refpolicy.

-- Chris PeBenito Tresys Technology, LLC | -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to with the words "unsubscribe selinux" without quotes as the message.