SELinux Mailing List - NSA/CSS

Skip All Menus Skip Top Menu

Top Navigation Menus

Skip Research Menus

Research Menu

Research Security Enhanced Linux What's New Frequently Asked Questions Background Documents License Download Participating Mail List Archives Remaining Work Contributors Related Work Press Releases Information Assurance Research NIARL In-house Research Areas Mathematical Sciences Program Sabbaticals Computer & Information Sciences Research Technology Transfer Advanced Computing Advanced Mathematics Communications & Networking Information Processing Microelectronics Other Technologies Technology Fact Sheets Publications Related Links	Skip Search Box Searchbox SELinux Mailing List Re: booting in enforcing mode This message: [ Message body ] [ More options ] Related messages: [ Next message ] [ Previous message ] [ In reply to ] [ Next in thread ] [ Replies ] From: Rogelio Serrano <rogelio_at_smsglobal.net> Date: Sat, 10 Apr 2004 22:53:17 +0800 On 2004-04-10 22:22:59 +0800 Russell Coker <russell@coker.com.au> wrote: > On Sat, 10 Apr 2004 17:10, Rogelio Serrano > <rogelio@smsglobal.net> wrote: >> I can boot in enforcing mode now but there seem to be too many >> denials in my log. Which denials can be considered harmless? i >> can see a lot of ioctl, sys_tty_config and getattr. > > Show us a sample of the messages. > > When determining whether the denials are harmless it's usually > a matter of > the scontext and tcontext. > > As for sys_tty_config, in the transition to kernel 2.6.x the > handling of this > changed and lots of applications need it. I've considered > having the > daemon_base_domain() macro allow or dontaudit it. Most > applications that > request it don't seem to really need it (they work fine > without it). > I see. I think i have to remove some of those that i added. the hotplug scripts are the noisiest. i will fix /bin/login first. its the login fom util-linux 2.12 and im not using PAM. i need to label the tty properly. i can login but not into /User/Admin. login drops me into / then i can just "cd" and im in sysadm_home_dir. all home directories are in /Users and admins home dir is /Users/Admin alongside the other users. The context for /Users is system_u:object_r:file_t. Is that ok? Shouldnt it be root_t? Or should i create a totally new type. -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with the words "unsubscribe selinux" without quotes as the message. Received on Sat 10 Apr 2004 - 10:53:38 EDT This message: [ Message body ] Next message: Matthew J. Fanto: "Re: Logo Artwork for SELinux?" Previous message: Russell Coker: "Re: booting in enforcing mode" In reply to: Russell Coker: "Re: booting in enforcing mode" Next in thread: Rogelio Serrano: "Re: booting in enforcing mode" Reply: Rogelio Serrano: "Re: booting in enforcing mode" Reply: Russell Coker: "Re: booting in enforcing mode" Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]
	Date Posted: Jan 15, 2009 \| Last Modified: Jan 15, 2009 \| Last Reviewed: Jan 15, 2009

bottom