more info

more info

[Shaun Savage]

[-- Attachment #1: Type: text/plain, Size: 239 bytes --]

During the load process I get

ss: loading .....
security: 5 users, 6roles, 391 types
security: 29 classes, 74171 rules
security: context root:sysadm_r:ipchains_t is invalid

Why/How is it invalid?

attached is the new ipchains.te

Shaun 

[-- Attachment #2: ipchains.te --]
[-- Type: text/plain, Size: 1194 bytes --]

#
# Authors:  Justin Smith <jsmith@mcs.drexel.edu>
#

role sysadm_t types { ipchains_t };
domain_auto_trans(sysadm_t, ipchains_exec_t, ipchains_t)

allow tripwire_t sysadm_tty_device_t:chr_file rw_file_perms;
allow tripwire_t sysadm_devpts_t:chr_file rw_file_perms;
allow tripwire_t sysadm_gph_t:fd inherit_fd_perms;
 
auditallow sysadm_t ipchains_t:process transition;
auditallow sysadm_t ipchains_exec_t:process transition;
auditallow sysadm_t ipchains_exec_t:file execute;

#
# Rules for the ipchains_t domain.
#
type ipchains_t, domain, privlog;
type ipchains_exec_t, file_type, sysadmfile, exec_type;
type ipchains_var_run_t, file_type, sysadmfile, pidfile;

domain_auto_trans(ipchains_t, insmod_exec_t, insmod_t)

domain_auto_trans(ipchains_t, ifconfig_exec_t, ifconfig_t)
file_type_auto_trans(ipchains_t, var_run_t, ipchains_var_run_t)
uses_shlib(ipchains_t)

# Inherit and use descriptors from init.
allow ipchains_t init_t:fd inherit_fd_perms;

allow ipchains_t bin_t:file { execute execute_no_trans };
allow ipchains_t ipchains_exec_t:file { execute_no_trans };
allow ipchains_t ipchains_t:capability { net_admin net_raw };
allow ipchains_t ipchains_t:rawip_socket { create setopt };

Re: more info

[Stephen Smalley]

On Wed, 16 Jan 2002, Shaun Savage wrote:

> During the load process I get
>
> ss: loading .....
> security: 5 users, 6roles, 391 types
> security: 29 classes, 74171 rules
> security: context root:sysadm_r:ipchains_t is invalid

This error is because you didn't authorize the ipchains_t domain for the
sysadm_r role, due to your typo (sysadm_t instead of sysadm_r).  From the
perspective of the security server, you just defined a new role named
sysadm_t that is authorized for ipchains_t.  Roles and types exist in
separate namespaces, so this doesn't show up as a policy compiler error.

--
Stephen D. Smalley, NAI Labs
ssmalley@nai.com




--
You have received this message because you are subscribed to the selinux list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.

more info

[Guilhem Tardy]

Hi all,

Could anyone point to me a reference for the following (or explain to me
directly what is the purpose of each of those functions) in the PCM module:

	prepare:	snd_xxxx_capture_prepare,
	trigger:	snd_xxxx_trigger,
	pointer:	snd_xxxx_pointer,
	copy:		snd_xxxx_capture_copy,
	silence:	snd_xxxx_capture_silence,

Plus, what is the fifo size (e.g. on the card)?

Thanks,
Guilhem.


__________________________________________________
Do You Yahoo!?
Yahoo! Games - play chess, backgammon, pool and more
http://games.yahoo.com/

Re: more info

[Paul Davis]

>Could anyone point to me a reference for the following (or explain to me
>directly what is the purpose of each of those functions) in the PCM module:
>
>	prepare:	snd_xxxx_capture_prepare,
>	trigger:	snd_xxxx_trigger,
>	pointer:	snd_xxxx_pointer,
>	copy:		snd_xxxx_capture_copy,
>	silence:	snd_xxxx_capture_silence,

search for "prepare" and "trigger" in the archives, and you should find
takashi's basic explanation of what the functions do. then come back
and ask more specific questions. 

>Plus, what is the fifo size (e.g. on the card)?

i'm not sure its relevant for cards with DMA. can't tell you more.

--p