Summary: | devtmpfs support and SELinux issues | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | Sven Vermeulen (RETIRED) <swift> |
Component: | Hardened | Assignee: | Sven Vermeulen (RETIRED) <swift> |
Status: | VERIFIED FIXED | ||
Severity: | normal | CC: | selinux |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | sec-policy r10 | ||
Package list: | Runtime testing required: | --- |
Description
Sven Vermeulen (RETIRED)
2012-05-16 20:26:08 UTC
Privilege will be in -r10 fyi: failures seen when privilege not allowed: May 16 21:57:03 testsys udevd[1448]: matchpathcon(/dev/fd) failed May 16 21:57:03 testsys udevd[1448]: matchpathcon(/dev/stdin) failed May 16 21:57:03 testsys udevd[1448]: matchpathcon(/dev/stdout) failed May 16 21:57:03 testsys udevd[1448]: matchpathcon(/dev/stderr) failed May 16 21:57:03 testsys udevd[1448]: error getting socket: Permission denied May 16 21:57:03 testsys udevd[1448]: error initializing netlink socket May 16 21:57:03 testsys /etc/init.d/udev[1447]: start-stop-daemon: failed to start `/lib/udev/udevd' May 16 21:57:03 testsys /etc/init.d/udev[1426]: ERROR: udev failed to start When allowed, these failures are gone. Can't really find out why the failures occur (what attribute does kdevtmpfs want to set that is so important here - context?) but the fix is clear. Policy update is in hardened-dev overlay (r10) In main tree, ~arch'ed Stabilized |