selinux January 2011 archive
Main Archive Page > Month Archives  > selinux archives
selinux: Re: [refpolicy] WARNING: at kernel/printk.c:430 do_sysl

Re: [refpolicy] WARNING: at kernel/printk.c:430 do_syslog+0x40d/0x441()

From: Christopher J. PeBenito <cpebenito_at_nospam>
Date: Wed Jan 19 2011 - 19:23:34 GMT
To: "Justin P. Mattock" <justinmattock@gmail.com>

On 01/19/11 13:06, Justin P. Mattock wrote:
> this is showing up with the latest kernel in enforcing mode..
> (I have not update the policy and/or selinux userspace)
>
> [ 12.803882] type=1400 audit(1295457694.801:3): avc: denied { syslog
> } for pid=1540 comm="rsyslogd" capability=34
> scontext=system_u:system_r:init_t:s0
> tcontext=system_u:system_r:init_t:s0 tclass=capability2
[cut]
> when using audit2allow I get:
>
> allow init_t self:capability2 syslog;
>
> which gives an error when trying to install the module, due to the
> policy not knowing what capability2 is
>
> system is ubuntu maverick, if this is already in(refpolicy) then I'll
> pull the latest when I get a chance..

Support for this capability is upstream in refpolicy.

-- Chris PeBenito Tresys Technology, LLC www.tresys.com | oss.tresys.com -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with the words "unsubscribe selinux" without quotes as the message.