Re: [Hampshire] Fedora 10 SELinux

Top Page
This message is part of the following thread:
M\the complete thread tree sorted by date
MMB STEVENS at <-
 

Reply to this message
Author: Stuart Sears
Date:  
To: Hampshire LUG Discussion List
Subject: Re: [Hampshire] Fedora 10 SELinux
John Cooper wrote:
> B STEVENS wrote:
>
>> node=linux.localdomain type=SYSCALL msg=audit(1228205558.218:12):
>> arch=40000003 syscall=10 success=yes exit=0 a0=9e53790 a1=29 a2=7d9ff4
>> a3=9e53790 items=0 ppid=1 pid=2222 auid=4294967295 uid=0 gid=0 euid=0
>> suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295
>> comm="NetworkManager" exe="/usr/sbin/NetworkManager"
>> subj=system_u:system_r:NetworkManager_t:s0 key=(null)
>>
>>
> Bryan, my SELinux context are different to yours. Check the following
> and if different do a restorecon -v '/usr/sbin/NetworkManager' and
> restorecon -v '/sbin/dhclient' to see if updated.

if you are noting the difference between NetworkManager_t and
NetworkManager_exec_t (etc...), it's supposed to be like that.

look at the other files in /usr/sbin...

most of them have a FOO_exec_t context.
when a binary labelled this way is executed, it performs a "domain
transition" like this:

FOO_exec_t -> FOO_t

i.e. processes in memory have different (but related) contexts to their
binary files....

Stuart
--
Stuart Sears RHC*
"It's today!" said Piglet.
"My favourite day," said Pooh.



This message was posted to the following mailing lists:
Hampshire LUG
Mailing List Info | Nearby Messages		<-Re: [Hampshire] I am a person not a PC...Re: [Hampshire] I am a person not a PC...->
Hampshire LUG Mailing List Archive administrated by WebmasterLurker (version 2.3)